What should we do to the person that made the Blaster worm?

Mike Malloy said we should execute him. I don't agree with the death penalty but, that little bastard has caused absolute havoc evert since he did that crap. My computer was infected and I've had it dewormed you could say but, now my windows media player doesn't work. Now because of this little shit I got to call the Tech Support people at Dell, wait on hold for 30 minutes to an hour and take time out of my day to fix the damn computer again. I've figured out which form of the death penalty I would perform on the person;-) About a month ago I finished a book called "The Frontiersman" it was written by Allen Eckert. It is a book about the early history of Ohio, Kentucky, Virginia and Pennsylvania. In the book a man by the name of Jacob Greathouse betrayed and slaughtered a group of Mingo Indians. When looking at the body's he found a Mingo squaw that was 8 months pregnant that was still breathing. He tied the women up to a tree with her feet hanging about a foot off the ground unsheafed his tomahawk and sliced her stomach open letting her intrails fall out onto the ground(incuding the fetus). Everyone on the frotier was horrified at such an action with the whites saying that they would probably hang him but Cheif Logan who was the womans brother Cheif of the Migoes said he would not put back his tomahawk until he had thirty white scalps. A couple decades later Jacob Greathouse was emigating to kentucky when his boat was attacked by the Shawnee Indians and they decided to get revenge for Ceif Logans dead sister. They took his children tied them to trees and beat them to death with logs, stones and sticks. They took him and his wife tied them up to trees, cut open their stomachs, took their intestines out and tied it to the tree. They ordered them to march arond the tree until they were dead. His wife died instantly only having six feet of her intestines pulled out. Jacob Greathouse though didn't die until he had pulled out 25 feet of his intestines.


Of course I'm not serious about doing that I'd just thought it was good to vent and let it all out. If you have any Ideas or comments please share them.

fitting punishment

Lock him/her (is the ID known yet?) up for a while and keep him/her away from computers for a long, long time.

In fact all 700 may really be people who do those things. We really do not know, do we?

A job at Microsoft.

Then they can teach "Bill" how to secure his software.Failing that,you should get a hardware router/firewall and a Virus scanner like Norton 2003. Or You can Google for "Free virus software" and find any number of Free programs to protect your system.

As an aside, Microsoft issued a security warning about MSBLAST in July'03 with a security patch for all "N" platform machines to thwart infection and too few listened/updated their equiptment until infected.

Get some protection & stay updated;I am on broadband and I get scanned for intrusion hundreds of times a week according to my activity logger.Last Nov.I was hit every 3 seconds for 3 hours straight.I was amazed when I found out how "Busy" the internet really is...just my $.02

to me.

I'm just kidding you know? If you are serious please seek help.

ignored security warnings, even those posted right here on DU (hell, even the FBI released an alert about it to the press) and then bitch about having to fix something that should never have gotten broken in the first place?

Sounds a lot like what is happening in New York etc right now, doesn't it?

I'm sorry your PC got fucked up, but the blame lies (in order of importance) at the feet of Microsoft, the virus creator, and you.

And believe me, I am no big fan of Microsoft at the moment since they are shipping my job to India next month, but....


They issued a patch for this hole weeks before it was exploited.

If an auto maker recalls a car due to a fault and you don't take your car in to be fixed after the recall and it causes you a problem for ignoring it, you have to lay a good portion of the blame on yourself.

The cause of this vulnerability was a faulty part of Windows XP and Server 2003 etc that allowed the worm to take control of the PC. Now I can forgive them for making a faulty application, but here is where it was a TOTAL fuckup on behalf of Microsoft: Most people NEVER use this "feature" yet it is enabled by default and thus was available on most people's PC.

The RPC service should never have been enabled by default, but it was because Microsoft likes to make their software as "user friendly" as possible and therefore they enable basically everything by default.

This makes it easy to set up your computer because all you have to do is install the OS and everything works. But as we saw with this worm being enabled by default means that if there IS a fault in the service, it becomes a vulnerability on most peoples PC. Why not disable it by default and rely on the professionals who actually use RPC (Remote Procedure Calls - something only used in major server installations) to enable it if they need to?

That is why MS is to blame, because they put profit ("Windows XP is so easy to set up, I much prefer it to a secure operating system!") before security.

When I got online. That's when I got infected. I was never sent an E-mail or anything.

I didn't receive any mail that a patch was required and a link explaining it was available. If there was a posting on the MSN home page, I didn't see it. - And I actually read it pretty much daily.

I'm a registered user. I even have done contract work in their offices and I know they're aware of where and how to reach me when my payment is late or they want me to come in a do a little work for them. You'd think this would be at least equally important.

I don't blame Microsoft for not making a perfect product. A lot of folks make less than perfect products. I blame the culture of acceptance and encouragement for hackers and crackers. I blame the dude who designed the worm and unleashed it, somehow thinking that his grudge with Bill Gates was sufficient cause to interfer with the normal discourse of business and interaction for millions of people.

And no, I'm not particularly willing to accept much in the way of blame for the fact my PC was infected. If I had known it was vulnerable, I would have patched it. As soon as I knew there was a problem, I dealt with it. My only "bitching" was that it was fooking inconvenient to deal with. I stand by that statement.

BTW, I had an active, functioning fire wall at the time and a great many ignorant people, - even on this forum, -assured me (in spite of obvious evidence to the contrary) that this kept me safe. Some of y'all might want to think long and hard about what you "know" to be factual.

BTW, I had an active, functioning fire wall at the time and a great many ignorant people, - even on this forum, -assured me (in spite of obvious evidence to the contrary) that this kept me safe. Some of y'all might want to think long and hard about what you "know" to be factual.

I'm not surprised. The "feature" of Windows that caused you to be vulnerable was a known Windows service, thus it is likely that your firewall treated it as a secure port. However, this feature, that I bet you have never used, if you have even heard of it, was sitting there waiting to be exploited.

I don't blame MS for the RPC service (the cause of the vulnerability) being faulty, I blame MS for the RPC service being enabled by default. You never used it, so why was it enabled? Because MS wants their software to appear to be "user friendly" by enabling nearly EVERYTHING and relying on YOU to identify what you don't need and what is a security risk.

They made Windows insecure on purpose, and then did NOTHING to encourage you to think of security yourself. Did you even know that the RPC service was running on your PC? Do you know what the RPC service does? Yet there it was, just waiting to be exploited.

I'm glad I am using Windows ME, it doesn't have the RPC service enabled by default, and Windows ME RPC service doesn't have the bug that made Windows XP vulnerable. Still, ME also suffers from the same kind of mentality - enable everything and rely on the user to make it safe.

but the warning about this vulnerability was all over New Zealand TV news and newspapers long before the worm came out. I saw articles posted here on DU as well.

Maybe it's just me, but it sure looked like there was plenty of warning to me.

you keep forgetting we have a whore media here that would rather focus on Clintons penis instead of stuff that is actualy helpful to the public.

In that vein the answer would be to give him a medal, I guess.

Then it wouldn't have happened to anybody.

:-)

:bounce:

:evilgrin:

Lechter had the guy eating his own brain, scooped out of a large gaping hole from his own skull?

Well, that immediately comes to mind....


But seriously... I just want him locked away where he can do no further harm in solitary confinement!

:)

and all those other thieves we shouldnt be thinking about any such thing to this guy. Not defending virus creation but remember many of the applications we currently use were developed by people such as these. They should find away to use his/her creativity to good use.

I wouldn't kill this little shit no matter what.

which is a phrase I first heard when Code Red and NIMDA hit - because the patches for each had been released long before the exploits started to spread. "There is no such thing as a Code Red infection, there are only unpatched systems."

This one's kind of the same. There is no such thing as an msblast infection, there are only unpatched systems. The patch was released - and heavily publicized, even by the Department of Vaterland Security - a month ago.

And anyone who uses a networked computer in this day and age without adequate antivirus and firewall protection is an electronic Typhoid Mary, or the equivalent of that flight attendant in the book And The Band Played On.

most people didn't even need the patch, all they had to do was disable RPC, and they would have been totally worm free. The vast majority of users don't use RPC so disabling it changes nothing for the user.

Blame MS for enabling RPC by default, even though most people never use it, nor, I would wager, have even heard of it.

Either that, or make the guy use a TRS-80 with a cassette tape storage system. Oh, and no hard drive. Everything on a cassette.

freaking geek

Although I am still a virgin that is still funny to me.

Chat help on Earthlink.com.......and being horribly frustrated I can see a "little" of what you are saying , but your post is GROTESQUE! And it's CRUEL!

YUCK! YUCK! .......I don't think the "internet" frustration and service should be equated with Women and Men being eviscerated and no matter HOW ANGRY I AM....I just can't sink to that level of description posted here on DU even though you read it in a book!

OMG Have some discretion here........this is offensive to many of us dealing with our own problems....Curse and Swear....but this is really "below the belt! :shrug: .........??????????

I would never do that this is fantasy. If you think this is still grotesque I'm sorry but, I made this thread so people could "get the evils out of them".

I did not even get with the worm, but it still hosed up my machine. The IT dept at work demanded that we all install this patch. I installed the patch, now my machine keeps locking up. It will hang for 5 minutes and then come back. I even tried doing Windowsupdate, and letting it install everything but it didn't help. On Monday I am gonna have to reload the entire machine.

:mad:

:nopity: :nopity: :nopity: :nopity: :nopity:

These jerks will exist. I'll agree, Microsoft makes it easier for the jerks to thrive in; but on the other hand, corporate america is getting its just desserts. Microsoft is a typical example of corporate america.

And stupidity of many in my field. Hello folks, it's called "firewall", "pro-active antivirus protection", "common sense when using e-mail"... :eyes: Heck, I'm still figuring out why I haven't been hit and I do a lot of 'net-computing. My network coworker staff at my employer managed to prevent getting hit and we've over 1000 boxes. Yet I know of affiliated employers who've been hit hard. We're obviously doing somethng right and, *gasp*, we're a Windows-based entity! *EEK!!* (so ignore the "Go mac, it's virus free" crowd. They'll humble up when somebody starts hacking them.)

I'll admit my own schedule at work has been uprooted by protecting systems against this damn worm, but it's also a reason to rejoice - it's called "job security".

And Dell for customer support?!! I DO pity you for that! Those are the "certified" cretins who looked at my client's hard drive who said nothing was wrong. (I noticed data corruption indicative of imminent drive failure.) Sure enough, I WAS RIGHT - the drive snuffed it two days later. If Dell is #1 for service, then I'm amazed the PC industry hasn't gone the way of the dinosaur.

As virus go it was a good guy. Sure it played havoc with systems but thats because Bill Gates left a gaping hole in his system. The coder of Blaster did the world a favor in forcing this issue. The security hole is substantial. A hacker could do a lot of damage with this one. If it takes lighting a freaking bonfire to get this one plugged so be it.

There is a theoretical virus being sought within the hacker community refered to as Curious Yellow (named after the first porn movie). The thinking behind CY is a rapidly spreading virus that targets systems that are on the net. Once it infects a system it then seeks to infect other systems. When it comes across a system that it cannot infect it sends a signal out to the other infected systems to initiate a denial of service attack on the immune system there by knocking it off the internet.

This process will give the hacker effective control of the internet. They can then use a back door in the virus and insert new code gaining access to any information being exchanged on the net. Any attempt to remove the virus from the system will result in the rest of the systems knocking it off.

Saphire (hit a couple months ago) may have been a proof of concept virus looking to test rapid transmission style viruses. Blaster was a warning shot across Micro$oft's bow telling them to get their act together.