lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <3F50B78E.6020902@swynwyr.com>
From: gowen at swynwyr.com (Greg Owen)
Subject: The Jeffrey Parson criminal complaint is online

Richard M. Smith wrote:
> http://news.findlaw.com/nytimes/docs/cyberlaw/usparson82803cmp.pdf

Great link.

Items of particular interest:

Page 9, lines 6-8: "Since dl.t33kid.com is a copy of www.t33kid.com, it 
also can be used to capture IP addresses of compromised computers."

Isn't that reaching a bit, since the worm doesn't apparently know about 
dl.t33kid.com?

Page 10, lines 10-11: "Microsoft expended significant internal and 
external (e.g., contracted) resources to respond to the DDos attack 
launched by JEFFREY LEE PARSON."

Page 6, lines 12-14: "Within three days, Blaster had infected an 
estimated one hundred thousand to two hundred thousand computers.  By 
August 15, 2003, estimates were as high as more than one million 
infected computers."

Page 16, lines 16-18: "...at least 7,000 individual Internet users' 
computers were compromised by the variant of the Blaster worm that was 
released by JEFFREY LEE PARSON."

So, it sounds like he's responsible for 7,000 out of 100,000 to 
1,000,000 infected computers.  Unfortunately for him, he's the one 
stupid enough to use his handle in the code, so he's the one that shows 
up on CNN as the culprit for everything.

While I do not wish to give the impression that I condone or mitigate 
the damage done by Parson's variant, I suspect he's going to get held 
responsible for the overall worm while interest in finding the original 
culprits wanes.

-- 
         gowen -- Greg Owen -- gowen@...nwyr.com
         79A7 4063 96B6 9974 86CA  3BEF 521C 860F 5A93 D66D


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ