MyDoom Windows Worm DDoSing SCO 694
We mentioned the myDoom Worm just a few hours ago, but more information is available now, mainly that its ultimate goal is apparently to DDoS SCO. You can see some more detail at NetCraft. Obviously SCO has a lot of enemies out there right now, but it's always sad to watch someone stoop to this level.
SCO probably wrote it (Score:3, Insightful)
Nothing.
Re:SCO probably wrote it (Score:3, Insightful)
This stinks - easy PR for SCO (Score:5, Insightful)
Re:SCO probably wrote it (Score:5, Insightful)
No, not all of us support actions like this against SCO. It does drag people down to their level acting like this, but in the end, frustration does that to people. Not everyone, but some.
SCO has now, for a full 12 months, made threat after threat, claim after claim, that they can't backup, but there's no way to stop them. People get frustrated by their continuous whining.
A fly buzzing around my head annoys me. Usually, I'll slap it and kill it. That's taking me down to far below its level, but it's satisfying. Given several hundred million people annoyed with SCO, I'm surprised more haven't acted this way towards them.
Damn those ignorant anti-virus idiots! (Score:5, Insightful)
I wish people would stop with the DoSing of SCO (Score:3, Insightful)
Mewyn Dy'ner
Re:Something Doesn't Add Up (Score:5, Insightful)
Could be some PCs with badly set clocks. Well, you know those windows users, they don't set their system clocks, have 00:00 blinking on their VCRs, use outlook and click on every fscking single attachements that made it into their mailbox.
This injures our reps, not SCO's (Score:5, Insightful)
We're right, and we know it. No self-respecting geek would stoop to participating in a DDOS in general, not to mention one against someone/something we consider to be morally bankrupt. We know that we can only claim the moral high road only if we actually stick to the high road... right?
It would be really interesting to find out if it's just some kids behind it, who aren't aware of the difference between right and wrong, or whether it's an entity who has a vested interest in making us look bad...
Re:Please, stop it with the "holier than thou"... (Score:2, Insightful)
No worm is a good worm, even if it does happen to also attack the (other) company we all love to hate.
Re:Something Doesn't Add Up (Score:5, Insightful)
Preach on, brother. I wish some sysadmins would get a clue and realize that with viruses spoofing the From: address, there is no fscking point in sending the "you sent me a virus" panic mail. All it does is bother the wrong people.
OK.. This is wrong on so many levels... (Score:5, Insightful)
But it's not DDOSing now. The attack is set to begin February 1st and end on the 12th.
The virus affects computers running Windows versions 95, 98, ME, NT, 2000 and XP.... The virus also copies itself to the Kazaa download directory on PCs, on which the file-sharing program is loaded.
I'm thinking, wow, whoever wrote this covered all the bases. He/She even got the Kazaa people.
Anyway, why don't ISPs, just for the time being, ban connections to SCO.com? It's not like it's a huge Internet portal or anything, and us geeks who actually need access to the site can just set up a mirror or something.
Re:SCO probably wrote it (Score:4, Insightful)
Re:Killing two ugly birds with one stone (Score:2, Insightful)
No, it makes the hacker community, which the with the marketing power of SCO and Microsoft may as well be synonomous with the OSS or FS communities, look bad. From the layman's perspective viruses aren't the fault of Windows - they are glad Microsoft is around to release patches to fix what the hackers broke.
2. The DDoS attack goes after every Linux lover's most hated target, SCO.
Yeah, it does and more than a few people are at least smiling to themselves here that SCO is finally getting punished in some way when they've been doling out the threats, extortion policies, etc for so long seemingly unchallenged. But it's still the wrong way to do it and the right way will come.
Patience is a virtue. Viruses are more likely to hurt the Linux community than Microsoft. Even in terms of monetary losses, this virus has just pushed my companies bandwidth usage over the monthly maximum - it's gonna cost me and I wouldn't touch a Windows machine with a 10 foot pole.
-N
Re:Please, stop it with the "holier than thou"... (Score:5, Insightful)
They deserve to have their claims refuted in a court of law, and hopefully they will have to pay damages, court costs, and issue full and public apologies, before going bankrupt. If it can be proved that they deliberately lied in these claims, they also deserve criminal charges brought against them.
Vigilanteeism, however, is just malice operating under false pretenses.
Welcome to my foes list.
Another Day on the Wild Wild Web (Score:2, Insightful)
Re:Killing two ugly birds with one stone (Score:1, Insightful)
It exploits stupid users who click attachments. This can be prevented by the User-Stupidity-And-Knowledge-Enhancment Patch, V2.0.
Re:Killing two ugly birds with one stone (Score:5, Insightful)
Actually it's a mass mailer, so all it's doing is making user's look retarded. Again.
2. The DDoS attack goes after every Linux lover's most hated target, SCO.
Well yes, it does. But it ain't going to help our cause at all, is it?
Having said that, I'm going to get me some popcorn and settle down in front of Netcraft >: )
Re: I don't think so (Score:3, Insightful)
In fact the case could be made that virus-writers are expert Winduhs developers...
Re:Maybe, maybe not (Score:4, Insightful)
Info here [trendmicro.com].
It would seem that the real goal is to show how many people are stupid enough to still click on attachments when they have no idea what the fuck they are.
Re:But, damn it! (Score:5, Insightful)
I'd recommend that we on the side of Free Software study the anti-abortion tactics with dealing with such incidents. The first, and most obvious step, is one that was taken last time: immediate and honest sounding disavowel of the actions of the DOSer. Its going to get old for RMS, ESR, Linus, Perens, etc continuously getting out and saying the same thing ("We don't support this, its wrong. We're still right, but the virus writers aren't with us, etc, etc, etc"), but it needs to happen.
I honestly don't know what the other successfull tactics are. I need to study how the respectable majority in the anti-abortion movement deals with its nutbags. Can anyone think of other movements with similar problems that we should look into?
Opportunity knocking... (Score:5, Insightful)
I propose that the we work on a patch for this worm and get it out there ASAP, that way only tin foil hat wearing goofballs will believe we are behind this...
Re:This is not one of SCO's enemies... (Score:5, Insightful)
Or someone who doesn't give a damn about SCO, and merely wants to distract attention away from their real goal of turning millions of end-user PCs into zombies to do their future bidding.
Hmmm... who would be interested in that <cough> spammers <cough> and has an established history of it?
Re:Please, stop it with the "holier than thou"... (Score:3, Insightful)
I see we meet again...
How do they "deserve" this, exactly? This is a mass-mailing worm propogating through unprotected (as in, the people aren't updating their defs and opening the attachments) machines and opening backdoors that could easily be used later as spam relays.
On top of that, how many machines are going to simulatneously rear to life on the 1st and begin transmitting data requests back and forth between www.sco.com and all the different boxes? What effect will that have on the rest of us? While we're talking about the rest of us, I keep getting e-mail bounces thanks to these goddamn morons that have my e-mail address and keep getting themselves infected. And, no, I can't just not give them my address.
Finally, IBM is perfectly capable of handling SCO. I'd like to recognize you for your gullibility, since you've falling to the SCO Threat-o-matic. In case you haven't figured it out yet, SCO has not, can not, and will not make any credible threats against Linux in general and they haven't followed through on any of the other gum-flapping to date. With a few scatterbrained exceptions, nobody is really taking them seriously anyway. Let IBM deal with IBM's problems and drop your smug facade. The only reason you're so pissed off at SCO is because you don't know what's going on, but you like to sound "cool" by bashing them like a lot of the other Slashdotters here. That's fine, nothing wrong with bashing them, but at least try to stay grounded in reality where the thing is pretty contained to a few clueless media outlets, IBM, SCO, Red Hat, and Novell.
God... do you have an MBA or are you otherwise in management by any chance? I ask, because every time we've ever crossed swords, I've gotten the distinct impression that you're living in your own little world and reality just never comes into your decision-making processes.
Mad (Score:5, Insightful)
And I don't even use any Microsoft products.
When is somebody going to file a class-action lawsuit against Microsoft for continuing to fail to address the security holes in Windows? I mean, it's been thirteen years since Michelangelo, and still all it takes for a virus to rape Windows is for a user to double-click on an email attachment.
You guys are amazing... (Score:5, Insightful)
I do agree with those who are suspicious of the motives - I think the SCO attack is just a front to increase the spread. Some morons will undoubtedly put intentionally infected machines out there, which will be more effective as Spammer relays than as drones to attack SCO. Anyone intentionally letting a machine become infected should have the book thrown at them. It amazes me how stupid very intelligent people can be sometimes.
Lets SCO claim it was "Linux hackers" (Score:5, Insightful)
If SCO is attacked they should pursue this with the appropriate authorities. I hope the perpetrator is caught, brought to justice and fairly punished.
The OSS community should be completely unambigous about this matter, illegal means have never been supported or encouraged in order to promote the aims of OSS, not only because it is immoral but also completely unnecessary and childish.
I am appalled that the response of many around here is "SCO deserves it". No dear slashbots, nobody deserves that their resources are abussed in this manner, not even SCO. I am behind them in any action they wish to pursue against the perpetrators, but equally I hope (perhaps in vain) that they will not do false claims without the knowledge of whom and why did this.
I am also peeved that people here are not unambigious about the condemnation of this DOS attack. This is not only illegal and immoral but also counter productive and it would be nice to see complete and unambigous condemnation of these tactics.
Do you want to show OSS tactics and aims are reasonable and beneficial? A wonderfule way would be for true hackers organizing themselves and try to identify, shame and denounce the perpetrators of this (or any other) charade.
Only because people have remained silent and unwilling to help the Internet, bit by bit, little by litte, is being taken away from us, but alas, we have not protected it as it deserves.
Re:SCO probably wrote it (Score:1, Insightful)
DDOSing a website does nothing to shut them up. One would practically have to be a teenaged script kiddie to think so.
Re:Transmission require OE? (Score:1, Insightful)
Re:It is a sad day... (Score:1, Insightful)
In addition, what does SCO being the target of this have to do with 'pirates'? Are you referring to pirates in the classic sense, or in the misused 'copyright infringing' sense?
I don't know why your comment is considered interesting by the moderators, as your reasoning is poor at best. At least your post title has some merit: The fact that you got modded up makes this a sad day indeed.
Re:Damn those ignorant anti-virus idiots! (Score:4, Insightful)
I mean, what happens when user 'joe' gets a couple of "WARNING: You sent me a virus" in their email? They come running to me "just to make sure", and I will have to explain for them how the email protocol works... AGAIN... sigh... for, what is it, the 10:th time that day.
Here is a hint to people writing these crappy anti-virus/worm filter: make sure you **ONLY** send a bounce IF the detected virus is on A **WHITELIST** for viruses that always send themselves WITHOUT A FORGED SENDER ADDRESS. If you send *any* other bounces, you are a part of the problem -- not the solution...
Re:But, damn it! (Score:3, Insightful)
The Palestinians, maybe? They're not all suicide bombers, but some people don't seem to make the distinction. The lesson there seems to be to stay the hell away from morally questionable leaders (like Arafat), because your whole community will be tarred with the same brush.
SPF (Score:3, Insightful)
All that said, I'm feeling really lucky to have installed amavis-new/clamav last night. I didn't even know this was coming, and it's caught about 200 messages already this morning.
Nobody Touch Nothin' (Score:5, Insightful)
SCO has enough enemies to worry about, and they can point fingers all they want. They do not deserve an olive branch, they did not ask for one -- do not take the bait and proactively offer one. You will lose fingers.
-Hope
Re:SCO probably wrote it (Score:2, Insightful)
Re:Something Doesn't Add Up (Score:2, Insightful)
The international date line isn't some magical gateway that adds or subtracts from your date. It doesn't work like that.
Ok, start in Japan on noon at February 1st. Head towards the international dateline. Assume you move at infinite speed, so when you get there it's only the timezone difference, which IIRC is +3 hours from japan, but it's irrelevant whether that 's right or not. So it's Feb 1, 3:00pm on the western side of the dateline. Cross the international dateline, and now it's Jan 31, 4:00pm. Go all the way around half the world now to the prime meridian. The time increases by 12 hours, making it Feb 1 again! At 4:00am. Now go around the world at infinite speed until you get to the international dateline. Cross over it again. It's Jan 31 at 4:00pm again. Continue ad nauseum if you like. It will continue to be either Feb 1 or Jan 31.
No matter how fast you go, no matter how many times you cross the international dateline, it will not 'wind up' or 'wind down' the date to arbitrary values. Indeed, it exists to prevent exactly that very thing from happening. If the date never changed at the international dateline, then you could continue going around the world in an easterly fashion, and just keep adding +24 hours to the time/date for every time you went around the earth.
All of this is ignoring the fact that emails MUST include the timezone and offset on every date, so they are able to handle this sort of thing by themselves.
The Public Wants a Fair Fight (Score:3, Insightful)
This is one of the reasons that I don't believe it was created by anyone in the OSS community. The general concensus has been to wait for IBM to knock SCO clear out of the ring in just under two weeks. A DDOS at this time would be completely unexpected and anticlimactic. It's more likely a private joke in the distributed spam world, and locating and bringing those idiots to justice would be time well spent.
-HopeOS
Guy's a prick (Score:1, Insightful)
I would have asked him whether he did the same thing on September 11th. There's nothing amusing about being an ignorant asshole.
Re:But, damn it! (Score:3, Insightful)
Because if people say "Free Software" and the general public thinks "Virus writers" we're definately worse off. So far our "leaders" (if such a term can be used with regards to people like us) have done a pretty good job of condemning the nutbags on our side, even admitting that they are (theoretically at least) on our side. Is that all the Palestinians can teach us here? Condemn the bad guys quickly and unambigiously?
.
FOOTNOTE: To try and avoid derails: I'm not saying that its right for the general public to think "Suicide Bomber" when they hear the word Palestinian, I'm just saying that they do. The ethics and rightness of the Palestinian movement isn't the topic I'm trying to raise, the fact that its an enormous PR failure is.
Re:Really? (Score:3, Insightful)