http://story.news.yahoo.com/news?tmpl=story&ncid=&e=2&u=/ap/20030829/ap_on_hi_te/internet_attack

ST. PAUL, Minn. - A Minnesota teenager known online as "teekid" was arrested and placed on electronic monitoring Friday for allegedly unleashing a version of the "Blaster" computer worm that infected thousands of computers.
House arrest? Throw that asp whole into the slammer!


Parson apparently took few steps to disguise his identity. As a byproduct of each infection, every victim's computer sent signals back to the "t33kid.com" Web site that Parson had registered in his own name, listing his home address. The computer bug also included an infecting file called "teekids.exe" that experts quickly associated with Parson's Web site: Hackers routinely substitute "3" for the letter "e" in their online aliases.

And get a load of this quote:

"I guess we should praise the Lord for stupid people, right?"

This punk is just a copycat poser. Now the Feds need to catch the creators of the original MSBlaster worm and the Sobig.F virus.

I agree with zakur. t33kid isn't even good enough to be considered a script kiddie. No way is a loser like that the brains behind the worm.

The news said the maximum possible penalty for this little weasel is ten years in prison and a $250,000 fine.

That's not enough.

They should chop his hands off and gouge out his eyes. For starters.

"Throw that asp whole into the slammer"

funniest thing I read in here in weeks :dl:

Teen says worm case exaggerated by feds (http://www.grandforks.com/mld/grandforks/news/6677889.htm)

"I am extremely concerned that the government is trying to make an example of me," Parson said, in a transcript posted on MSNBC's Web site. "I understand that the government needs to catch someone for these crimes. I'm not the one they need to get."

Jail time would be rough- he hasn't even graduated from high school. But he did intentionally send out a virus- shouldn't he go to jail? Here at work we have many scientific instruments that went down with the virus, then the Microsoft patches because of the software incompatibilities, so it delayed research. Hmm, guess those kids will have to wait for the cure for their cancers so some 18 yr old douche bag can get his rocks off "fighting the man." 10 years ought to do it.

Originally posted by zakur
Teen says worm case exaggerated by feds (http://www.grandforks.com/mld/grandforks/news/6677889.htm)

"I am extremely concerned that the government is trying to make an example of me," Parson said, in a transcript posted on MSNBC's Web site. "I understand that the government needs to catch someone for these crimes. I'm not the one they need to get."
OF COURSE they will make an example of him.

According to court papers, Parson admitted during an interview with the FBI and Secret Service agents that he created several variants of a computer worm known as "Blaster."
And notice he is accuses the Feds of exaggeration, not fabrication. His whining amounts to "I didn't build the bomb, I just threw it into a crowded room with a lit fuse".

Originally posted by arcticpenguin
And notice he is accuses the Feds of exaggeration, not fabrication. His whining amounts to "I didn't build the bomb, I just threw it into a crowded room with a lit fuse".

After crippling it, making it a much less effective bomb than it was before...

A bomb is still a bomb, just like a virus is still a virus even if you "make it less effective".

From the article http://www.grandforks.com/mld/grandforks/news/6677889.htm


Prosecutors said Parson's worm affected at least 7,000 computers; he is the first person charged in the computer attacks.

That's pretty bad. Considering the virus screws computers up in order to infect them and shuts down RPC server (which is needed by many programs or causes your PC to reboot depending on the settings) I'd say the kid did a fair bit of damage.

He deserves whatever he gets - don't do the crime if you can't do the time.

Originally posted by shanek


After crippling it, making it a much less effective bomb than it was before...

Originally posted by ImpyTimpy
He deserves whatever he gets - don't do the crime if you can't do the time.

Can he not be charged with terrorism, or is that still a bill in Congress?

If it passed (I really need to keep up with such things) it is theoretically possible he can spend his life in jail.

I doubt it, I think the article mentioned the writer of "Melissa" only got 2 years in jail. I might be wrong since I'm quoting from memory (too lazy to look it up).

Originally posted by ShowMe


Can he not be charged with terrorism, or is that still a bill in Congress?

If it passed (I really need to keep up with such things) it is theoretically possible he can spend his life in jail.

Listen, guys, put down your pitchforks and your torches.

Do you honestly think that temporarily disabling 7,000 computers is cause to spend ten years in prison?

I'm looking at you, Quasi.

It took me ten minutes to fix my roommate's computer, because she ins't responsible enough to patch.

7000 computers @ 10 minutes each = 70000 minutes.

That's 48.6 days of disruption total. And you want him in prison for ten years. That's certainly not a kneejerk reaction, is it?

If one minute of computer down time is worth 75 minutes in prison ((10 years (5256000 minutes))/70000 minutes), I hope no one here accidentally trips over a power cord anytime soon.

Oh, and P.S.: calling him the author of a "variant" is like calling me a playwright for scribbling my name of the cover of
Titus Andronicus.

Interesting, but you're only thinking from a home-user point of view. Of course, as a home-user, the downtime might only be a couple of days at most until it gets fixed. Some non-critical data might be lost, who knows, but the only person effected will be the end-user.

You're not thinking about critical computer systems that could've been effected (and in Quasi's case were). What that loser did can not be excused.

Originally posted by LFTKBS
Listen, guys, put down your pitchforks and your torches.

Do you honestly think that temporarily disabling 7,000 computers is cause to spend ten years in prison?

I'm looking at you, Quasi.

It took me ten minutes to fix my roommate's computer, because she ins't responsible enough to patch.

7000 computers @ 10 minutes each = 70000 minutes.

That's 48.6 days of disruption total. And you want him in prison for ten years. That's certainly not a kneejerk reaction, is it?

If one minute of computer down time is worth 75 minutes in prison ((10 years (5256000 minutes))/70000 minutes), I hope no one here accidentally trips over a power cord anytime soon.

Oh, and P.S.: calling him the author of a "variant" is like calling me a playwright for scribbling my name of the cover of
Titus Andronicus.

ImpyTimpy wrote: You're not thinking about critical computer systems that could've been effected (and in Quasi's case were). What that loser did can not be excused.

And if the administrator of those systems didn't apply the patch that would've prevented the infection s/he should be fired and prevented from working in IT for ten years.

Originally posted by LFTKBS
It took me ten minutes to fix my roommate's computer, because she ins't responsible enough to patch.

7000 computers @ 10 minutes each = 70000 minutes.
Well, for just one example, I ended up helping someone who uses her computer for her home business. She had revisions she had to make for her customer, but her machine was so messed up that she couldn't keep it up long enough to apply the patches. She ended up delivering late to the customer.

Another example. Maryland DMV was shut down for a day. You know how much that costs in labor?

My companies' IS department spent at least a day working on all of the companies computers.

That's a lot of money, in just a couple of examples. I'm sure others were hurt a lot worse.

"but her machine was so messed up"

MSBlast - both original and variant - was pretty horribly written. That RPC error pop-up was a red flag that something was wrong. Kill the process (or change RPC settings so it doesn't automatically reboot) and fix the problem.

Look - I'm not happy that MSBlast was released. I don't like teekid, and I don't like the original author, whoever that is. But chopping off of hands? Ten years in prison? That's barbaric, folks.

Also, please answer this: if you are using a system for mission critical data, why is it an unpatched, unfirewalled, all-ports-open-and-accepting-connections Windows machine?

The same reason people don't backup their data.

All well and good but some companies that rely on computers for critical data storage don't have their own in-house IT people. A lot of people that use those computers are not even computer literate (they only know how to enter the data).

Originally posted by Skeptoid

And if the administrator of those systems didn't apply the patch that would've prevented the infection s/he should be fired and prevented from working in IT for ten years.

First of all, you're blowing things out of proportion yourself. I already said the "Melissa" virus writer only got 2 years in prison. This kid only modified the original code, so his sentence will be much less.

Second of all, in order to kill the process or change the RPC server settings you need to have some technical skills. Your average user does not.

Third of all, you need a good IT company to secure your computer at the start (it costs money). Even then, when the computer is secure, there is always going to be a new exploitable vulnurability. That's just a fact of life. The people using those computers are not technically capable enough to keep up with the latest security features and going back to their good IT company means their running costs will go up (sometimes through the roof).

Originally posted by LFTKBS
"but her machine was so messed up"

MSBlast - both original and variant - was pretty horribly written. That RPC error pop-up was a red flag that something was wrong. Kill the process (or change RPC settings so it doesn't automatically reboot) and fix the problem.

Look - I'm not happy that MSBlast was released. I don't like teekid, and I don't like the original author, whoever that is. But chopping off of hands? Ten years in prison? That's barbaric, folks.

Also, please answer this: if you are using a system for mission critical data, why is it an unpatched, unfirewalled, all-ports-open-and-accepting-connections Windows machine?

Even when you do your backup regularly, you're not going to have up to the minute data saved. If the system crashes, you lose whatever data you had up to your last backup...

Originally posted by Torlack
The same reason people don't backup their data.

Reality check:

The Blaster worm was already on the loose when the dumb kid messed with it and rereleased it. He didn't create a new virus.

The Blaster worm can only infect a system that is run by a culpable incompetent. You either have to be running an unpatched machine that automatically executes files sent to it, or running an unpatched machine with a user dumb enough to manually execute files sent to it.

If you're using such a machine for mission critical business applications, then ... well... you're dumb and you would have taken a fall with or without teekid's help.

So saying his virus infected 7000 computers is rubbish. I'd go so far as to say it is a lie cooked up to demonise the kid. Some, probably most of those 7000 computers would have gotten the original Blaster or SoBig anyway.

Slap his wrist good, I say, but save the hate for the real villains. The ones who write the original virii, and the ones at Microsoft who release systems that are criminally vulnerable.

I use a Mac. No viruses for me!

Originally posted by Kevin_Lowe
Reality check:

The Blaster worm was already on the loose when the dumb kid messed with it and rereleased it. He didn't create a new virus.

The Blaster worm can only infect a system that is run by a culpable incompetent. You either have to be running an unpatched machine that automatically executes files sent to it, or running an unpatched machine with a user dumb enough to manually execute files sent to it.

Kevin, I don't think you understand how the virus actually works... The virus overloads a buffer on the target computer causing it to execute code sent in a malformed message. Basically once the initial code is executed the virus then downloads the rest of itself into the computer, without you knowing. The user doesn't have to do anything, no "executable files" are sent.


If you're using such a machine for mission critical business applications, then ... well... you're dumb and you would have taken a fall with or without teekid's help.

Once again, you don't seem to grasp how this virus operates. The only way to stop it was to keep up with critical updates from microsoft before you became infected.


So saying his virus infected 7000 computers is rubbish. I'd go so far as to say it is a lie cooked up to demonise the kid. Some, probably most of those 7000 computers would have gotten the original Blaster or SoBig anyway.

First of all, that's what you think. The prosecution has said 7000 computers, not the newspapers, not some guy around the corner. If you choose not to believe them, that's your business.

The virus spreads fairly fast (depends on bandwidth available) so 7000 computers is not much at all for this sucker.

Slap his wrist good, I say, but save the hate for the real villains. The ones who write the original virii, and the ones at Microsoft who release systems that are criminally vulnerable.

I use a Mac. No viruses for me!
Once again, the "Melissa" virus writer got 2 years in jail. The idiot will get much less, that we can be sure of. However, we shouldn't make light of this situation. What that moron did is inexcusable.

Originally posted by ImpyTimpy

Kevin, I don't think you understand how the virus actually works... [/B]

You know what?

I went and checked. You're right and I'm wrong.

I obviously got muddled. Sorry about that.

As a byproduct of each infection, every victim's computer sent signals back to the "t33kid.com" Web site that Parson had registered in his own name, listing his home address.


Every master criminal makes one, fatal mistake.

NA