homepage Welcome to WebmasterWorld Guest from 54.167.11.16
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Local / Foo
Forum Library, Charter, Moderators: incrediBILL & lawman

Foo Forum

This 72 message thread spans 3 pages: 72 ( [1] 2 3 > >     
Mariposa Virus Botnet Hacker Arrested
engine




msg:4177847
 11:58 am on Jul 28, 2010 (gmt 0)

Mariposa Virus Botnet Hacker Arrested [bbc.co.uk]
A computer hacker known as Iserdo has been arrested in Slovenia.

The 23-year-old is believed to have written the programme behind the mariposa virus, also known as butterfly.
"To use an analogy here, as opposed to arresting the guy who broke into your home, we've arrested the guy that gave him the crowbar, the map and the best houses in the neighbourhood," Jeffrey Troy, deputy assistant director for the FBI cyber division told Associated Press.

 

incrediBILL




msg:4177853
 12:06 pm on Jul 28, 2010 (gmt 0)

infecting 12.7 million computers.


I think a fair sentence would be exactly ONE day in jail per each machine infected, or 34,794 years, to run consecutively with no chance for parole.

[edited by: incrediBILL at 12:38 pm (utc) on Jul 28, 2010]

pawas




msg:4177854
 12:10 pm on Jul 28, 2010 (gmt 0)

I think one slap each infected machine will be good.

wyweb




msg:4177858
 12:21 pm on Jul 28, 2010 (gmt 0)

There are other Iserdo's out there. Hundreds, maybe even thousands. Busting one makes some news but no real impact.

Guy's only 23 years old too.. what a friggin waste...

incrediBILL




msg:4177859
 12:31 pm on Jul 28, 2010 (gmt 0)

Busting one makes some news but no real impact.


Any time you shut down someone controlling 12.7M machines it makes an impact.

Anyone with that much horsepower on the web could DDOS literally anything and take it offline if they wanted to do it.

I think one slap each infected machine will be good.


Assuming 10 slaps per minute it would only take 2.4 years if I did the math right.

That's just letting him off with a slap on the wrist :)

I prefer 1 day incarceration per machine infected.

wyweb




msg:4177867
 12:40 pm on Jul 28, 2010 (gmt 0)

Any time you shut down someone controlling 12.7M machines it makes an impact.

Point taken.

grelmar




msg:4177882
 1:03 pm on Jul 28, 2010 (gmt 0)

Guy's only 23 years old too.. what a friggin waste...


He'll do a year or two (at most) and then make a mint as a "Security Consultant" if the pattern holds.

Sylver




msg:4177996
 3:47 pm on Jul 28, 2010 (gmt 0)

infecting 12.7 million computers.

I think a fair sentence would be exactly ONE day in jail per each machine infected, or 34,794 years, to run consecutively with no chance for parole.

Don't exaggerate. 1 second of jail per infected computer would be quite enough.

If he walks free in 146 years, I think we could live with that.

engine




msg:4178050
 5:08 pm on Jul 28, 2010 (gmt 0)

Wait, jail is the wrong kind of punishment. If found guilty, he should be put to work to do good for a very long time. No computers at all. Make him work in social service somewhere.

yaix2




msg:4178077
 5:40 pm on Jul 28, 2010 (gmt 0)

or 34,794 years, to run consecutively with no chance for parole.


And that would achieve what?

incrediBILL




msg:4178084
 5:48 pm on Jul 28, 2010 (gmt 0)

And that would achieve what?


Deter the next idiot who thinks he'll get a slap on the wrist 2-4 years for hacking millions of machines.

If hacking millions of machines turns into a life sentence then people might decide to do something else with their life.

Seriously, it'll take more time than this guy's life to fix all those machines he messed up, not to mention he was stealing financial information, ruining many people's lives.

It's only fair his is ruined too.

Make him work in social service somewhere


He can do that from jail and/or chain gang or work release program.

Last thing we need it to leave some idiot like this unsupervised where he could get a hold of a computer again.

LifeinAsia




msg:4178086
 5:50 pm on Jul 28, 2010 (gmt 0)

I think a fair sentence would be exactly ONE day in jail per each machine infected, or 34,794 years, to run consecutively with no chance for parole.

I dunno. An injection program of 1.27 million non-computer viruses seems to be more fair to me. Do it the way they do things in Singapore with caning- the criminal doesn't know until the last minute when the sentence will be carried out. Every day (or hour) he gets an injection with some innocuous virus. But somewhere along the line, injections of Ebola and other nasties are scheduled.

incrediBILL




msg:4178095
 5:57 pm on Jul 28, 2010 (gmt 0)

Forget Singapore, I think China [groups.csail.mit.edu] has it right:

China does not seem to possess any written law or code specifically outlining its computer crime statutes. Instead, trials are held by the force of military law, and harsh punishments are handed out, often in an execution style manner.

yaix2




msg:4178140
 7:37 pm on Jul 28, 2010 (gmt 0)

Deter the next idiot who thinks he'll get a slap on the wrist 2-4 years for hacking millions of machines.


Just that in reality, it doesn't. People who commit crimes tend to be the ones that do not really think too much about consequences.

Much smarter would be to get the kid back on track and maybe in 5 years he understands what he did and becomes one of the "good guys". You do not only save a human life but also a lot of tax dollars/euros and he will pay his income tax too. And probably will even able to pay for some of the damage he has caused.

Samizdata




msg:4178159
 8:14 pm on Jul 28, 2010 (gmt 0)

does not seem to possess any written law or code specifically outlining its computer crime statutes. Instead, trials are held by the force of military law, and harsh punishments are handed out, often in an execution style manner

Firing squad, electric chair, lethal injection, gas chamber, hanging, garrotting, stoning, boiling in oil, crucifiction... and after all that we can hear the case for the defence (or go to lunch).

Justice must be seen to be believed.

...

incrediBILL




msg:4178166
 8:21 pm on Jul 28, 2010 (gmt 0)

People who commit crimes tend to be the ones that do not really think too much about consequences.


See, that's why back in the olden days those public executions with the guillotine, where they separated your habits from your ideas, were so effective.

Criminals saw first hand what would happen.

Today our justice system is way too sanitized, they don't show executions on TV, that's why criminals don't think twice.

Remember the movie "Running Man"?

That would be perfect as it turns criminals into both a televised profit center and a public spectacle :)

Criminals watching "Running Man" air daily would probably think twice trying to avoid such a fate.

Who am I kidding, they would just keep being criminals but we'd have more fun watching them get punished on live TV :)

BillyS




msg:4178176
 8:50 pm on Jul 28, 2010 (gmt 0)

I would expect all personal possessions would be taken from this person too. I cannot imagine the cost to repair all these machines. I'm thinking hundreds of millions or even billions of dollars in damage.

Samizdata




msg:4178189
 9:10 pm on Jul 28, 2010 (gmt 0)

Apologies for forgetting the guillotine, hope I didn't interrupt your knitting.

Criminals saw first hand what would happen

That would include Robespierre, presumably (though it can certainly be argued he saw it coming).

...

cdkrg




msg:4178202
 9:30 pm on Jul 28, 2010 (gmt 0)

I see your theater about throwing away the key and raise you drawing and quartering.

(while we are doing this hyperbolic judgement thing)

outland88




msg:4178248
 12:06 am on Jul 29, 2010 (gmt 0)

There are other Iserdo's out there. Hundreds, maybe even thousands. Busting one makes some news but no real impact.


So you think we can arrest all the hackers, murderers, cartel members, and armed robbers all at once. How would we go about doing that? Do you have a plan or some deterrant better than the current one? For sure it impacts at least one person. The one caught.

wyweb




msg:4178256
 12:27 am on Jul 29, 2010 (gmt 0)

So you think we can arrest all the hackers, murderers, cartel members, and armed robbers all at once

Actually I don't think we can do much about it at all. Bust them all? We're doing good to nail one or two a year but I appreciate your comments. Keep em coming.

Deterrence? Not really. Criminologists and social nubs have done numerous studies, paid with by your tax dollars, that indicate most criminals don't even think about consequences. They're motivated more by immediate need. Fast bucks, or the potential for it. Immediate gratification.

I agree with "put this guy to work." Put him to work doing what though? Nothing internet related, that's for sure.

I'd make him wash cars for an appropriate length of time. All proceeds going to some deserving charity.

blend27




msg:4178259
 12:35 am on Jul 29, 2010 (gmt 0)

This "Yoda" should be fed to Dracula 3 times and then locked up to watch roses bloom("Johny on the Spot" type of roses) for X decades while serving.

And if found guilty, the Lawyer that represents him should serve at least a fifth of his sentence on his own, when the purp is sentenced, doing the same thing.

Mandatory.

lawman




msg:4178261
 12:50 am on Jul 29, 2010 (gmt 0)

And if found guilty, the Lawyer that represents him should serve at least a fifth of his sentence on his own,


Holy crap!

outland88




msg:4178304
 2:20 am on Jul 29, 2010 (gmt 0)

Actually I don't think we can do much about it at all.


So you're telling us no laws should be enforced because we can only get a few of the criminals? Does that make a lot of sense. Isn't that kind of silly.

wyweb




msg:4178309
 2:35 am on Jul 29, 2010 (gmt 0)

So you're telling us no laws should be enforced

What is your friggin' problem with me outland?

I'm not saying anything of the kind and if you keep misquoting me I'll take you off my christmas list.

I want ALL laws to be enforced. Every one of them. I want enforcement to be even and fair and, most importantly, effetctive. That's not what's happening though. Law enforcement is making a random bust against someone who should have been busted years ago and making big noise about it. Like they're actually doing something. They're not.

Again, there are other Iserdo's out there. There are wannabe Iserdo's just waiting to take the real one's place when he goes down, which he just did.

Implement an internet, and of course this is impossible, where the Iserdos can't profit. Shut them down. All of them.

Don't nail one and call it a victory though. It's not.

grelmar




msg:4178338
 3:24 am on Jul 29, 2010 (gmt 0)

The Brits used to use "culturally appropriate" punishments during the colonial days...

For instance, in some cultures, they believe that only those parts of your body consecrated and buried will be a part of you in the afterlife. So if you really peeved the local British wag, they'd strap you over the mouth of a canon and fire it... in public... scattering you in a fine red mist across the countryside. The message: "Mess with us, we won't just kill you, we'll mess with your afterlife too."

It was surprisingly effective. As much as the British Empire did eventually fall, it took hundreds of years to happen.

For this guy... Something nice, nasty, and published on YouTube or live streamed. Hook him up to an electroshock chair, and have an automated system give him a zap every time a botnet attempts a DDOS. Increase the voltage depending on the size of the botnet.

He wouldn't last long before his hair started to smolder.

lammert




msg:4178343
 3:44 am on Jul 29, 2010 (gmt 0)

ONE day in jail per each machine infected, or 34,794 years
I think one slap each infected machine will be good.
An injection program of 1.27 million non-computer viruses seems to be more fair to me.
If he walks free in 146 years, I think we could live with that.
This "Yoda" should be fed to Dracula 3 times and then locked up to watch roses bloom
And if found guilty, the Lawyer that represents him should serve at least a fifth of his sentence on his own
Hook him up to an electroshock chair, and have an automated system give him a zap every time a botnet attempts a DDOS

This is the reason why judges should be independent, and lynching is outlawed in most countries. Everyone has the right to receive a fair trial, being protected against anger and hate feelings of the victims--or in this case--anger and hate feelings of those who think they represent the victims.

Just wait until you are on the wrong side of the line and the Hordes are coming to bring you to the first high tree. It may be sooner than you wanted and then you'll be happy there is a system in place not only to protect the society against you, but also to protect you against the society.

incrediBILL




msg:4178360
 4:24 am on Jul 29, 2010 (gmt 0)

Everyone has the right to receive a fair trial


Nobody said he shouldn't get a fair trial, nobody even said he was guilty!

Not sure where that came from out of left field.

No lynch mob in sight.

We were just discussing hypothetical punishments that might befit such a crime as well as why some methods of punishment are considered more or less effective than others.

Besides, anyone messing with 12.7M machines/lives/livelihoods/finances is pretty heinous in the first place and people are fed up with such wide scale malice and a slap on the wrist won't suffice.

People are tired of being victims and the scales will tip from a slap on the wrist to life without parole in such major cases just to make a point that criminals can't mess with millions of lives and expect to have one getting off with a minimal sentence.

Implement an internet, and of course this is impossible, where the Iserdos can't profit. Shut them down. All of them.


Exactly.

Why the ISPs don't force all the machines involved to download/upgrade to current anti-virus protection before allowing those infected and unprotected machines back online baffles me.

The ISPs are part of the problem, they can see the C&C channels used by the botnets, the machines responding, and they could kill the channels and force a the owners to clean up their PCs but refuse to do so for whatever reason.

Samizdata




msg:4178378
 5:31 am on Jul 29, 2010 (gmt 0)

nobody even said he was guilty!

I like incrediBILL and enjoy his sense of humour, but sometimes he will offer a hostage to fortune:

he was stealing financial information, ruining many people's lives

Allegedly.

I would be happy to agree that if the accused is guilty he should be punished appropriately.

But all this talk of summary public execution and jailing the defence lawyer is simply pathetic.

WebmasterWorld used to be better than this.

...

incrediBILL




msg:4178382
 6:46 am on Jul 29, 2010 (gmt 0)

But all this talk of summary public execution and jailing the defence lawyer is simply pathetic.


IMO, that kind of devolved as to the discussion of what types of punishment did and didn't work, and why, roaming off topic but well within the range of discussing the issues crime and punishments that proved effective or not.

Defense lawyers being jailed, probably over the top there I'd agree, maybe :)

FWIW, I only mentioned he/him as to whoever allegedly did the crime, I have no idea who did, never mentioned any specific names as I have no clue if it was a him/her/he/she/it that committed it, other than the BBC's reference, so the terminology was merely a frame of conversational reference that any moderator of this forum can feel free to replace with the phrase "WHATEVER ALLEGED PERSON".

Sometimes in the heat of a discussion it's easy to forget to maintain a non-specific reference when using a conversational tone.

The point here really isn't about the tone of the discussion, it should be about how ONE PERSON allegedly impacted the lives of 12.7M people, that's MILLION with an "M", that their financial data was allegedly stolen, computers compromised, livelihood's disrupted.

When has the fact that MILLIONS of peoples lives being disrupted or destroyed, based on how the financial information was used, less important than how it's being discussed?

Sorry, but I think the scales have tipped to the silly side because botnets of this nature are strong enough to take down banks, eBay, perhaps even Wall Street if they were aimed at the right router or DNS server.

Seriously people, 12.7M compromised computers is the online equivalent of an internet nuclear bomb if aimed at the right place and that fact alone should be considered when determining punishment for the crime involved.

A small fraction of that botnet could easily disabled WebmasterWorld, my website, your website, and bunch of others (hundreds? thousands?) if they had decided to use it in such a manner.

Consider what could've happened if someone with far more nefarious objectives had taken control of this botnet!

It's very scary and slap on the wrist laws and lackadaisical ISPs certainly won't stop things like this from repeating themselves.

This 72 message thread spans 3 pages: 72 ( [1] 2 3 > >
Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Local / Foo
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved