Schneier on Security
A blog covering security and security technology.
« Kill Switches and Remote Control |
| Dan Wallach on Electronic Voting Machines »
July 1, 2008
Nugache Worm Writer Arrested
A 19-year old from Wyoming will plead guilty.
Posted on July 1, 2008 at 12:57 PM
• 19 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
"A 19-year-old hacker is agreeing to plead guilty to masterminding a botnet"
Mastermind! More like simplemind.
I guess the new media hype is anybody with a computer is a master. Worms are mindless.
"An 18-year-old suspected of masterminding a botnet-fueled international cybercrime network has appeared in a New Zealand court."
WASHINGTON: The Pentagon said yesterday it had charged the alleged al-Qa'ida mastermind behind the October 2000 attack on the USS Cole...
Terrorists and hackers, our masters. More like slaves to bad ideas.
"Today's hackers are part of the organised criminal gang fraternity interested in only one thing - your company's money."
Instead of targeting masterminds, why not take down entire OC networks of hackers? Picking off one person requires tremendous resources, the resources that could be taking down entire networks of criminals. They got one kid. Big deal.
"Instead of targeting masterminds, why not take down entire OC networks of hackers?"
Because the police (including the FBI) are practically clueless about "cyber-whatever".
So they do what they can and then claim that the ones they can bust are "masterminds" so it looks like they're accomplishing something.
It seems easier to ID networks of people causing harm than picking out one person. What this says is he was a one man crime wave, when in fact he could of been ripping off the mob in which case he would of been taken out by other criminals. This makes police work easier. Watch who you rip off, they might be worse than you. Maybe getting arrested saved him from a worse fate, saved him from himself.
Wait, didn't Sony/BMG executives do a same thing? Install Unauthorized software on computers? How many of them are sitting behind bars?
Let's apply the law equally!
"Mastermind! More like simplemind."
It seems to be popular nowadays to use words like "simplemind" as meaningless terms of abuse - applying them to anyone whom the writer dislikes.
The perpetrator in this case was a thoroughly bad person, a criminal, who did a lot of damage to a lot of people. But he was not a "simplemind". He was clever - intelligent and inventive. There is no contradiction in recognising cleverness (or courage, or any other quality which in other contexts is admired) in a bad person. It does not in any way connote approval of criminal acts.
'"All of the data stored on the compromised machines would be available to defendant, including, but not limited to, credit card information," according to the plea agreement.'
Well yes, I suppose if the Credit Card number was on or was keyed into the machine, that would be included in the "all the data" category. Really, is it just me or are these articles unnecessarily dramatic?
Sony...That was DRM...."At that point I knew conclusively that the rootkit and its associated files were related to the First 4 Internet DRM software Sony ships on its CDs. Not happy having underhanded and sloppily written software on my system I looked for a way to uninstall it. However, I didn’t find any reference to it in the Control Panel’s Add or Remove Programs list, nor did I find any uninstall utility or directions on the CD or on First 4 Internet’s site. I checked the EULA and saw no mention of the fact that I was agreeing to have software put on my system that I couldn't uninstall. Now I was mad."
Gone too far. Very complete account.
money going from stupid people to poor smart kids seems okay to me
Clearly the media is unfamiliar with levels of bot herding.
With only 15,000 bots he is barely past newbie and reaching grasshopper.
Above 100,000 bots he might be hitting mastermind status to some, but would be called a level 13 bot master.
"'Prosecuting some kid in Wyoming isn’t going to make a difference' to international hacking groups, Schneier said."
I think the point is to make a difference for the victims who lost money, no? The alleged has agreed to pay restitution.
Are you seriously trying to suggest that prosecuting a criminal is pointless unless it resolves absolutely all criminal behavior? What kind of "difference" do you require?
OMG the size of the botnet is not make someone better hacker when he didn't even write the code, but from other hand if someone can't code it's hard to make a huge size of net. Since in this case he wrote Nugache he is in the 10% of the whole botting community next to the 90% useless people.
I always thought New Zeland would be a great country to live -not to live at the front of the computer- but that's probably true that most of the people considering his own circumstances to the bottom line and try to do something to make it better, pbly the guy couldn't imagine what's like living in a country like Romania or Russia.
And from what I heard that New Zeland isn't a hightech paradise with full of jobs either but programming is popular there too, so I can't really understand why would someone waste his skills to code a bot and make small money and get caught...
"Lawyers for Linux programmer Hans Reiser suggest he might be mentally incompetent in a recent court filing."
Maybe this worm writer is mentally incompetent and that's why he was caught. Too much computing can get anybody confused.
Nostromo "The perpetrator in this case was a thoroughly bad person, a criminal, who did a lot of damage to a lot of people."
You don't know that. He could be mentally unstable. So could you.
Hahaha.. that's true william.
"Are you seriously trying to suggest that prosecuting a criminal is pointless unless it resolves absolutely all criminal behavior?"
Can I assume that while quoting him, you forgot to include the part where Bruce said anything remotely like that?
why not sue microsoft for endangering homeland security?
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.