Winters 1 Posted September 3, 2003 These guys who make these viruses should be dealt with harshly BUSTED Share this post Link to post Share on other sites
bn880 5 Posted September 3, 2003 I agree, it's one thing to experiment with this stuff, but coding in features that you KNOW will disrupt other peoples work/operations is totally criminal. (especially on this scale where it spreads through e-mail) Share this post Link to post Share on other sites
kegetys 2 Posted September 3, 2003 He only made a variant, which means that he just took the original one and changed it a bit, sucks for him to get the blame of people thinking that he started the whole thing. Of course, the real source to blame is this, the hole Blaster uses is just ridiculous. Someone said it quite well, Microsoft splashed the whole world with fuel and someone with a match light up the whole thing. Share this post Link to post Share on other sites
bn880 5 Posted September 3, 2003 Oh yeah, like the hole for blowing up cars is that you can open the gas cap and throw a match in. No way, there is a whole lot of wrong you can do if you look hard enough. The one who is to blame is the one who made/spread the worm. Are you going to blame your parents that someone can kill you with one punch? No you will blame the one who does it. (of course Microsoft needs a culture change like NASA and produce better quality... but that's no criminal blame) Share this post Link to post Share on other sites
kegetys 2 Posted September 3, 2003 The one who is to blame is the one who made/spread the worm. All users who were infected also spread it around... Not knowingly of course, but they were living in a false assumption that their system is safe. Microsoft wants to be in a monopoly, they want everyone to use their products everywhere, but they want to take no responsibility of anything that happens because of their bad coding and poor security design. So I think they are responsible also. Imagine if some car brand, say, Toyota for example suddenly found out that all the locks on their all car models can be opened with a screwdriver in one second and the news of this would spread around and everyone would be stealing toyota cars. I'm sure Toyota owners would sue Toyota and require money for their damages, as the lock did not work as expected and advertised. It wouldnt make the people stealing the cars innocent, but it would make toyota partially guilty. Share this post Link to post Share on other sites
Gourka 0 Posted September 3, 2003 He only made a variant, which means that he just took the original one and changed it a bit, sucks for him to get the blame of people thinking that he started the whole thing. Exact. One more time the wrong guy, but the best profile to do an exemple. And the second cause of the spread is the basic knowledge of users clicking like hell on every files attached with email If I am correct the blaster used an open port on your system (135 RPC)? and send it back DDOS attack to the site microsoft update. So nothing to do with email but security port. If you don't know you have a server running in background to speak with MSUpdate (port 1900,5000). Never seen a MS windows update page opening when start your nice IE Share this post Link to post Share on other sites
Donnervogel 0 Posted September 3, 2003 I think the original maker of the worm should be awarded with a medal. He showed how easy it is to damage a windows based computer system and he showed users the importance of keeping the system updated. The worm didn't do much dammage but it made people wake up before someone used the hole to do worse things. I thank him for that. Everybody had the opportunity to avoid the worm. I don't see why someone should be punished because most windows users are too lazy to install a patch that was available months before the attack and because some Microsoft programmers caused that silly security hole. All in all a good thing in my opinion. A wake up call before someone decided to erease peoples harddiscs through that hole. Share this post Link to post Share on other sites
bn880 5 Posted September 3, 2003 Just so you know, Unix/Linux based systems can be penetrated also... and it aint so hard. Share this post Link to post Share on other sites
Donnervogel 0 Posted September 3, 2003 Just so you know, Unix/Linux based systems can be penetrated also... and it aint so hard. Â Well I was protected from the worm by my linux gateway. So I guess it would require another variant to do so. EDIT: The Gateway was hacked too a bit later but that was my fault cause I deactivated all security for some time. Share this post Link to post Share on other sites
kegetys 2 Posted September 3, 2003 Just so you know, Unix/Linux based systems can be penetrated also... and it aint so hard. Â Sure, a computer system is never secure as long as its designed by people and is used by people. Share this post Link to post Share on other sites
bn880 5 Posted September 3, 2003 Just so you know, Unix/Linux based systems can be penetrated also... and it aint so hard. Well I was protected from the worm trough my linux gateway. So I guess it would require another variant to do so. The worm was designed specifically for Windows, incidentally I was protected by my XP gateway. I'm not joking. @Kegetys, I agree with your last post, people is the key word to getting into any system. And people are not about to change in the near future. Share this post Link to post Share on other sites
Winters 1 Posted September 3, 2003 I knew it was a variant of the blaster but you cant edit your post title. As for me i was protected due to the fact that i use WIN98SE and i NEVER open any files that i did not know were coming ahead of time. There are easier ways to prove a system is faulty without having to resort to malicious means. Share this post Link to post Share on other sites
Donnervogel 0 Posted September 3, 2003 I knew it was a variant of the blaster but you cant edit your post title. As for me i was protected due to the fact that i use WIN98SE and i NEVER open any files that i did not know were coming ahead of time.There are easier ways to prove a system is faulty without having to resort to malicious means. The worm wasn't spreading trough E-Mail attachments. It was "randomly" attacking IPs and could get into your system without your involvement. That's why the whining was unusually loud this time ;) Share this post Link to post Share on other sites
Winters 1 Posted September 3, 2003 Well, i meant thats what i always do as a general practice anyway. Hair Splitters Share this post Link to post Share on other sites
Major Fubar 0 Posted September 3, 2003 Throw the book at the punk...lock him in a cell with a real criminal! After he has to call a 300lb gorilla named Bubba his "husband", he might think twice about trying to f**k up people's PCs again... Share this post Link to post Share on other sites
Winters 1 Posted September 4, 2003 Hey, thanks for fixing the title for me Share this post Link to post Share on other sites
Nathanz 0 Posted September 4, 2003 Throw the book at the punk...lock him in a cell with a real criminal! After he has to call a 300lb gorilla named Bubba his "husband", he might think twice about trying to f**k up people's PCs again... haha thats a great idea Share this post Link to post Share on other sites
Schoeler 0 Posted September 4, 2003 Throw the book at the punk...lock him in a cell with a real criminal! After he has to call a 300lb gorilla named Bubba his "husband", he might think twice about trying to f**k up people's PCs again... Fubar, you're awesome! I couldn't agree more. Throw the kid into a federal prison for 6 months and then interview him when he gets out and ask him if it was worth it. Let all the other hacker/wankers see what its like to be someone's love muffin for a while. Share this post Link to post Share on other sites
der bastler 0 Posted September 4, 2003 Where's the problem? The exploit was announced months before W32Blast's activity, even the update patch from Microsoft was available months before W32Blast's activity. A simple packet filter would've prevented an infection, but it seems that there are hundred thousands of people out there who did not care about their systems. XP got a built-in packet filter, but many switched it off! XP got an auto-update function, but many switched it off! Arrogance? Ignorance? Now these guys are crying and call for severe ("draconian") punishment. But imo most of them are guilty as well: "gross negligence". And for Unix/Linux: My Systems weren't affected, because you need to run a RPC/DCOM daemon to be a target and even then the effect would be a denial-of-service of this service resulting in a shutdown of the RPC/DCOM process --not the entire system... But it was funny to watch my fli4l-router (www.fli4l.de) rejecting packets on port 135 tcp and port 137 tcp. One could've drawn a map of infected address spaces... Conclusion: With a simple firewall (e.g. packet filter or external router) and/or the early announced patch W32Blast would've been no problem. Microsoft's problems: * Default settings are horrible --everything's open! * every platform-independent standard (e.g. w3c, xml, java) is/will be corrupted by so-called Microsoft standards to prevent people from using other systems * Windows tries to be easy, but that leads to mis-/uneducated users (seems there are enough people who open unknown attachements -> SoBIG) * Microsoft tries to put everybody else out of business; Remember DR-DOS and the urban legend of it's incompatibility? Typical Microsoft FUD: fear, uncertainty, doubt. Remember Netscape? Anyway, the resulting "monoculture" of unsecure designed operating systems provides a perfect playground for viruses and worms * Ever read the EULA? At least it's immoral... Share this post Link to post Share on other sites
theavonlady 2 Posted September 4, 2003 Now these guys are crying and call for severe ("draconian") punishment. But imo most of them are guilty as well: "gross negligence". Hmmmmmmmm. Maybe PC users should be licensed. Share this post Link to post Share on other sites
theavonlady 2 Posted September 4, 2003 They caught another one, this time in Romania. Share this post Link to post Share on other sites
