Aces High Bulletin Board
General Forums => The O' Club => Topic started by: Gunslinger on May 09, 2004, 01:04:14 PM
-
What ever happend to the exploding bag of dog poop....TPing a house or knocking over ones trash cans. Kids now a days have the ability to bring the world to its knees
Jetzt gehen Sie ohne irgendein Abendessen schlafen
http://www.msnbc.msn.com/id/4928653/
Authorities: Teen confesses to creating ‘Sasser’
Worm infected thousands of computers worldwideThe Associated Press
Updated: 2:46 p.m. ET May 08, 2004HANOVER, Germany - A German high-school student has confessed to creating the “Sasser” worm that generated chaos across the globe by infecting hundreds of thousands of computers, authorities said Saturday.
advertisement
The teenager, whose name was not released, was arrested Friday in the northern village of Waffensen, where he lives with his family. In a search of the suspect’s home, German investigators confiscated his customized computer, which contained the worm’s source code.
“As a result of the student’s detailed testimony about the viruses he spread, he has been identified clearly as the author,” the state criminal office in Hanover said in a statement. Spokesman Detlef Ehrike said he is being investigated on suspicion of computer sabotage, which carries a maximum sentence of five years in prison.
After being questioned, the teenager was released pending charges.
The worm raced around the world over the past week, exploiting a flaw in Microsoft’s Windows operating system.
(MSNBC is an NBC News - Microsoft joint venture.)
Microsoft said informants contacted it on Wednesday, offering information about the worm’s creator. The company’s investigators worked with German authorities, the FBI and Secret Service agents, tracing the virus by analyzing its source code, said Brad Smith, Microsoft’s top lawyer.
Smith did not say how many people came forward or explain how they got their information.
“These were individuals who were aware of who the perpetrator was,” he said in a conference call. “They did not stumble on this simply through technical analysis.
Unlike many infections, Sasser does not require users to activate it by clicking on an e-mail attachment. Once inside, the worm scans the Internet for others to attack, causing some computers to continually crash and reboot.
The teenager told officials that his original intention was to create a virus called “Netsky A” that would combat the “Mydoom” and “Bagle” viruses, removing them from infected computers. In the course of that effort, he developed Sasser.
“The student did not give any thought to the resulting consequences or damage,” investigators’ statement said.
Disruptions worldwide
On Monday, the worm hit public hospitals in Hong Kong and one-third of Taiwan’s post office branches. Twenty British Airways flights were each delayed about 10 minutes Tuesday due to Sasser troubles at check-in desks. British coast guard stations were forced to use pen and paper for charts normally generated by computer.
Sasser is known as a network worm because it can automatically scan the Internet for computers with the security flaw and send a copy of itself there.
Four versions
The German government’s information technology security agency said there were four versions of Sasser.
“The first version was amateurish,” spokesman Michael Dickopf said. However, the others “were clearly different in the damage they caused.”
Police said the German teenager was responsible for all the versions, in addition to variants of the Netsky virus.
Microsoft investigators told the informants, who had asked whether they would be eligible for a reward, that they would consider paying $250,000 if the information led to the arrest and conviction of those responsible. Smith said the arrest was a sign that such rewards work.
“We believe this is an important step forward in the industry’s ability to fight malicious code on the Internet,” he said.
-
Maybe he will write a book in prison....
-
Maybe he will write a book in prison....
I thought that was more of an Austrian thing to do.
:p
-
How dare you make light of my struggle.
-
He is not in prison - but he will have to pay al lot of money for his actions. The rest of his life...
-
Originally posted by babek-
He is not in prison - but he will have to pay al lot of money for his actions. The rest of his life...
And tons of people still pay microsoft for Windiot...
I don't see why he should pay the rest of is life for an microsoft flaw and incompetence, add to this the lack of the minimal knowledge and protection by the users.
-
Originally posted by straffo
And tons of people still pay microsoft for Windiot...
I don't see why he should pay the rest of is life for an microsoft flaw and incompetence, add to this the lack of the minimal knowledge and protection by the users.
Let's compare Windows to Citron. Windows has some design flaws, so do Citrons. If I were to sabotage a Citron aftermarket mass produced part that exploited a flaw in the car, causing the car to die or crash, who should be held responsible?
EVERYTHING can be sabotaged!
eskimo
-
Sure everything can be badly designed but I think Microsoft got a team to be sure.
But this particuliar flaw exist since long.
I'm also pissed because microsoft spent million in ads instead o f research
And know my boss is sure we need to "upgrade" some computers to Winblows knowing that :
-The OS is collection of the more rotten and badly designed software.
-Lack of reliability will be my responsabilty and I'll be only the one having the head removed in the announced catastrophe.
The sabotage is not the part I'm affraid off , it's something I can live with.
But bad design in the heart of the system ,that irrate me .
-
I have to say....even w/ the security flaws......I've been very happy with Windoes XP.
-
Well I don't think you have a computer serving thousands of customer per day not having been offline 1 minute in 6 years :)
That's the challenge :)
-
winXP is a step back from win2k imo. Free BSD and OSX Panther are my favs.
HAND
-
Originally posted by eskimo2
Let's compare Windows to Citron. Windows has some design flaws, so do Citrons. If I were to sabotage a Citron aftermarket mass produced part that exploited a flaw in the car, causing the car to die or crash, who should be held responsible?
EVERYTHING can be sabotaged!
eskimo
I think you should be held responsible.
-
I don't see why he should pay the rest of is life for an Microsoft flaw and incompetence, add to this the lack of the minimal knowledge and protection by the users.
because it wasn't so much a flaw as MS missing an angle that an a-hole like him could use to attack people for no damn reason.
your logic kinda astounds me. it's like thinking a burglar should go free and the lock maker should pay, if the burglar finds a way around the lock.
actually if you really consider it the amount of time and effort that MS puts into securing you from vandals and thieves, and their speed at responding when a vulnerability is found is pretty damn impressive. continuing to find and fix issues on your product long after it's bought.
imagine if every time someone figured a new way to brake into your car, the car manufacturer figured out a solution and offered to fix the issue on your car within the week for no extra charge.
btw- IIRC, the fix was issued before this attack, and I believe it only hit machines that weren't updated. that being the case the user is much more responsible for the problem than MS, with the punk who wrote the virus being much more responsible than either.
-
More competition for OS's would be nice, then you would have to find a flaw in every one of them. All your eggs in one basket so to speak. The monopoly MS holds in the form of it's OS is not allowing a better OS to be made.
-
Originally posted by eskimo2
Let's compare Windows to Citron. Windows has some design flaws, so do Citrons. If I were to sabotage a Citron aftermarket mass produced part that exploited a flaw in the car, causing the car to die or crash, who should be held responsible?
EVERYTHING can be sabotaged!
eskimo
It's a bit more difficult to get to millions of Cintrons in home around the world.
-
Broadband ISPs should require and provide a firewall with every dsl or cable modem. They are so cheap there is no excuse not to.
-
What usually leads to this is a combination of things.
- Poor OS choice on the part of the user. MS holds a monopoly on the OS, but it is still up to a user to select which OS to use. There are other OSs out there (Linux, BSD, Solaris, etc). They may require more knowledge and time to administer and may cost more, but that's the trade off. The ultimate choice is still consumers'.
- Patches not being applied on time. And this can be for various reasons. The top one is ignorance ... most people have no idea how to do it and don't bother to learn. Second is chance of destabilizing the system that currently works.
- Either not running or misconfiguring the firewall and antivirus. The software is there and a combination of FW and AV can lock down a system pretty tight. And I don't mean using MS poor excuse for a firewall. ;) Again, lack of knowledge.
What MS should do is offer some money to those that discover vulnerabilities and let MS know. May be that would get some of the creative thinkers out there to let MS know about a vulnerability instead of writing a virus, a trojan, or a worm.
-
Well beter that miscief than that of an earlier generation... :D
-
Originally posted by capt. apathy
btw- IIRC, the fix was issued before this attack, and I believe it only hit machines that weren't updated. that being the case the user is much more responsible for the problem than MS, with the punk who wrote the virus being much more responsible than either.
I read an article a while back about hackers getting lazy. They wait till security patches and such get released....take a look at them....create somthing nasty...than goin after people that havnt patched their systems.
-
Originally posted by Gunslinger
I read an article a while back about hackers getting lazy. They wait till security patches and such get released....take a look at them....create somthing nasty...than goin after people that havnt patched their systems.
So true...
capt. apathy , I'm pissed by both but more by microsoft which left blatant security holes in their OS in the part they should test strongly because it's one of the more the important part !
actually if you really consider it the amount of time and effort that MS puts into securing you from vandals and thieves, and their speed at responding when a vulnerability is found is pretty damn impressive. continuing to find and fix issues on your product long after it's bought.
If you find microsoft is fast at answering at security concern it's IMO because you don't have worked with other OSes like AIX ,OSF,Solaris etc ... otherwise you will find microsoft quite slow !
Plus in the case of that others OSes you generaly got patches before it's to late !
-
Originally posted by straffo
Plus in the case of that others OSes you generally got patches before it's to late !
I don't know much about other operating systems so you may be right on that part. but in every story or announcement on this latest virus it says the patch has been out for awhile. so they did in-fact have it out before it was too late. they even took steps to make this patching process fool-proof by equipping the OS with an auto-update, that alerts you when a new patch is necessary.
a lot of people, myself included, dis-able this. but I don't have a lot of sympathy for people who dis-able an auto feature to gain a bit more resources, but then blow off keeping track of the updates on their own.
kinda like blaming ford if your engine gives up after you blew off changing the oil for the last 80k miles.
I'm not saying these people deserved to have their systems attacked, they didn't. but if they feel the need to start handing out blame to anyone other than the actual offender here, they should be sure to serve themselves up a nice big slice before they hand out anymore.
-
Well I admit I'm biased and sensitive on this subject because I've to do an "upgrade" of a production machine just to please some technical impaired manager who think that Windows help increase performance and reliability.
so far he is wrong , and their won't be any benefit after the upgrade :(
In fact it will be exactlty the opposite !
-
hey Gunslinger, "Those Darn Pesky German Teenagers " because
of just one 18 year old genius, blame all ? lol
*shaking head*
-
Originally posted by capt. apathy
btw- IIRC, the fix was issued before this attack, and I believe it only hit machines that weren't updated. that being the case the user is much more responsible for the problem than MS, with the punk who wrote the virus being much more responsible than either.
Yup.. just like with RPC whatever virus.
I've dodged all of these by checking windows update service AT LEAST once a month.
If there are no updates, it'll only takes about a minute of my precious time.
If updates exists, then I can just as well download & install those while I work on something else.
Whole process perhaps takes whopping 10 minutes of working time every month and lots of disasters are avoided.
Amazes me how big companies/institutions, even those which are in very responsible position in the community, do not check for updates even over time of several months! (when the RPC virus first time appeared, an update had been available for several months and still many important computers were infected)
..and you can also have automatical updates! :rolleyes:
So really.. good part of the responsibility should be also on the users of infected computers in this kind of cases.
-
i have never had a virus or worm and im suprised that someone actually can get one. you have to be pretty lax or stupid to get one if you just do a minimum of maintnance of your av and win + dont open things you get in mails.
there really is no need for av software either if you just use your head.
-
Originally posted by Gh0stFT
hey Gunslinger, "Those Darn Pesky German Teenagers " because
of just one 18 year old genius, blame all ? lol
*shaking head*
Sorry if you are a German teenager.....the posts title was in fact an attempt at sarcasm
-
Cyberterrorism.
-
No more worries, the sasser virus creator has been...captured, as you might have heard, it was a German guy.
has anyone noticed Solas hasn't posted in a while? :D
-
Originally posted by gofaster
Cyberterrorism.
Except it isnt politically motivated and hardly made to create terror...
-
Originally posted by Nilsen
i have never had a virus or worm and im suprised that someone actually can get one. you have to be pretty lax or stupid to get one if you just do a minimum of maintnance of your av and win + dont open things you get in mails.
there really is no need for av software either if you just use your head.
If you live in the US, have a broadband connection, and don't have a firewall (either software or hardware), your chances of getting a worm are VERY high. Patches from MS are after the fact. Everyone with a broadband connection should have a hardware firewall, they cost as little as $20, are easy to set up, and can save you a world of grief.
-
I'm new to the whole broadband thing but I have a question. I have a lynxus router that has a built in firewall. That's what networks my two computers. Does that provide me a good amount of protection?
-
Originally posted by Gunslinger
I'm new to the whole broadband thing but I have a question. I have a lynxus router that has a built in firewall. That's what networks my two computers. Does that provide me a good amount of protection?
Definitely. A knowledgeable and determined hacker could get past it but who is going to expend that kind of effort to get into your home PCs? It'll prevent any worm from getting to ya. Of course that assumes you don't map ports from the router to your internal boxes.
-
Originally posted by AKIron
Definitely. A knowledgeable and determined hacker could get past it but who is going to expend that kind of effort to get into your home PCs? It'll prevent any worm from getting to ya. Of course that assumes you don't map ports from the router to your internal boxes.
nope...I did a standard set up on it and far as I know I dont have any programs that have specail access to it nor do I have and "exceptions" features. I have to say it works rather well
-
lol Frank..... I bet my butt that in 1 month we will get another remote exploit in M$ nomatter who will they arest.
Author should be avarded for graet work and people whitch are pissed off should have a speach with manufacture of their OS.
Sutch crappy OS should be banned in govermental sphere.
-
Originally posted by AKIron
If you live in the US, have a broadband connection, and don't have a firewall (either software or hardware), your chances of getting a worm are VERY high. Patches from MS are after the fact. Everyone with a broadband connection should have a hardware firewall, they cost as little as $20, are easy to set up, and can save you a world of grief.
Yeah, firewalls are a must. Btw.. you dont need to live in the US to have broadband mr ;) There is no difference in the ammount of virus or "intruder" attempts in the US vs the rest of the world.
-
Well actually you're right, what can we do about it? If he doesn't do it, some other kid will 'stumble' down to another virus :)
Actually it has a nice ring to it, reading the newspaper and seeing your own little virus has just smashed a small government :lol
-
Personally I would like to see all these little donutheads who have nothing better to do then write virus' have their nuts nailed to the floor. Maybe that would give them something better to do.
-
Originally posted by Nilsen
Yeah, firewalls are a must. Btw.. you dont need to live in the US to have broadband mr ;) There is no difference in the ammount of virus or "intruder" attempts in the US vs the rest of the world.
I only qualified my statement for the US as it seemed you were saying that worms aren't a problem where you live. No idea what measures are taken by ISPs in other countries or if they are as wide open as they are here in the US.
-
microsoft will probably hire him in an effort to monopolize the hacker industry LOL
-
microsoft will probably hire him in an effort to monopolize the hacker industry LOL
-
microsoft will probably hire him in an effort to monopolize the hacker industry
-
is their an echo in here? lol
-
Arrggggggghhhh...just spent 2 hours getting rid of sasser d off my computer.
Little German banana.
At least it didn't do any serious damage that I can see.
-
ooops sowwy dont know why it did that!
-
Originally posted by Gunslinger
is their an echo in here? lol
it's not an echo , it's an hack attempt :D
-
Originally posted by AKIron
I only qualified my statement for the US as it seemed you were saying that worms aren't a problem where you live. No idea what measures are taken by ISPs in other countries or if they are as wide open as they are here in the US.
Hehe, i dont think worms see national borders as a huge barrier for their travel plans. I can say that ISPs are prolly no better here than in the US when it comes to stopping them :D
-
Apparently his computer studies teacher gave him a B minus for his last year and he was considered to be only average in his class.........MS better get down there with a hiring team!!
-
ouch :eek:
-
Originally posted by Mighty1
Personally I would like to see all these little donutheads who have nothing better to do then write virus' have their nuts nailed to the floor. Maybe that would give them something better to do.
personaly i belive that you are communist
-
Personally I agree with Mighty1...and I'm no communist, just a victim of the sasser d virus. String him up I say!
-
you are vicim of your arogant developer, whitch selling Product w/o any waranty
-
Cyberterrorists always blame the victim for allowing themselves to be hurt through devious means.
-
while we are on the subject, a new security update for xp is out this morning. update now so we don't hear you whin next week.
-
yeah and now im cyber terrorist WTG gofaster :D
btw that german BOY were 18 years old....
18 years old baby can kick 18 mil. of arses in few days... WTG
If you cant drive a car, dont use a car.
If you cant hadle with computer, dont use computer.
In both cases you are dangerous to other users.
-
Originally posted by lada
yeah and now im cyber terrorist WTG gofaster :D
btw that german BOY were 18 years old....
18 years old baby can kick 18 mil. of arses in few days... WTG
If you cant drive a car, dont use a car.
If you cant hadle with computer, dont use computer.
In both cases you are dangerous to other users.
yeah right
more like don't drive if you don't want to take the chance a drunk driver will hit you
the cornhole kid needs to be punished to set an example. the punk cost $$$millions, and you say wtg - expect nothing less from you
-
Originally posted by lada
yeah and now im cyber terrorist WTG gofaster :D
btw that german BOY were 18 years old....
18 years old baby can kick 18 mil. of arses in few days... WTG
If you cant drive a car, dont use a car.
If you cant hadle with computer, dont use computer.
In both cases you are dangerous to other users.
You seem to be suggesting that I cannot handle a computer because I got hit with the virus, or at a minimum I should not be allowed to use a computer?
What a very STUPID thing to suggest.
-
Originally posted by Fishu
Except it isnt politically motivated and hardly made to create terror...
Don't give it away. If we call it terror, we can find ways to fund the fight against it and also use the Patriot Act as a cudgel.
-
Originally posted by Curval
and I'm no communist
The fact you haven't got a location makes you pretty suspicious ;)
-
thats 'cause everybody already knows where he lives. there's only so many places you can get away with wearing pink shorts to work. :p
-
Right when I thought that was only possible in Holland...