Sasser Author Under Arrest, Say German Police 549
Apogee writes "A number of german news websites, like n-tv, or the german yahoo news site (courtesy of the german press agency, lending this some credibility) (web sites in german) report that the programmer of the Sasser worm has been arrested by German police. The Sasser author is an 18-year-old man who was arrested on Friday in Rotenburg, Germany.
With the Sasser worm being the latest among worms that spread like wildfire among unpatched windows boxes, and apparently also caused serious computer outages and cost to the economy, how will this be transformed into an indictment?"
Update: 05/08 18:41 GMT by T : SexySas writes "As the German news site heise reports, the 18-year-old author of Sasser is responsible for Netsky, too. The German police is talking about 'a milestone in war against cybercrime'."
I'm kinda curious (Score:5, Insightful)
Easy enough (Score:2, Insightful)
IF that person is found to be guilty ( Remember kids, innocent until proven guilty! ) than that person wil be solely held responsible for all damages Sasser has caused, is causing and will cause in the future.
Re:Not framed? (Score:3, Insightful)
I hope that they don't do this sort of thing in Germany. But I wouldn't bet on it. Military and police have a tendency to be the same sort of people in all countries.
Re:Liability (Score:5, Insightful)
People lock their doors because they realize there is a threat, if they don't realize there is a threat, they lose stuff, but it is still criminal. Hopefully after the 5th time someone gets their house broken into they will realize that they need a lock, same goes with computers.
I'm no microsoft fanboy(I don't even use windows), but blaming them is like blaming a car manufacturer because your car got totaled when some jackass rear-ended you. You should have done your homework before you bought the car, and that still does not absolve the jackass.
Probably Bragging (Score:5, Insightful)
Re:Liability (Score:5, Insightful)
This is more like just leaving your doors unlocked. There is no protocol for a system to advertise it's vulnerabilities.
Without regard to whether your doors were locked it is illegal to steal things from your house.
Re:Liability (Score:5, Insightful)
That's ridiculous - people who don't wear bullet proof vests aren't "as liable" as the people who shoot them.
If you leave the doors to your house open, and a large neon sign over the threshold saying 'WELCOME', you'll be *damned* lucky if your insurer would pay up.
No, but you could press charges for burglary if somebody came into your house and stole something. Insurance is a matter of commercial contracts - we're talking about the law here.
If he hadn't exploited it, someone else would have, and the result would have been the same.
No, if someone else had exploited it, then the gentleman under discussion here most probably wouldn't be in police custody facing criminal charges right now.
The reponsibility lies with microsoft, for creating shite software, with inherent vulnerabilities, and with the users, for not bothering to have any kind of protection.
What kind of a world do you live in where the people who write and send out a virus are not liable for the damage it causes?
A benefit of Sasser/Blaster (Score:4, Insightful)
Idiot (Score:4, Insightful)
Step 1: Write virus/worm without your name, intials, alias, or any other identifying info.
Step 2: Release your virus/worm from an internet cafe, preferably one far from home, even a different city or country.
Step 3: Keep your mouth shut!!!
I mean, how hard can it be to avoid getting caught? I think most of these morons have the most trouble with steps 1 & 3, even if they're smart enough to manage step 2.
Re:Liability (Score:5, Insightful)
Actually, those are two completely separate issues.
Let's say you left your house and left your door unlocked. If a thief happened by, saw that it was unlocked, and came in and stole all of your belongings, the law in every jurisdiction that I know of is unequivocal: the thief is solely to blame.
On the other hand, if you put up a sign that said "welcome", then that could be construed as an explicit invitation to enter and the corresponding legal judgement would be less clear. You may recall cases way back when when some FTP sites said "Welcome To Private FTP site! Username: Password: ".. well.. some were broken into using brute force un pw attacks. The attackers were subsequently found and based their (largely successful) defense on the fact that it said "welcome!"
Now, about the rest of your point: about people being liable and microsoft being liable; basically, it's wishful thinking from you, who knows nothing. I dare you to build me a house that can not be broken into. It is NOT possible. the windows OS has arguably hundreds of thousands of parts and interfaces and it is not reasonable to expect that every aspect has been checked for every possible potential flaw. I remind you that but a few weeks ago, a new flaw was found in TCPIP, arguably one of the most "eyeballed" standards in the history of computing.
every window in your house can be broken, and a thief can enter by breaking it. the lock on your front door can be opened with a jimmy tool, your electric garage door opener signal can be captured and copied. your hidden key under the bushes can be found. your chimney may be a more or less perpetually open entrance, and yet nobody blames house builders or even home owners of gross negligence in such cases.
the fact is that in a society we recognize the inherent limits of any sort of physical protection. as many on slashdot here have observerd in other contexts (DRM), "if it can be broken, it will be" and "there are no unbreakable protection schemes."
Therefore, we must resort to law and the threat of punishment. It's not perfect, but it's what we have to do.
Re:Liability (Score:3, Insightful)
come down hard (Score:4, Insightful)
Not to nitpick.... (Score:5, Insightful)
Btw, Here'a an english [cnn.com] version of the story.
Re:So basically, what's happened here was... (Score:2, Insightful)
Re:they caught him too soon (Score:4, Insightful)
No apology if they got the wrong guy.....
Re:Idiot (Score:3, Insightful)
- Authors like to stamp the worms with their own signiture, as then they can boast about it with proof.
- I agree you with this, releasing it from a traceable system is stupid.
- If the authors did this, then a major benifit of them releasing the worm/virus is gone. Most of these things are done for bragging rights, and are not malicious. How many worms etc actually cause permanent damage to data or computer systems? Very few, most use exploits to spread themeselves further, and a couple shut down the PC. Few actaully install malicious programs and fewere still wipe data.
There are other people who follow exactly the same procedure as you laid out, for example the "Deepthroat" whistle blower in the Nixon Watergate scandle is still unknown precisely because he followed the above, and demanded secrecy from those he could trust enough to tell.Re:Two possibilities (Score:1, Insightful)
Maybe he was threatened with extradition to America. Everyone's heard about the way they treat prisoners over there.
Re:You know, I really don't understand (Score:2, Insightful)
Most people in what passes for "normal" society can not see any point whatsoever in creating a virus. It is not that they are too civic-minded or too "responsible" it is merely that there is no motivation to do it.
To me the desire to create a virus proves in itself that the creator has a different viewpoint on life than do most people. I don't presume to understand what that viewpoint might be, however simple logic indicates the likelihood that in their case the sole and only point of creating a virus is to able to brag about it. "Hey see all that stuff on the TV news, that's me that is, I did that!" Otherwise why bother (OK unless spammers are paying you to write smtp trojans or whatever.)
So yes they are certainly smart enough to release their virus silently from a cafe or someone else's hacked cable account. But they don't, because that would defeat the whole object.
Re:Ultimate punishment (Score:3, Insightful)
If he can do that, I'd consider his debt paid. Then I'd consider hiring him as a consultant.
Re:come down hard (Score:5, Insightful)
Texas is the death penalty capital of the world. By your logic that would also make it the safest place in the world, yet people are murdered here every day. A person can be imprisoned for years (years!) if caught with trace amounts of cocaine, yet the crack epidemic is as strong as ever. Community services do more for crime prevention than the prison system can ever do. Prisons are necessary of course, if only to separate the truly incalcitrant, but the current reliance on them as a deterance is simply pig-headed.
The point is, discipline is necessary, but not without compassion. Strict adherance to discipline for the sake of revenge mearly engenders hatred in those being disciplined. Unless you kill that person, he will always be a problem. Compassion can divert that hatred so that lessons can truly be learned. Community based organizations can provide that, the prison system cannot.
They should just give the boy (if proven guilty) an appropriate penalty followed by a period of community service. Get the boy involved in his community and he will not be such a problem. That is the only answer to such things.
(Hey mods, mod the parent underrated. His opinion may be wrong, but it is valid non-the-less. It doesn't deserve a troll mod.)
Re:Liability (Score:3, Insightful)
The car manufacturer analogy still works, as they knowingly sold you the car without appropriate safety features. Do your homework -- yes -- but you can not expect people to know everything about a car or a computer.
Re:18 year old kid (Score:3, Insightful)
The kid.
Re:MS (Score:2, Insightful)
Prison is not the solution (Score:5, Insightful)
nothing worse for a nerd then no computer.
Sending him to prison only makes him meet the really bad guys.
Jail is not the solution to everything. It denies you normal live, far beyond the duration of incarceration.
Re:they caught him too soon (Score:3, Insightful)
Computers can be formatted, and the whole deal mostly forgotten. Human lives don't exactly work the same way.
Re:Two possibilities (Score:3, Insightful)
He's old enough to drive, work, vote, own a gun, go to war and die on the service of his country, and be elected to office.
That makes him a young man, not a kid.
Re:they caught him too soon (Score:2, Insightful)
I pray you're being a troll. If not, step back for a minute from your weird obsession personification of a computer, and realize that a computer is a product just like a toaster. It isn't an irreplaceable, unique person composed of trillions of cells where a violent physical act is unlikely to be entirely erased from either physical or mental realms. Computers aren't alive and setting the same punishment for abusing either horribly degrades the perceived worth of a human.
Only at the point at which computers are in a position where they can do the same sort of physical harm to a person should there begin to be punishment in the same realm. But that's just harming a person by proxy which is already covered by law (killing a person by a gun is the same as killing a person by strangling them, legally (and the same issue of a question of neglect by using a proxy comes up)). Then comes the question of is the computer maker responsible, and I'd say that they might be if the physical harm was the result of a defect.
Re:come down hard (Score:3, Insightful)
Re:come down hard (Score:5, Insightful)
Actually, you are wrong on that one. Your rebuttal argument is flawed:
Texas is the death penalty capital of the world. By your logic that would also make it the safest place in the world, yet people are murdered here every day.
You are using a flawed control group: other random places in the world. For the control group to be valid you have to find a place with similar socio-economic characteristics *and* similar prison conditions but laxer sentencing practices.
Moreover, save for hardened criminals which tend not to act rationally, studies *have* shown that the common folk tend to adjust their rates of criminal behaviour in proportion to (a) likelihood of being caught (b) harshness of the penalty if caught and (c) potential reward as compared to living a straight life.
For example in a jurisdiction when a specific crime is suddenly punished in a much harsher way, criminals gravitate to less harshly punished activities.
Same studies have shown that a certain percentage of the drop in crime rates of that type are due to the simple reason that criminals are out of comission longer, due to the longer jail sentences (duh!). So even among the hardened criminals we see a reduction in crime rates, simply because they are in prison and off the streets.
Vandalism and Theft Of Services (Score:2, Insightful)
This punk trespassed, stole services, and vandalized the effected machines. Prosecute him for that.
60 days in jail and $20 fine, for each instance, served consecutively. That should be sufficient.
Bob-
Re:they caught him too soon (Score:3, Insightful)
Re:they caught him too soon (Score:4, Insightful)
Same with my house. When I leave my house, I lock the door. When I'm *home* I usually have the door locked too (this is more my husband's idea, though). Fortunately, Schlage generally has a good track record on not having easily-broken locks.
I think the preoccupation society as a whole has with people breaking into computers is sick, especially considering that many people are on the side of the person doing the attacks. And that disgusts me since I've seen what a horrible pain it is to recover from an attack.
Same with having your house burglarized. And yet, if you used a luggage lock to secure your front door, and your front door was right on the street, and there was no street lighting, neighborhood watch, etc., people would have a hard time sympathizing with you when you got ripped off. Especially if it was widely known that people keep getting broken into when they only use luggage locks to secure their personal belongings, and they're easily defeated (since they all pretty much have the same key).
For all the outrage I've gotten from my analogy, nobody's put a serious dent in my point: That people who do these things get away with it all the time, and that they somehow need to be stopped.
It's the risk-vs.-reward ratio. If you want to make it less attractive, the first thing to do is make it *harder*. When stealing someone's belongings doesn't require any breaking, just entering, it is more likely to happen. If you're homeless, your stuff gets stolen all the frickin' time. See how much the police care about tracking down the guy who stole it in *that* case. But a mansion in Beverly Hills with 24-hour armed response, noise- and motion-sensitive lighting and alarms, and guard dogs... sure they want to find out who did it, because that guy is *really* dangerous.
If you want to counteract my feelings and my analogy, let's hear some positive recommendations on how to deal with these people. What would you do to put the point in their heads that this kind of conduct hurts real people and has enormous costs?
First of all, you need to meet them halfway. People who keep their windows installs updated didn't get hit by Sasser. I'm one of them, and I don't even have automatic updates enabled... I just go there every so often and get what's critical (after actually deciding if I agree that it's critical... Outlook Express is NOT). That's basic. Using a firewall will also protect you from Sasser, as will using a non-Windows operating system.
People don't have much sympathy here for victims of these worms because they generally painted a big target on themselves and said "come and get me." That's the difference between how much we care about catching the perps in this case and in others... in a sense, these guys are doing us all a favor, because they're reminding people to lock their doors with something more than an ounce of cheap metal.
Re:Liability (Score:3, Insightful)
Sasser is my friend. (Score:3, Insightful)
Since the PC support group had recently reported that all machines were now in the auto-patch system, we were quite suprised to see almost 1% (which is a lot of machines, around here) get sasser.
Incidentally, a crude way to scan your network for sasser (let's just say you've got a linux box handy with samba,nmap,bash, grep and gawk and that your network is composed of three class C segments numbered 10.0.1.0, 10.0.2.0, 10.0.3.0 for the sake of example) is:
nmap -p 5554 -oG '-' 10.0.1-3.1-254 |gawk '/^Host.+5554\/open\/tcp/{print "nmblookup -A " $2}'|bash |grep "<00>"|grep -v GROUP
If your machines have useful netbios names (such as their location, for instance) and/or you know the names of your users, that should give you all the info you need.
Thank you Mr. Sasser author! You the man! Your non-destructive code was a public service from where I'm sitting (yes I know others feel differently - the real universe is subjective, neh?).
Re:The auther prolly used WinXP (Score:3, Insightful)