Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Security Operating Systems Software The Internet Windows

70% Of 2004 Virus Activity Down To One Man 452

arpy writes "According to a report produced by anti-virus software provider Sophos, 70% of anti-virus activity in the first half of this year can be blamed on Sven Jaschan, an 18-year-old German who wrote the Netsky and Sasser worms. According to the report, "Sasser claimed the top spot of the virus chart, in spite of the raging battle between the widespread Netsky and Bagle worms." The Register has a good summary of the report."
This discussion has been archived. No new comments can be posted.

70% Of 2004 Virus Activity Down To One Man

Comments Filter:
  • by Anonymous Coward on Monday August 02, 2004 @06:28AM (#9861929)
    I could of sworn it was Bill Gates..
    • by hummassa ( 157160 ) on Monday August 02, 2004 @06:50AM (#9861985) Homepage Journal
      Of this was about Bill Gates, the headline would be "99.9% of 2004 virus activity down to one man" :-)
    • by The Spoonman ( 634311 ) on Monday August 02, 2004 @08:18AM (#9862154) Homepage
      Me, I would have placed the blame squarely on all of the admins out there who allowed their systems to be compromised by the worms in the first place. That includes the admins of the e-mail systems of ISPs. It's time to start placing blame where it belongs. Security is a job function, not a function of the system. An {OS/mail system/website/whatever} is only as secure as its admin.
      • by Anonymous Coward
        > Security is a job function, not a function of the system

        Nonsense, it's both. Also, the users count as well. To what degree each factors in is a policy decision - it's by no means absolute.
      • by Fulcrum of Evil ( 560260 ) on Monday August 02, 2004 @08:53AM (#9862236)

        Me, I would have placed the blame squarely on all of the admins out there who allowed their systems to be compromised by the worms in the first place.

        You mean that it's Joe user's fault that his DSL connected PC got infected? What do you suggest we do about that?

        • You mean that it's Joe user's fault that his DSL connected PC got infected? What do you suggest we do about that?]

          Joe User probably isn't a computer expert, and he isn't PAID to maintain security of a system. Yes, technically he's the admin of his own little PC and DSL connection.

          But I believe the grandparent post was saying to blame "ADMINS," those whose job it is to stop this stuff.

          It's their job to maintain proper security, apply patches, use recent virus software, watch over incoming / outgoin
        • Wait, you're saying that Joe user isn't responsible for maintaining/keeping his PC's software up to date?

          It amazes me how many people use computers, but do not want to be responsible for them, nor do they want to learn how to maintain them. They just want it to work, and expect everything to be totally simplistic. Sorry, we're not in the year 2100.
          • by Jahf ( 21968 ) on Monday August 02, 2004 @09:25AM (#9862413) Journal
            Wait, you're saying it is the initial victim's fault that the virus authors wrote malicious code -and- released it publicly?

            I think if you're going to lay the responsibility chain, it lies primarily with the virus author.

            Subsequently, the responsibility lies on the DSL service provider who KNOWS they are selling to often uninformed users and yet fail to provide adequate first (NOC) or second level (CPE) protection for these users.

            Next responsility lands in the laps of those people who wrote software that was prone to infection.

            Last, reponsibility makes it to Joe User at that point and then recycles to the beginning for any systems that his infection spreads to.

            So I, as the end user, have -final- responsibility, but not primary responsibility nor -blame- for the infections. ... Think of it in terms of vandalism ...

            The primary person responsible for vandalism is ... the vandal.

            Subsquent responsibility (for prevention) is law enforcement. Is law enforcement to blame for the vandalism? Only if they do less than is required to reasonably address the situation (I don't expect them to spend all day hunting down the tagger 3 blocks over, but I -do- expect them to patrol all the blocks as much as they can without hampering other worthy law enforcement activities).

            Making the assumption that I know that I live in an area where people are vandalizing property, I will probably buy paint and materials that are durable enough to be washed/repaired (if I don't, we hit the next level) ... it is now the responsibility of that company to make materials that are up to the job. It won't stop the vandals, that is the job of the police, but it should make their vandalism as hard as possible to have a permanent effect.

            Last, I am responsible for -using- the materials above, I am responsible for calling law enforcement if there is an infraction so that they can address it. However, if I fail to do the above all that happens is the 2nd and 3rd levels of responsibility are void. I am still not responsible for the unknown vandal having decided to unleash their frustrations on my neighborhood.

        • by AllUsernamesAreGone ( 688381 ) on Monday August 02, 2004 @09:42AM (#9862489)
          What do you suggest we do about that?

          Set up virus scanners at the ISP level - any mail that passes through an ISP's MTA gets scanned for viruses, double-extensioned attachments that would indicate possible worm payload (ie: anything that Windows will auto execute) should be bounced back to the sender with an "Unable to relay due to potential virus infection, see [website] for why we blocked this" error with instructions on how to fix it. Of course, that won't kill all routes but it'll guard a lot of people.

          Next block windows RPC ports at the router level, don't even route traffic between subscriber lines within the ISP network - I'm on Zen and, while Zen block access to windows ports from outside the network, once one machine inside is infected it spreads like mad. Some two thirds of my firewall logs are hits from infected machines owned by other zen subscribers. If people need to share files with remote machines they should use tunnels or VPN.

          Finally ISPs should also periodically portscan at least ports 0 to 1024 on subscriber machines and email those running machines without a firewall informing them that they are running a vulnerable box and provide instructions for how to lock it down. Those who fail two months of portscans without providing a valid reason why or start generating virus traffic are sandboxed with restricted email and web access to ISP instructions for how to get out of the sandbox.

          Of course, none of this is actually going to happen because ISPs will see it as likely to scare people off.
        • > You mean that it's Joe user's fault that his DSL
          > connected PC got infected?

          Yes.
          Just like it's my fault when I never put my car through the yearly inspection and let its brakes rot, I can (and probably will) be made at least partially responsible for the next accident I'm involved - even if some drunken asshole crashes into my car though I have right of way.

          If you don't know how to fix it, pay someone who knows. I have no problem admitting that I cannot fix my own car (I can drive it, and look-up
      • You're right, it is time to start placing blame where it belongs - with the bastards writing the viruses and spreading them. I suppose now you want to go after police every time someone gets shot. Surely it's not the fault of the guy pulling the trigger. Damn cops, if they would only get out of the donut shop and do their jobs no one would ever be murdered again. . .
      • While I agree with you...

        That includes the admins of the e-mail systems of ISPs.

        How many ISPs have had their email systems compromised by viruses or worms? Unless they happen to be using Exchange as a mail server (and I can't think of a good reason for an ISP to do that), I'd guess not many. And I don't blame mail admins for not stripping out various attachments that users open and infect themselves with. Especially now that many worms have started putting themselves in encrypted zip files to prevent
        • How many ISPs have had their email systems compromised by viruses or worms?

          Sorry, that wasn't properly worded. My intent was to say a mail system that allows them to go through. ISPs are now starting to put spam filters on their mail systems, why not AV filters as well?

          Unless they happen to be using Exchange as a mail server

          I administered Exchange servers for 6 years, never once had a virus on my networks, never once had it used to relay spam, and never once had it compromised. Any Exchange adm
      • Oh I get it,

        so its the sysadmins fault for there being no 48 hour days needed to secure and patch windows systems?

        "/Dread"
      • by UnknowingFool ( 672806 ) on Monday August 02, 2004 @10:56AM (#9863021)
        Me, I would have placed the blame squarely on all of the admins out there who allowed their systems to be compromised by the worms in the first place.

        In that twisted logic, I suppose you would blame gunshot victims for not wearing a bullet-proof vest or upgrading to the newest models when better armor piercing bullets came out.

        Are some admins just lazy who don't do their jobs? Yes. But an admin can't always patch right away.

        Remember in most corporate environments, admins can't simply patch a system when a new patch comes out. MS has burned them too many times with bad patches and this problem isn't an issue of the far past. Just last year, MS released a patch that crippled a computer's network connections. [neowin.net] They released a fix online for the patch, but if you have no Internet, how do you get it?

        Admins have to test them first before rolling it out. In some cases this may take up to six months. If they put in a bad patch, it's their blame not MS.

        In some companies, admins have been plaqued with downsizes and more duties. This means for some of them security is just another load they have to tackle with normal admin duties.

        I think most admins would not want the 10+ hours it takes to clean up a virus/worm. They don't have much of a choice in many cases.

  • by Anonymous Coward on Monday August 02, 2004 @06:28AM (#9861933)
    Get a rope.... (raspy cowboy gunslingin' voice)
    • I'd hate to be this guy. Just imagine what his first week in jail will be like..

      "So you're responsible for me not being able to read my kid's first email, because the prison had to shut down the library's internet access."

      "Um... no no it wasn't me, I swear!"

      Let the ass-pounding begin.
  • Also... (Score:3, Funny)

    by Black Parrot ( 19622 ) on Monday August 02, 2004 @06:34AM (#9861941)


    > The Register has a good summary of the report.

    70% of slashdottings were caused by Slashdot.

    • Re:Also... (Score:5, Funny)

      by gildesh ( 799552 ) on Monday August 02, 2004 @06:38AM (#9861954)
      No, 100% of slashdottings were caused by slashdot.

      Where in the world are you getting your math from?
      • Re:Also... (Score:5, Funny)

        by preposterity ( 756361 ) on Monday August 02, 2004 @06:46AM (#9861971)
        Speaking of dodgy maths, before my School Certificate (an exam all high school students do in year 10 in Australia), we did some sample questions.

        One of the question had a point with multiple lines coming out of it. The question asked you to measure each angle and to write down the sum of the angles. (Hint: 360deg)

        What was the "official" answer according to the answer sheet published by the Board of Studies? They would have accepted angles between 355 and 365 degrees.
        • Re:Also... (Score:2, Insightful)

          Well if you could measure multiple angles and get exactly 360, then either you are very good at measuring or cheated. If you just wrote down 360 then you didn't do what the question asked you.. why is giving some leway to measuring stupid?
          • because it all formed a circle

            *shakes his head in disbelief*
          • We should be rewarding the intelligent people who realise that the answer is obviously going to be 360, write it down then head on over to the next question.
            Moral of the story: we're rewarding stupidity.
        • Re:Also... (Score:4, Interesting)

          by Moraelin ( 679338 ) on Monday August 02, 2004 @07:28AM (#9862107) Journal
          You're measuring angles with an analog device with at best 1 degree accuracy per angle. When adding such imprecise data, yes, the margin for error increases.

          In fact, there are several lessons to learn from that. E.g.,:

          1. Any experimental data which neatly falls _exactly_ on the theoretical curve, and adds up to _exactly_ the predicted number is most probably cheated.

          I.e., had I been a teacher, I would have been a lot more suspicious of anyone who came with 360 there, than of someone whose angles added up to 355. The guy with 360 probably skipped the last angle and just subtracted the sum of the others from 360. Which is _not_ what was asked.

          2. Be aware of the imprecision involved in any measurement. Be aware how they add up, subtract or multiply. Especially for anyone working in any experimental science. (E.g., physics.) Or with computers.

          I.e., when that board calculated that, within the precision of the measuring device, it can be between 355 and 365, they did their homework. You didn't.

          3. If you work with computers, be aware of the limitations of the data type you use.

          E.g., if I see another clueless burger-flipper using 4 byte floats to hold money amounts in a database program, I'm gonna barf. Doubly so when then they start wondering why their final numbers are some 10,000$ off the mark.

          4. As a corolary, never use == with floating point results. Not even with the most trivial calculations (e.g., that the sum of the individual rows equals what's in the totals field.) Do what scientists and that Board of Studies do: calculate the expected margin for error and use an interval.
          • >> E.g., if I see another clueless burger-flipper
            >> using 4 byte floats to hold money amounts in a
            >> database program, I'm gonna barf. Doubly so when
            >> then they start wondering why their final numbers
            >> are some 10,000$ off the mark.

            That's really funny. You know why it's so funny?

            The leading RDBMS vendor only offers floats.
            • Re:Also... (Score:3, Interesting)

              by Moraelin ( 679338 )
              I've worked with both Oracle and IBM's DB2. Both offer fixed precision numbers. Even all the single user databases I've used, dating at least all the way back to dBase 2 under CP/M, worked that way.

              And all major languages offer libraries to read and process that as a decimal, not as float. At least in Java it's part of the standard library.

              You know why? Because of the reason I've mentioned in the post you're answering to. Floating point maths errors. It's an issue known since the 60s.

              I.e., I stand by wha
          • Re:Also... (Score:3, Insightful)


            If I ever have an employee look at a circle and tell me he has to measure and add angles to determine it is 360 dgrees around, he'll be flipping burgers the next day. Especially if he comes back and tells me it 365 after measuring.

            One of the saddest things about modern education is that we fail to teach people to use logic to solve a problem, instead of relying on formulas to get the answer every time.

        • Re: Also... (Score:5, Funny)

          by Black Parrot ( 19622 ) on Monday August 02, 2004 @08:16AM (#9862146)


          > an exam all high school students do in year 10 in Australia

          Here in the USA, most of us finish high school within 6 or 7 years.

        • Speaking of dodgy maths, before my School Certificate (an exam all high school students do in year 10 in Australia)...

          Not wanting to be a pedantic prick, but unless things have changed substantially since my fun filled days of Australian secondary education, not every year 10 student in the country sits this 'School Certificate' thingamo.

          In fact, if this web site is to be believed, only students attending high school in the ACT and NSW have the pleasure:
          http://www.teachers.ash.org.au/aussieed/seconda [ash.org.au]
          • Really wanting to be a pedantic prick, had you bothered to read the website you pointed to, you'd know that ACT students don't do the School Certificate either (the ACT Year 10 Certificate has nothing to do with the NSW School Certificate and, particularly relevant in this case, does not involve external examinations).
      • Re:Also... (Score:2, Interesting)

        Fox news, and their infamous "The presidential race is not split 50%, 50%. It is split 40%, 40, 10%, and the 10% are going to make a difference."

        The question is, do they think it's the 10% that swing vote, or the 10% that don't vote?

        I always thought that Fox was a few cents short of a dollar between the ears.
      • Where in the world are you getting your math from?

        I thought everyone knew that 70% of statistics were made up on the fly...
      • Actually, a "Slashdotting" or "The Slashdot Effect" does not have to originate from Slashdot anymore. According to the definition by Wikipedia [wikipedia.org] it originated from Slashdot, but is now considered a generic term. Quoting Wiki:

        It can be generalized to refer to any time a popular website links to another one. Typically, less robust sites are unable to cope with the huge increase in traffic and become unavailable -- either their bandwidth is consumed or their servers are unable to cope with the high strain.

        W
    • Talking of which, am I the only person who's finding that Slashdot appears to be partially Slashdotted at the moment?
    • I'm getting an awful lot of 503 or white pages here this morning.

      Guess this must be the sickening effect of the stupid new color scheme
  • Kill Him! (Score:5, Interesting)

    by bwalling ( 195998 ) on Monday August 02, 2004 @06:41AM (#9861958) Homepage
    Probably not a good article to have floating around with your name in it. I'm sure there are plenty of helpdesk personnel, network administrators, and "computer guy" friends who would like to punch that guy in the mouth.
  • Can you say... (Score:5, Interesting)

    by Freon115 ( 672518 ) on Monday August 02, 2004 @06:47AM (#9861976) Journal
    Scapegoat?

    Isn't he the one Valve blamed for the HL2 source code theft as well?
    • Re:Can you say... (Score:2, Insightful)

      by Anonymous Coward
      Scapegoat, my ass. Can you say guilty?
    • Re:Can you say... (Score:5, Informative)

      by Jeff Kelly ( 309129 ) on Monday August 02, 2004 @07:07AM (#9862058)
      No that has been a phatbot infection.

      This poor guy may have been arrested for the development of Netsky/Sasser but according to several IT-Newspapers in germany he was not the only one who was developing them. There were some backings and partners who may have made him their scapegoat although these are mainly rumors.

      This guy has also been blamed for phatbot although that one was developed by a different person meanwhile arrested (which at some time in the past had made contact to the Netsky Author)

      Jeff
  • by leathered ( 780018 ) on Monday August 02, 2004 @06:48AM (#9861977)
    70% of virus infections in my neighbourhood are caused by just one woman.
  • Good or Bad (Score:5, Insightful)

    by lachlan76 ( 770870 ) on Monday August 02, 2004 @06:48AM (#9861979)
    To be honest, I'd rather have to do AV work on one virus 70% of the time, and spend the other 30% fixing a couple of others. Maybe write a script if need be, and 70% of the time, I just do the same thing over and over.

    Or, you could spend 10% of the time working on each of 10 viruses. Suddenly, you think, I wish I could be 70% sure what the problem will be, it is alot easier.
  • by toonerh ( 518351 ) * on Monday August 02, 2004 @06:50AM (#9861984)
    The mainstream and tech press is always implicating Russian crackers or links to .ru sites... What's the real deal? Someone is feeding us disinformation with a shovel.
    • Someone is feeding us disinformation with a shovel.

      Hi and welcome, you must be new here
      Where have you been the last hmmmmm... 2000 years?
      • Hmm, same place as most of us - dead. Or at least, not alive. Whether the two amount to the same thing is academic.
        Somehow I doubt many posting on /. was around over 70 years ago.

        *waits for clouds of OAPs to descend on him like flies*

  • the bounty wins out (Score:5, Interesting)

    by khallow ( 566160 ) on Monday August 02, 2004 @06:55AM (#9862004)
    Looks like Microsoft indeed had a great idea with its bounty for turning in virus writers. From the article, it appears that the bounty was a key factor in getting this guy caught. And he's responsible for three viruses which are claimed to have caused "70%" of "virus activity" detected by Sophos (whoever those guys are). I assume that means this guy was plenty of trouble for Microsoft.

    You got to wonder why Microsoft never did this before. From a business standpoint, the return on investment for this $250,000 bounty is probably going to be quite impressive.

    • I'm not sure I follow your "business standpoint" logic. I think it is a bad idea, and bad precedent. Microsoft should be focusing money and energy on their product, not on containment techniques.

      The fact of the matter is that this strategy only works if there are only a handful of people with the knowledge to write the virii, and you think you can catch them all. However this is not the case... several "authors" have proven to be minors, which only demonstrates that the knowledge is widely available to tho
  • In other news... (Score:5, Insightful)

    by b374 ( 799492 ) on Monday August 02, 2004 @06:55AM (#9862005)
    ...99% of virus activity this year due to bugs / vulnerabilities in products from a single company.
    • Re:In other news... (Score:3, Interesting)

      by benzapp ( 464105 )
      If I take a 2x4 and bash you in the face with it, do we say that your face was vulernable to a natural product moving a moderate velocity?

      Every single thing in nature, and every single thing created by man is vulnerable to SOMETHING. From a natural standpoint, that is what life is, exploitation of other lifeform's vulnerabilities. Millions of bacteria are doing that in your body righ now, the very second you read this.
      • I assure you, we are using those bacteria to our own advantage at the same time. It isn't a parasitic relationship, but a commensal one...

        I agree with your general statement though, just not your specific example. There are many animals which couldn't exist in their niche at ALL without direct microorganism aid (cows and termites immediately spring to mind) and most of the rest would be much worse off.
      • You think that's air you're breathing?
      • In nature, the most vulnerable species end up extinct. Of course, if they have some kind of monopoly to leverage, they might survive.
    • by Lumica ( 799136 ) on Monday August 02, 2004 @09:34AM (#9862456)
      Hey, it ain't MS fault one can't even write a decent virus on Linux :*) It ain't that easy to spread a virus when everyone you want to infect needs to grab the sources of the virus, compile them, then needs to update a few libs, which will only run with a new kernel, this in turn needs update of [...and so on...]. No virus kid^H^H^Hwriter is up to that challenge, especially since there will be near to no hope getting into the antivir highscore's with this.
  • by TheFairElf ( 669537 ) on Monday August 02, 2004 @06:58AM (#9862016)
    "The computer worm he created continues to spread despite the fact that their creator has been taken out of the equation."
    duh!
  • by DeadVulcan ( 182139 ) <dead@vulcan.pobox@com> on Monday August 02, 2004 @06:59AM (#9862020)

    The computer worm he created continues to spread despite the fact that their creator has been taken out of the equation.

    How on earth must one believe that a worm works (or think that one's readers believe that a worm works) in order for them make such a statement?

    I'm reminded of a great quote by Charles Babbage. Babbage was asked (by a member of parliament... of course) whether his analytical engine will, in spite of being given erroneous input, nevertheless arrive at the desired answer. Babbage's response?

    "I cannot rightly apprehend the kind of confusion of ideas that would provoke such a question."

    • by julesh ( 229690 ) on Monday August 02, 2004 @08:42AM (#9862188)
      How on earth must one believe that a worm works (or think that one's readers believe that a worm works) in order for them make such a statement?

      I suspect a lot of people think they all get sent directly by the person who wrote them, and that they are somehow under his control.

      But to be honest, I don't think most pepole actually think about how computer programs work at all. They just do.

      It's like when I wrote a chess playing program as an exercise. I showed it off to a friend, and then said I wasn't entirely happy with the way it played. The response: "How can you not be happy? Isn't it playing like you do?"

      Err... no... I didn't just copy my brain directly into the computer, actually.
      • ...said I wasn't entirely happy with the way it played.

        You need to copy the brains of those chess guys at the RenFests. I have never failed to get my ass handed to me, on a large period-correct platter with a flagon of mead, and a turkey leg on the side.

    • Full quote (Score:4, Informative)

      by Sindri ( 207695 ) on Monday August 02, 2004 @08:51AM (#9862225) Homepage
      "On two occasions, I have been asked [by members of Parliament], 'Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able to rightly apprehend the kind of confusion of ideas that could provoke such a question." -- Charles Babbage (1791-1871)
  • by Jeff Kelly ( 309129 ) on Monday August 02, 2004 @07:00AM (#9862025)
    Yeah Netsky and Sasser have gained much more notoriety but actually phatbot has been (and still is) the more dangerous worm/trojan/backdoor around in 2004.

    There are currently several thousend different modifications of phatbot around and in contrast to Netsky/Sasser, phatboy infected systems are being commercially exploited as spam relays for UCE/UBE and Hatemail. In Europe neofascist/neonazi groups use phatboy to finance and also to distribute their propaganda.

    You can buy lists with the ips of compromised phatboy-infected computers to use for your own spam-enterprise. There are even groups which will code you your own version custom-built to your likings.

    Strangely the author of Netsky/Sasser has gained much more public interest. Yeah it was probably more annoying and a real hassle for the sysadmins. On the other hand phatboy is more dangerous than netsky and is actively exploited with criminal intent. Although the writer of phatbot has been arrested as well (coincidently also a german) all you ever hear about is the author of sasser.

    Jeff
  • by Schreckgestalt ( 692027 ) on Monday August 02, 2004 @07:01AM (#9862027)
    Although you may not be able to read this, I still want to shout out a huge thank you.

    THANK YOU!

    People like you help me argument against the beady-eyed managers that a computer-monoculture is bad for business.

    How else could I easily bring Linux or Firefox on Windows to our enterprise customers? And hey, what people know from the office, they will also use at home.

    Not to say that you help the OSS community, but you do.

    Thanks again.

    • NO, all his customers will still use win32/64 (if ever ships) and the marvelous IE with ActiveX heaven and will get infected.

      Than, they will buy antivirus from Sophos...

      You must be dreaming man...
  • Netsky variants ! (Score:2, Insightful)

    by phreakv6 ( 760152 )
    Netsky forms a major share in that 70%.But that is including all its variants.I do not know if u attribute the credits for the Netsky variants [A,B,C,D...] also to Sven.I beleive the variants are from other virus hobbists as well.It is not fair to attribute them all on Sven at a staggering 70%.
  • by sciop101 ( 583286 ) on Monday August 02, 2004 @07:12AM (#9862073)
    And now the rest of the story!

    "...one of Jaschan's schoolfriends revealed the worm author's identity to Microsoft."

    http://www.sophos.com/virusinfo/articles/netskyher o.html [sophos.com]

  • by burgburgburg ( 574866 ) <splisken06.email@com> on Monday August 02, 2004 @07:12AM (#9862079)
    the top virii writers of the world, we strongly dispute the figures underlying this study. Jaschan, who, by the way, is not certified, has released virii that make up 70% of the recognizable infections. However, the truly top infections released this year have been stealth mutating virii that, to this day, own over 62.7% of the world's Windows computers (including an impressive 71.9% of the Pentagon's Windows laptops). When SP2 is released, they will SPRING into action, finally and gloriously proclaiming their true intent: to get Yahoo Serious a write-in Academy Award. Doesn't have to be for acting. Writing will do.

    I, for one, welcome my Yahoo Serious Overlord.

    • Once and for all (Score:2, Informative)

      by stud9920 ( 236753 )
      You DO NOT speak Latin. Stop making up words. There is no plural tu the latin word virus. It means "poison", the plural of which is "much poison" (notice the absence of an s) in most contexts.

      Even if it had a Latin plural, it would not be "virIi". That would be the plural of "virIus" which doesn't exist. It cannot be "viri" either, as this is the nominative plural of "vir" (man).
  • by Malor ( 3658 ) * on Monday August 02, 2004 @07:15AM (#9862092) Journal
    Vinge is a great(!) SF author. Many of his novels deal with an idea he calls the Singularity; the concept that technology will keep accelerating until we gain the ability to increase our own intelligence, at which point the changes will come so fast that we we will become unrecognizable to pre-Singularity humans.

    One of his fundamental ideas is that the growth of technology will give individuals more and more power. I'm not sure if he explicitly says this himself, but one of his themes is that individual people will have the power of atom bombs. It won't BE atom bombs, it will be something else... like the ability to write viruses.

    In terms of direct harm, it would appear that Sasser may have done more damage than slamming planes into the WTC. Indirect damage, everyone overreacting and doing stupid things, was tremendously greater with the WTC, of course. But in terms of direct, measurable damage ... perhaps Sasser and Netsky were worse?

    Speaking, again, purely in economic terms, I wonder how Sasser and Netsky rate against the Hiroshima or Nagasaki bombs? I realise that the viruses probably didn't kill anyone, and they didn't start or end any wars. We don't feel it as much because everyone paid a little bit, instead of a few people paying a whole lot... but in terms of actual dollars/yen/economic value, I wonder how they compare?

    However that comparison comes out, being singlehandledly responsible for 70% of all virus activity over the last year is *a lot* of power. Vinge's Singularity may not be that far off... assuming we don't virus ourselves to death first, anyway.
    • strange comparison (Score:3, Interesting)

      by twitter ( 104583 )
      A computer virus compared to nuking a city? OK, the capital and effort lost to computer viruses might kill people by creating demands and activities that would not exist. You can say that activity kills people, just as you can compare the number of people who die by various means of producing electricity. More people die moving coal per megawatt than die from moving Uranium. It's more likely, however, that virus writers saving existing lives by reducing the overall economic activity. Destruction is was
  • by WolfWithoutAClause ( 162946 ) on Monday August 02, 2004 @08:19AM (#9862159) Homepage
    The envy of all the coffee mornings.

    "So what does your son do?"

    "He's in prison after writing the worlds most successful computer viruses. Ouch! Don't hit me! Ouch! Stoppp!

  • Great job (Score:5, Insightful)

    by Wind_Walker ( 83965 ) on Monday August 02, 2004 @08:41AM (#9862183) Homepage Journal
    Yeah, this is exactly what we want to do to virus writers - give them recognition and a "ranking". Jesus Christ on a pogo stick.

    It's bad enough that they feel the need to "compete" against other virus writers for some internet version of "street cred" but now we're fucking ranking them?

    How long until people start writing viruses just to "get points" on some chart somewhere? Christ, you people have no logic whatsoever.

  • Companies that got hit badly should sue him. Even if he doesn't have any money and lives in Germany, they could go after him to make an example to deter people from writing viruses in the future. Sure everyone can point the finger at microsoft, but this guy sat down and wrote a program specifically to piss people off and mess up their computer. If I own a bank and I get robbed because the vault was shoddy, I'd be pissed at the vault manufacturer and of course the person who robbed me.

    I doubt companies t
    • his already fucked up beyond the point where suing him would make any deterrent more.

      and making an example of him doesn't really work(he already is anyways).. none of those guys writing these expect to get caught(the laws are already tight enough that they're essentially fucked if they do get caught and they know it).

      suing him more would lead to lawyers billing more though(and making your company lose even _MORE_ money because of him)..
  • Odd (Score:4, Funny)

    by transient ( 232842 ) on Monday August 02, 2004 @08:45AM (#9862198)
    Coincidentally, 70% of my voicemail messages are Sophos salespeople. Andrew, if you're reading this: for the love of God, STOP CALLING ME!!!
  • And I'm sure more hours than that were spent trying to clean this up... try him for murder.
  • Nearly half of german youths ready for work cant find meaningful employment due to the sluggish economy and heavy-handed government regulation of industry. The adult unemployment hovers 10-14%. Germany still widely uses the apprentice system for working youths into the economy, even for white collar jobs. Other youths become perpetual students (6,8,10 years) in the low-cost university system. So there's lots ofidle, creative people to get into mischief.
  • by switcha ( 551514 ) on Monday August 02, 2004 @11:01AM (#9863048)
    What an honor! I'd like to send to a congratulations gift. What's your email?
  • Kim Vanvaeck (Score:3, Informative)

    by valkraider ( 611225 ) on Monday August 02, 2004 @11:36AM (#9863312) Journal
    The article ( I know, none of you read it ) also talks about Kim Vanvaeck. She was arrested as well.

    The funny part is, she might have been good at code - but she was not good at crime.

    A quick Google groups search comes up with funny stuff. Like her back in 1998 asking [google.com] for someone to please send her a virus so she could learn about them.

    Or her in a discussion about sleep habits which starts out [google.com] asking for the best "hacker babe"...

    There are more. But the best part is that in almost all of them she always ties her real name, "Kim Vanvaeck", to her "hacker name", "Gigabyte". It must have taken the authorities a whole 7 minutes to track her down...

    As an aside, anyone able to find a photo of her? This is Slashdot... It would be cool if she was as attractive as Angelina Jolie in the [silly] movie "Hackers". (Why else do you think I would be searching on her name?)
  • by FirstTimeCaller ( 521493 ) on Monday August 02, 2004 @05:29PM (#9865347)

    And 23% of all virus activity comes to you courtesy of Margaret Tillman of Chebansee, Illinois who dutifully clicks on every email attachment and forwards every chain email that comes her way.

    Here's to you Ms. Tillman; we salute you.

Do you suffer painful hallucination? -- Don Juan, cited by Carlos Casteneda

Working...