FBI Claims To Have Tracked Down Blaster Creator
from the not-bad... dept
All week I’ve been reading stories about how difficult it is to track down virus and worm writers, and how it was unlikely the FBI would ever find those responsible for the Blaster or SoBig infections. However, now the FBI claims to have tracked down an 18-year-old author of Blaster, and plan to charge him sometime in the near future. There’s not much in the way of details, but they claim he wasn’t the original author – but took the original code and made it much more damaging. The FBI has also been claiming elsewhere that they’re positive they’ll find the SoBig author as well. Hopefully, they’re right. Update: The FBI has released more details. It’s an 18-year-old kid from Minnesota who has apparently admitted to creating the worm. Apparently, he designed the worm to communicate back to his own website, so he could know how far it traveled, which is probably how he got caught. Also, from this article, it doesn’t sound like this version of the worm did all that much damage compared to the other versions. It looks like the FBI might be hyping this catch up beyond what is deserved. The original creator of the worm is still out there.
Comments on “FBI Claims To Have Tracked Down Blaster Creator”
Hopefully, they're right
Whoa, wait a minute.
Some kid writes a replicating app that successfully shows off how badly-written some of the most used apps really are, and also shows us how stupid we are as people, and you want him tried as a criminal?
Is it the illumination of our own failings that is so offensive, or the embarrassment that we’re still as stupid as our caveman ancestors?
Is that punishable? Can we also, then, try the idiot sysadmins that deployed such terribly-written software in mission-critical positions and then managed them so poorly so as to all but beg for the whistle-blowing this is?
IMHO, this guy should be hailed as a hero, for pointing out so many security problems on so many systems in such a short period of time. We revere the white-hat, but want to prosecute this kid, and the only difference is that we personally were affected by our own pathetically bad choice in servers and user-agents.
Let he without sin cast the first stone….
Re: Hopefully, they're right
Hero? Are you nuts? Do you realize how much money this guy caused companies. This could cost jobs. He’s a punk who should be thrown to the wolves.
Re: Re: Hopefully, they're right
Hero? Are you nuts? Do you realize how much money this guy caused companies. This could cost jobs. He’s a punk who should be thrown to the wolves.
This guy is no hero, but I’d be surprised if the number of jobs lost by blaster was anything above 0. Most companies now calculate the cost of cleaning up these things into their annual budget, which means that you and I, the end customer of their products, foots the bill for these things.
And while I like fresh meat as much as any of my wolf brothern (though we’d much rather hunt it instead of being given it,) throwing an 18 year old to the wolves is not the answer either. There is a real descrepency now in our legal system in regards to sentencing guidelines, so much so that the taking of a human life often lands you 5-10 years in jail, where taking down a computer could give you 20 to life. While human life may be that cheap in other countries, it shouldn’t be here.
Instead the justice system should be looking for more creative, more difficult, and yet more rewarding sentencing guidelines for these types of crimes (instead of throwing this 18 year old as a felon into a system which will only result in him becoming an even harder criminal in the future.) A system which forces the individual to pay for his crime through means which he is obviously more technically qualified to do than make license plates.
Re: Re: Re: Hopefully, they're right
I agree. Why should this kid go to jail for more time than someone who kills a human life ?
It really shows how little value we as humans put on life.
Re: Hopefully, they're right
Whoa, wait another minute. This kid (or whoever originally wrote blaster) probably did not discover the security problem on their own; more likely they worked from the information/patch that was released in July. He’s no hero–just an upscale script kiddie using a known exploit and counting on people being too lazy, complacent, etc to patch their systems.
I don’t think we want to go with the note on the door, either–I can see it now…
subject: microsoft rpc vulnerability
message body: patch your system! Oh, and buy some penis pills!
Re: Hopefully, they're right
No. That’s simply wrong.
If I leave my door unlocked, and someone comes into my house and smashes up the furniture – they’re the ones who should get blamed for it.
If they wrote me a note, and said “hey, we can tell that your door is unlocked, and you should probably lock it” it would be a different story.
If you can’t tell the difference between the two, then you’ve got some serious problems.
It’s not as though this doesn’t mean Microsoft should make their system more secure, and it’s not as though sysadmins shouldn’t learn from this, but thanking the guy who *actively* and maliciously did damage, you’re being ridiculous.
Re: Re: Hopefully, they're right
What if you had to change the lock on your house twice a week, every week just to keep it locked? If you were one lock back and your house was broken in to would it be your stupidity? Or would the system of how locks are secured and updated need to be changed?
Re: Re: Re: Hopefully, they're right
VERY WELL SAID !
Re: Re: Re: Hopefully, they're right
You’re missing the point. No one is saying Microsoft shouldn’t be responsible for fixing their product. No one.
What everyone is saying is that the guy who went in and smashed up all the furniture is ALSO quite responsible. He actively and maliciously destroyed things.
There’s a HUGE difference between pointing out that your door is unlocked and smashing up all the furniture in your house.
Re: Re: Re:2 Hopefully, they're right
The only thing destroyed were the egos of Net Admins and the lost productivity of employees.
Re: Re: Re:3 Hopefully, they're right
The only thing destroyed were the egos of Net Admins and the lost productivity of employees.
Which is expensive, don’t get me wrong. The fact that there are now 8 people where I work devoted full time to investigating the Blaster infections, means that others will have to be hired to take their other jobs on. However, there are folks who believe, even here, that these folks should be jailed for life, or even worse (under the Patriot Act,) for taking down a few million machines and destroying productivity.
Hell, I destroy productivity on a daily basis (though through truely legal means,) by hurting net admin’s egos and forcing them to fix their boxes (as well as helping them fix the machine, and offering tips and techniques to make fixing the machine easier and more affordable,) but the difference between myself and these folks is that I am paid to do this, and they do it illegally.
Egos need to be hurt sometimes…but to utterly distroy an individuals life by labelling them a felon, which means they can no longer hold a real job, and no longer vote/serve on a jury/etc., means the only thing they will ever be good at is being a criminal, that is redicuolous. Yes, a few do make enough money to support themselves, but most return to a life of crime because there really isn’t any other way to make a living.
Sorry, this discussin hit a chord close to my heart.
Re: Re: Re:4 Hopefully, they're right
but to utterly distroy an individuals life by labelling them a felon, which means they can no longer hold a real job, and no longer vote/serve on a jury/etc., means the only thing they will ever be good at is being a criminal, that is redicuolous.
I have to say that I believe you have put this very well !
Re: Re: Re:4 Hopefully, they're right
I absolutely agree that our current criminal justice system is screwed up royally. It’s very much focused on punishment and not rehabilitation, which is unfortunate.
Of course, that doesn’t change the fact that those responsible for setting loose these viruses should be caught.
It just means that the punishment should be different.
Who is to blame ?
Its a joke that an 18 year old can put egg on the faces of multinational corporations.
Has anyone considered that maybe, just maybe Mr. Gates should be forced to pay up for continually selling faulty products ?
GM has to recall faulty cars ?
Why does Microsoft get to shift the blame continually ?
Yet everyone wants to burn this 18 year old at the stake and he did not even write the virus, just modify it.
18 year old kid
what at idiot– doesn’t everyone know to do all their crimes *before* they can be tried as an adult?
I know I did.