| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: jasonc at science.org (Jason Coombs) Subject: Authorities eye MSBlaster suspect <mds@...ices.org> wrote: > > OK, they nabbed a nickel-bagger come on, the guy is a lot closer to a lovesick youth who couldn't resist carving his initials in Windows when he saw the chance than he is to a drug dealer. we don't know, and chances are that the FBI *cannot* know, whether this person infected any computers other than his own with his "I LOVE YOU SAN!" "billy gates" variant. Even if he confesses, I want to see the transcript or videotape of the interrogation -- I can just see the FBI asking him "so you admit to obtaining a copy of the Blaster worm and using an editor to tamper with it, inserting your own messages to Bill Gates and your girlfriend?" "yes." "and you also admit to sending your worm to other computers using the Internet?" "yes, I sent copies of the worm to other people using the Internet." in computer forensics it's very common for smart, and even well-trained people, to talk to each other each thinking they understand what is being said but neither of them bothering to clarify the technical details... if he made the modifications and gave the modified worm to other people but didn't cause it to infect anyone else's computers, then what crime is he guilty of exactly? criminal misuse of a hex editor? we're not under arrest so it's easy for us to convict the suspect based on the premise that he modified the binary therefore he's guilty of attacking computers with it, but most of us had a copy of the binary long before he did and many of us gave copies to other people... let's not jump to conclusions and revoke this person's civil, constitutional, and human rights. -----Original Message----- From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of Paul Schmehl Sent: Saturday, August 30, 2003 6:12 AM To: full-disclosure@...ts.netsys.com Subject: Re: [Full-Disclosure] Authorities eye MSBlaster suspect --On Saturday, August 30, 2003 9:24 AM -0500 Michael D Schleif <mds@...ices.org> wrote: > > OK, they nabbed a nickel-bagger; let's not get carried away! > > This kid is small potatoes, compared to other vermin spreaders, and we > -- on this list, at least -- know that as fact. > > It's one thing to make an example of this kid; it's quite another thing > to put a lid on this whole wormy Internet thingy . . . > Trust me, work is being done to catch other ones as well. Paul Schmehl (pauls@...allas.edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists