Klarinet Archive - Posting 000344.txt from 2003/08

From: Mark Gresham <mgresham@-----.com>
Subj: Re: [kl] <W32.Blaster.worm>
Date: Wed, 13 Aug 2003 04:07:45 -0400

Daniel Stover wrote:
> [Bill Hausmann wrote:
> At 08:09 PM 8/12/2003 -0500, Daniel Stover wrote:
>> It's my belief that some viruses are released, rather than to cause
>> malicious damage, as more of a message to people to make sure they are
>> protecting themselves with Firewalls, Anti-Virus software, and to not
>> open attachments from strangers. This worm, for example, is
>> relatively harmless in terms of what a programmer COULD have had it
>> done. [...]
>
> That's what the virus writers would like you to believe, but in fact,
> they are rotten bullies who do things to other people's computers just
> because they CAN. It is a power trip for them, pure and simple.
>
> Bill Hausmann
>
> That, of course, is true as well. But when you think about it, this
> MSBlast.exe could have been written to cause serious damage to every
> computer it infected. [...]
>
> So i see it as more of a lesson to people to keep their computers
> patched (considering MS has updates constantly to fix problems...

As someone who has known hacker/virus writers (who were forced to
"mostly" reform and "switch sides," but still have the personality
type), this argument is baloney. Bill Hausmann is right, as is
Ormandtoby Montoya, in that the prime interest is power and
thrill-seeking, often as "graffiti artist" and the head trip of showing
that they can do it -- *never* as a "public service" lesson.
That a virus doesn't do severest damage like erasing a hard drive
isn't indicative that malicious intent is absent, as more "experienced"
virus writers more maliciously want you to go mad trying to figure out
what's not functioning (and seeing it) rather than simply face a
terminated hard drive (how would you then necessarily know it was due to
their creation? -- it is the graffiti thing, the mindset that you must
see the signature of the "artist," sometimes found in other criminal
activities) or would rather "assume control" remotely than destroy outright.
The first big internet virus of over a decade ago was a simple case
of "code gone wrong" -- the virus (actually a "worm") was intended by
its young author to propagate itself with only *one* copy being placed
on as many machines as possible. Instead, it continued to replicate
itself on single machines until the spools were full (and these were not
"Windows" OS by any stretch of the imagination) essentially bringing
most of the internet down and hundreds of thousands of dollars damage.
The damage was "not intended," his intent allegedly was just to prove he
could propagate it.
Many newer attacks are not typical of the public idea of attacking
individual desktops, but are attacks on server functions (like finding
exploits in PERL script handlers, or in essential hardware like
routers). More of the power trip: Disable or take control of systems
run by the people supposedly best able to defend themselves, and show
everyone (especially other hacker/virus writers) that you've done so;
not the novice at home who is still trying to figure out the difference
between a hard drive and RAM.
For example, within the last couple of years there was an exploit in
a very common brand of commercial router that serves about 80% of the
internet worldwide; one of these virus writers claimed he could have
shut down that % of the internet worldwide in a few hours by taking
control of those routers through that exploit (but he didn't like the
idea of the FBI showing up at his door within the next few hours after
that). Nevertheless, once discovered, it was a race of several days for
company engineers to beat potential virus writers to it with a patch
(patch being an understatement); in this instance, the virus writer
community blinked long enough, and the company won the race.
BTW, it had nothing to do with "Windows" at all.
And for Mac users: the word from the "grayhats" (virus writer/hackers
who have officially "switched sides" but still keep their ears, eyes and
fingers in the "dark side") is that some of the newer virus developments
are for attacks on personal computers and will be able to detect your
operating system and pull the right code from their "backpack" to infect
you regardless of whether you run Windows, Mac OS, or whatnot, and carry
complete code for propagating multiple cross-platform attacks along with
them. So they won't care whether you use a Mac, or a PC (with any
flavor of Windows or other OS options), Sun OS on a mainframe, or even
an Amiga.
But virus writing as an act of "public service"? No. Not at all.

--
--
Mark Gresham, composer
mgresham@-----.com/
Lux Nova Press http://www.luxnova.com/
LNP Retail Webstore http://www.luxnova.com/lnpwebstore/

---------------------------------------------------------------------
Klarinet is supported by Woodwind.Org, http://www.woodwind.org/

   
     Copyright © Woodwind.Org, Inc. All Rights Reserved    Privacy Policy    Contact charette@woodwind.org