RE: Authorities eye MSBlaster suspect

["Jason Coombs" <jasonc () science org>]

<mds () helices org> wrote:
> OK, they nabbed a nickel-bagger

come on, the guy is a lot closer to a lovesick youth who couldn't resist
carving his initials in Windows when he saw the chance than he is to a drug
dealer.

we don't know, and chances are that the FBI *cannot* know, whether this person
infected any computers other than his own with his "I LOVE YOU SAN!" "billy
gates" variant. Even if he confesses, I want to see the transcript or
videotape of the interrogation -- I can just see the FBI asking him "so you
admit to obtaining a copy of the Blaster worm and using an editor to tamper
with it, inserting your own messages to Bill Gates and your girlfriend?"
"yes." "and you also admit to sending your worm to other computers using the
Internet?" "yes, I sent copies of the worm to other people using the
Internet."

in computer forensics it's very common for smart, and even well-trained
people, to talk to each other each thinking they understand what is being said
but neither of them bothering to clarify the technical details...

if he made the modifications and gave the modified worm to other people but
didn't cause it to infect anyone else's computers, then what crime is he
guilty of exactly? criminal misuse of a hex editor?

we're not under arrest so it's easy for us to convict the suspect based on the
premise that he modified the binary therefore he's guilty of attacking
computers with it, but most of us had a copy of the binary long before he did
and many of us gave copies to other people...

let's not jump to conclusions and revoke this person's civil, constitutional,
and human rights.

-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com]On Behalf Of Paul Schmehl
Sent: Saturday, August 30, 2003 6:12 AM
To: full-disclosure () lists netsys com
Subject: Re: [Full-disclosure] Authorities eye MSBlaster suspect


--On Saturday, August 30, 2003 9:24 AM -0500 Michael D Schleif
<mds () helices org> wrote:
> OK, they nabbed a nickel-bagger; let's not get carried away!
>
> This kid is small potatoes, compared to other vermin spreaders, and we
> -- on this list, at least -- know that as fact.
>
> It's one thing to make an example of this kid; it's quite another thing
> to put a lid on this whole wormy Internet thingy . . .
Trust me, work is being done to catch other ones as well.

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html