Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Sasser Author Under Arrest, Say German Police

Hemos posted more than 10 years ago | from the mein-wormen dept.

Microsoft 549

Apogee writes "A number of german news websites, like n-tv, or the german yahoo news site (courtesy of the german press agency, lending this some credibility) (web sites in german) report that the programmer of the Sasser worm has been arrested by German police. The Sasser author is an 18-year-old man who was arrested on Friday in Rotenburg, Germany. With the Sasser worm being the latest among worms that spread like wildfire among unpatched windows boxes, and apparently also caused serious computer outages and cost to the economy, how will this be transformed into an indictment?" Update: 05/08 18:41 GMT by T : SexySas writes "As the German news site heise reports, the 18-year-old author of Sasser is responsible for Netsky, too. The German police is talking about 'a milestone in war against cybercrime'."

cancel ×

549 comments

Sorry! There are no comments related to the filter you selected.

MS (-1, Troll)

mfh (56) | more than 10 years ago | (#9092755)

> how will this be transformed into an indictment?

Oh I'm sure they'll think of something. But they should be arresting Bill Gates for interfering with Modern Progress by intentionally distributing defective software and operating systems. The fact that Microsoft operates in this fashion in order to rape and pillage the economy, makes it criminal, ie: corporate racketeering.

Re:MS (1)

RGautier (749908) | more than 10 years ago | (#9092773)

This is such a troll. There were worms that took down the Internet long before Bill Gates even knew wtf TCP/IP was. The sendmail worm didn't need Windows to effectively shut down most communications on the ARPANET, and Morris didn't use VBSCRIPT to write the worm.
Bottom line is that irresponsible writing of worms and viruses is a crime of indiscrimination and chaos, and deserves to be punished as such.

Re:MS (0, Flamebait)

mfh (56) | more than 10 years ago | (#9092820)

> Bottom line is that irresponsible writing of worms and viruses is a crime of indiscrimination and chaos, and deserves to be punished as such.

And writing intentionally crappy operating systems isn't? Ask yourself: what would happen if they wrote something that was *perfect*?

Re:MS (4, Funny)

keif (450319) | more than 10 years ago | (#9092861)

> And writing intentionally crappy operating systems isn't? Ask yourself: what would happen if they wrote something that was *perfect*?

Someone would complain the default colour scheme was crap.

Re:MS (0)

RGautier (749908) | more than 10 years ago | (#9092863)

The world would end. There is no such thing as a perfect system, in any engineering discipline. There is no perfect fuel, no perfect engine, no perfect joint, no perfect medical procedure, etc, etc, etc.
That you expect perfection only goes to show that you are an American.

Re:MS (1)

mfh (56) | more than 10 years ago | (#9092910)

> That you expect perfection only goes to show that you are an American.

I -- Am -- Canadian!

> There is no such thing as a perfect system, in any engineering discipline.

By perfect, I meant: without bugs. I wasn't talking about features. Sorry for the confusion.

Re:MS (1)

Tango42 (662363) | more than 10 years ago | (#9092920)

They would be what is commonly called "God". Nothing is perfect.

Re:MS (2)

mumblestheclown (569987) | more than 10 years ago | (#9092781)

Score: Pandering Karma Whore -5

Re:MS (2, Funny)

FAT_VIRGIN (775824) | more than 10 years ago | (#9092785)

Testing? What's that? If it compiles, it is good, if it boots up, it is perfect. -- Linus Torvalds
Can we arrest Linus, too?

Re:MS (1)

keif (450319) | more than 10 years ago | (#9092795)

Grow up.

Re:MS (1)

panamahank (233338) | more than 10 years ago | (#9092906)

My wife is forced to use XP at work. Her computer is set to auto-update, is firewalled, and has two up to date virus scanners. Despite taking all recommended precautions, her computer got sassered. Does anyone care to explain how she is in any way responsible?

they caught him too soon (5, Funny)

ReallyQuietGuy (683431) | more than 10 years ago | (#9092759)

they shoulda waited until MS announced a reward for it first!

Second Post! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#9092762)

Hey look I got second post!

Re:Second Post! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#9092812)

No you did not!!!

LOSER!!!!!!

foo bar! lameness filter SuX0RS my KuX0RS!

LOSERRRRRR!!!!!!!!!

DESCENDENTS - I'm not a loser (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#9092763)

EARLY POST FOR RIT, FOZZY [pro], LINUXDAVE, GABE, MTN. DEW

Think that I'm a loser
'Cause my pants are really too low
Think that I'm a slob
'Cause I got holes in my shoes
Think my cock is like
I like my dirty shirt
Well you can fuck off
'Cause I'm working sixty a week
You think that life is really tough
When your pappy won't buy
You a brand new car
Take a girl out she won't fuck you
After you just brought her a gram of coke
You spent all your money on shitty coke
I'm not a loser! That's right,
I'm not a loser!
Cruise down the boulevard
Wasting Mommy's gas while you're
Looking for kicks on Friday night
You're only goal in life
Is to smoke a joint
And decide how you're gonna get
Laid tonight
You are a fucking son-of-a-bitch
You arrogant asshole
Your pants are too tight
You fucking homo
You suck, Mr. Buttfuck
You don't belong here
Go away you fucking gay
I'm not a loser!

Rush gets it right, (-1, Troll)

Genghis Troll (158585) | more than 10 years ago | (#9092764)

as always.

CALLER: It was like a college fraternity prank that stacked up naked men --

LIMBAUGH: Exactly. Exactly my point! This is no different than what happens at the Skull and Bones initiation and we're going to ruin people's lives over it and we're going to hamper our military effort, and then we are going to really hammer them because they had a good time. You know, these people are being fired at every day. I'm talking about people having a good time, these people, you ever heard of emotional release? You of heard of need to blow some steam off?

LIMBAUGH: And these American prisoners of war -- have you people noticed who the torturers are? Women! The babes! The babes are meting out the torture.

LIMBAUGH: You know, if you look at -- if you, really, if you look at these pictures, I mean, I don't know if it's just me, but it looks just like anything you'd see Madonna, or Britney Spears do on stage. Maybe I'm -- yeah. And get an NEA grant for something like this. I mean, this is something that you can see on stage at Lincoln Center from an NEA grant, maybe on Sex in the City -- the movie. I mean, I don't -- it's just me.

"Federal pound me in the ass prison" for him (-1, Troll)

ObviousGuy (578567) | more than 10 years ago | (#9092765)

Not sure they have those in Germany, but a few years put away in whatever the Kraut equivalent to it would be appropriate.

Send a message.

Re:"Federal pound me in the ass prison" for him (1)

Schmiddtchen (778080) | more than 10 years ago | (#9092850)

Oh, by the way: after admitting the crime, he has been set free for now. Quote: "Keine Verdunkelungsgefahr" (Unlikely to disappear from the hands of police). See the Heise.de newsitem [heise.de] (german, use babelfish and the like to translate).

Phil Hartman said it best: (0)

Anonymous Coward | more than 10 years ago | (#9092869)

First of all I would push you to the ground. Pee on you chanting "House on fire, house on fire, put it out, put it out." Then I would force you to drink antifreeze until you pass out. And Then you would wake up in excrutiating pain with a size 7 poop shoot.

Not framed? (2, Flamebait)

Luguber123 (203502) | more than 10 years ago | (#9092766)

How can one make sure he was not framed?

Also what international terrorist law is he going to be tortured for?

Re:Not framed? (2, Insightful)

rduke15 (721841) | more than 10 years ago | (#9092814)

Also what international terrorist law is he going to be tortured for?

I hope that they don't do this sort of thing in Germany. But I wouldn't bet on it. Military and police have a tendency to be the same sort of people in all countries.

Re:Not framed? (1)

rduke15 (721841) | more than 10 years ago | (#9092894)

Forgot to add: it's the politicians role to keep the military and the police under control, and make sure they behave. Unfortunately, politicians mostly also tend to be the same sort of people in all countries...

Re:Not framed? (1)

Luguber123 (203502) | more than 10 years ago | (#9092911)

<i>politicians mostly also tend to be the same sort of people in all countries...</i>

Pretty much what begged the question :)

Re:Not framed? (5, Informative)

zazzel (98233) | more than 10 years ago | (#9092936)

Obviously, you don't know much about the german judicial system, nor about our police.

The boy is already back at home (no risk of escape) until he'll be tried. He'll probably get probation, at most. He'll MOST probably be tries under juvenile laws, which have the overruling goal of "educating" young people.

However, he'll be held responsible for the financial damages he's done.

Re:Not framed? (0)

Anonymous Coward | more than 10 years ago | (#9092831)

Torture nothing, kill the fucker. If it isn't the right guy, so fucking what? We'll just kill some more!

Re:Not framed? (1)

JaxWeb (715417) | more than 10 years ago | (#9092851)

He admitted it:

"An 18-year-old German high school student has admitted creating the Sasser internet worm, police say." (From the BBC)

It's true that people often do admit to crimes they didn't commit, however I doubt somebody would pretend to write a virus to be 'cool'. Especially not an 18 year old (Maybe a 13 year old would, however).

Re:Not framed? (1)

frost22 (115958) | more than 10 years ago | (#9092892)

given the dubious record of the poilce to even understand such confessions I tend to hold judgement for now.

Maybe he only wrote a variant - according to the articles he also admitted doing a netsky variant.

As for punishment, if the charges proves to be reasonable, expect him to be tried in juvenile court.

Re:Not framed? (1)

tgrasl (607606) | more than 10 years ago | (#9092856)

According to the yahoo article, he has admitted that he wrote the worm.

Since the German police (I hope) is not into forcing such admissions, it would seem fair to assume that he is indeed the author

By the way, the article claims he is also responsible for the Netsky.ca worm which was released into the wild recently.

He was just helping his mother (5, Interesting)

Anonymous Coward | more than 10 years ago | (#9092767)

http://www.channelnewsasia.com/stories/afp_world/v iew/83848/1/.html

The motives of the alleged Sasser author were still unclear, but Der Spiegel suggested the teen may have wanted to drum up business for his mother, who owns a company offering assistance to computer owners.

Re:He was just helping his mother (0)

Anonymous Coward | more than 10 years ago | (#9092839)

My man, for the love of God please give a link that the Slashdot spacing-guild does not screw up -

here you go! [tp] :)

~m

Re:He was just helping his mother (0)

Anonymous Coward | more than 10 years ago | (#9092865)

Ugh!!! Sorry

here you go [channelnewsasia.com] - my bad :)

~m

Re:He was just helping his mother (5, Funny)

Zocalo (252965) | more than 10 years ago | (#9092881)

Well, if he gets sent to jail at least she should know how to bake him a CD with a file on it.

Re:He was just helping his mother (0)

Anonymous Coward | more than 10 years ago | (#9092927)

it's ok - I found it funny

phatbot authors busted too (5, Informative)

taran9000 (466823) | more than 10 years ago | (#9092772)

they were also arrested on Friday.

Re:phatbot authors busted too (0)

Anonymous Coward | more than 10 years ago | (#9092809)

care to provide a url? i cannot seem to find anything

Re:phatbot authors busted too (0)

Anonymous Coward | more than 10 years ago | (#9092841)

And both are Germans. I think the russians should get a public apology from all anti-virus companies and Internet press claiming the Netstky and Phatbot authors were all russian.

Articles in English (5, Informative)

metlin (258108) | more than 10 years ago | (#9092774)

Here is Reuter's take [reuters.co.uk] on this and the news release at Biz Ink [prnewswire.com] .

I'm kinda curious (5, Insightful)

defile39 (592628) | more than 10 years ago | (#9092778)

How did they find this guy? Was it that he was bragging like in the former MS worm cases, or was there a "higher technological power" involved?

Re:I'm kinda curious (2, Informative)

mfh (56) | more than 10 years ago | (#9092852)

> How did they find this guy? Was it that he was bragging like in the former MS worm cases, or was there a "higher technological power" involved?

From Reuter [reuters.co.uk] : "Spokesman Frank Federau for Lower Saxony police said the man was arrested on Friday. He did not have the name of the suspect but said he was a schoolboy who lived with his parents near the central German town of Rotenburg.

"He is the programmer of the first version of the worm," said Federau. He said he did not have any details of how the suspect was found.

Police did not know if the suspect had also created other versions of the worm. They took all the teenager's computers from his parents' house, Federau said.

"He is still free. He is not in custody. There will now be a court case," he added."

Probably Bragging (5, Insightful)

msgmonkey (599753) | more than 10 years ago | (#9092864)

However I am basing this on that fact he is 18 and on the assumption that he fits a profile of some kid who does n't have many friends and needs attention. I'm not saying I'm right, just my take as you'd be amazed on how many criminals get caught simply on the inability to keep their mouths shut.

Phatbot Author also arrested in Germany (0)

Anonymous Coward | more than 10 years ago | (#9092780)

Good programmers all around :-)

does anyone... (5, Funny)

Lxy (80823) | more than 10 years ago | (#9092783)

find it ironic that an ad for Microsoft security services accompanies this story?

Re:does anyone... (4, Funny)

rokzy (687636) | more than 10 years ago | (#9092854)

no, I find it surprising that there are people on /. who still see ads and expect other people to see ads too.

Easy enough (2, Insightful)

Dark Lord Seth (584963) | more than 10 years ago | (#9092786)

IF that person is found to be guilty ( Remember kids, innocent until proven guilty! ) than that person wil be solely held responsible for all damages Sasser has caused, is causing and will cause in the future.

Re:Easy enough (1)

Tango42 (662363) | more than 10 years ago | (#9092846)

Are you an expert on German law?

Re:Easy enough (0)

Anonymous Coward | more than 10 years ago | (#9092903)

Yes. I am.

Re:Easy enough (1)

Tango42 (662363) | more than 10 years ago | (#9092933)

Strange how you posted your first message logged in and the second as AC... If I didn't know better I might think you weren't actually the same person...

Liability (1, Flamebait)

madaxe42 (690151) | more than 10 years ago | (#9092787)

How, exactly, is he any more liable than the millions who run insecure, unpatched machines? It is the end user's responsibility to keep their machines secure. If you leave the doors to your house open, and a large neon sign over the threshold saying 'WELCOME', you'll be *damned* lucky if your insurer would pay up. If he hadn't exploited it, someone else would have, and the result would have been the same.
The reponsibility lies with microsoft, for creating shite software, with inherent vulnerabilities, and with the users, for not bothering to have any kind of protection.

Re:Liability (1)

panamahank (233338) | more than 10 years ago | (#9092833)

"How, exactly, is he any more liable than the millions who run insecure, unpatched machines? "

Indeed, and how exactly is Microsoft, who sell shit sandwiches at ham/cheese/dijon prices any less liable, than the virus writer?

Re:Liability (2, Funny)

cms108 (96258) | more than 10 years ago | (#9092848)

if i go out onto a motorway... and throw a bag of nails on to the road, into the path of cars traveling at 80mph, how am i any more liable for the resulting carnage than the millions who run insecure rubber tyres?
the responsibility lies with vehicle manufacturers for not fitting tyres with kevlar inserts in the side walls as standard; and with motorists for not fitting them themselves.

Re:Liability (1)

rokzy (687636) | more than 10 years ago | (#9092883)

tires are not designed to run over multiple nails at high speed, Windows *is* designed to access the internet, handle email etc.

Re:Liability (5, Insightful)

foidulus (743482) | more than 10 years ago | (#9092862)

Yeah, but even if you leave your house unlocked it is still a crime. If it weren't, any criminal could grab your wallet saying that since it wasn't pad-locked down to your chest, it's his. Or could kill someone and claim it was his fault for not carrying a loaded weapon and constantly surveying all around.
People lock their doors because they realize there is a threat, if they don't realize there is a threat, they lose stuff, but it is still criminal. Hopefully after the 5th time someone gets their house broken into they will realize that they need a lock, same goes with computers.
I'm no microsoft fanboy(I don't even use windows), but blaming them is like blaming a car manufacturer because your car got totaled when some jackass rear-ended you. You should have done your homework before you bought the car, and that still does not absolve the jackass.

Re:Liability (5, Insightful)

v01d (122215) | more than 10 years ago | (#9092867)

If you leave the doors to your house open, and a large neon sign over the threshold saying 'WELCOME', you'll be *damned* lucky if your insurer would pay up.

This is more like just leaving your doors unlocked. There is no protocol for a system to advertise it's vulnerabilities.

Without regard to whether your doors were locked it is illegal to steal things from your house.

Re:Liability (1)

madaxe42 (690151) | more than 10 years ago | (#9092879)

Unless, of course, you just type something along the lines of 'doscan -A 50 -b 512 -c 100 -i -p 5554 -P tcp -r "200 OK$" -v 217.43.0.0/16'

Re:Liability (1)

Tango42 (662363) | more than 10 years ago | (#9092887)

Microsoft and the end users are in the wrong due to not doing something, the virus writers are in the wrong due to doing something - that is the difference.

Your insurer might not pay up but the police will still arrest the guy for theft, criminal damage, or whatever it is he did while inside. The only difference is that he won't be done for breaking and entering.

NB: IANAL

Re:Liability (5, Insightful)

tanguyr (468371) | more than 10 years ago | (#9092888)

How, exactly, is he any more liable than the millions who run insecure, unpatched machines?
That's ridiculous - people who don't wear bullet proof vests aren't "as liable" as the people who shoot them.

If you leave the doors to your house open, and a large neon sign over the threshold saying 'WELCOME', you'll be *damned* lucky if your insurer would pay up.
No, but you could press charges for burglary if somebody came into your house and stole something. Insurance is a matter of commercial contracts - we're talking about the law here.

If he hadn't exploited it, someone else would have, and the result would have been the same.
No, if someone else had exploited it, then the gentleman under discussion here most probably wouldn't be in police custody facing criminal charges right now.

The reponsibility lies with microsoft, for creating shite software, with inherent vulnerabilities, and with the users, for not bothering to have any kind of protection.
What kind of a world do you live in where the people who write and send out a virus are not liable for the damage it causes?

Re:Liability (1)

Ghorin (633504) | more than 10 years ago | (#9092893)

Even if windows is very bad about security and even if many people don't apply security patch, still nobody has any right to go into other's computers. Thus the man hwo created sasser is responsible for all damage.

Re:Liability (1)

madaxe42 (690151) | more than 10 years ago | (#9092924)

If you leave your computer unpatched, with access available externally, with nothing informing any potential user of your computer not to use it, the person entering your computer has every right to do so. That, unfortunately, is the way it is. Also, if microsoft wish to take credit for the security of their software, and take credit for their software, they should also be inherently responsible for its flaws. N.B. IAAL

Re:Liability (5, Insightful)

mumblestheclown (569987) | more than 10 years ago | (#9092918)

If you leave the doors to your house open and a large neon sign over the threshold saying 'welcome'.

Actually, those are two completely separate issues.

Let's say you left your house and left your door unlocked. If a thief happened by, saw that it was unlocked, and came in and stole all of your belongings, the law in every jurisdiction that I know of is unequivocal: the thief is solely to blame.

On the other hand, if you put up a sign that said "welcome", then that could be construed as an explicit invitation to enter and the corresponding legal judgement would be less clear. You may recall cases way back when when some FTP sites said "Welcome To Private FTP site! Username: Password: ".. well.. some were broken into using brute force un pw attacks. The attackers were subsequently found and based their (largely successful) defense on the fact that it said "welcome!"

Now, about the rest of your point: about people being liable and microsoft being liable; basically, it's wishful thinking from you, who knows nothing. I dare you to build me a house that can not be broken into. It is NOT possible. the windows OS has arguably hundreds of thousands of parts and interfaces and it is not reasonable to expect that every aspect has been checked for every possible potential flaw. I remind you that but a few weeks ago, a new flaw was found in TCPIP, arguably one of the most "eyeballed" standards in the history of computing.

every window in your house can be broken, and a thief can enter by breaking it. the lock on your front door can be opened with a jimmy tool, your electric garage door opener signal can be captured and copied. your hidden key under the bushes can be found. your chimney may be a more or less perpetually open entrance, and yet nobody blames house builders or even home owners of gross negligence in such cases.

the fact is that in a society we recognize the inherent limits of any sort of physical protection. as many on slashdot here have observerd in other contexts (DRM), "if it can be broken, it will be" and "there are no unbreakable protection schemes."

Therefore, we must resort to law and the threat of punishment. It's not perfect, but it's what we have to do.

Re:Liability (0)

Anonymous Coward | more than 10 years ago | (#9092928)

Gimme a break... IF this kid DID create and propogate this worm... SCREW him. I hope he get's beat down. Sure the end user should keep their systems up to par.. but there is something purlywrong about attacking people's stuff directly. Screwing over dumbasses who open just any attachment in an email from anyone or whatever is one thing.. but attacking a machine without any interaction from the user is wholy wrong and I hope the person responsible for this suffers badly.

More links (1)

rduke15 (721841) | more than 10 years ago | (#9092788)

Was just about to submit this story. I see my lins are different, so you may find them useful too (they are in English):

An 18 year old has been arrested in Germany, suspect of being the creator of the Sasser [sophos.com] worm, as reported by Yahoo news [yahoo.com] and many others [google.com] . Sophos believes he may also be the author of Netsky [sophos.com] .

Re:More links (1)

croddy (659025) | more than 10 years ago | (#9092817)

I think just about all of us with a desktop RSS reader submitted it.

another story at CNN.com [cnn.com]

About time (4, Interesting)

Falconpro10k (602396) | more than 10 years ago | (#9092789)

granted, im no microsoft lover, but im also kind of against punks like this guy... he has probably cost me almost $500 since this worm started in my PERSONAL services to my friends and family in order to get this all cleared up..

as for ms, they should be considered just as guilty, with such a large corporate juggernaught they have, they should be able to look for these vulnerabalities early, and maybe go through some more extensive testing.. or at the VERY LEAST spend a million or so and tell they public they messed up, and how to fix it... (run windows update) at least this way, you have a educated public... ignornance is NOT strength.

Re:About time (4, Funny)

croddy (659025) | more than 10 years ago | (#9092837)

on the bright side, he released it just a little too early... seeing as this is just the time for Windows users to do their yearly Spring Reinstall anyway.

Re:About time (1)

misterHY (776161) | more than 10 years ago | (#9092931)

True, but...

there is no way microsoft is ever going to find all their bugs. Neither will Linux, BSD, or any other OS. This is why we need DIVERSITY. If a bug in one specific OS is having such a big impact, that means there are not enough other OSes installed.

Same principle for sendmail,bind,...: a bug in either one will take lots of Linux boxes AND BSD-boxes AND other unix-based boxes down. We need different versions of these programs, too. They exist today. Only, they are not as popular as sendmail & bind.

One disease can't take out the entire humanity because we are all different. The same should hold for computers.

Set the man free!!! (5, Funny)

bezza (590194) | more than 10 years ago | (#9092790)

He got me an afternoon off work!

Was it a big joke / mistake? (1)

djsmiley (752149) | more than 10 years ago | (#9092793)

Anyone else get the feeling that this worm, was either a test, or a big mistake, someone wrote it (most prob this guy) and not beliving that it would work (like T33kid with blaster) set it free, or set it free in a closed network, not relising the effect that it would have? Still, just shows the problems with the world today.

Re:Was it a big joke / mistake? (2, Interesting)

Tango42 (662363) | more than 10 years ago | (#9092902)

It has the feel of a proof on concept to me. It distributes fine, but doesn't actually do anything (the crashing appears to be a bug, and the CPU usage is an unavoidable consequence of the distribution process). I wouldn't be suprised if a version with a payload is released soon.

Will he go on trial (2)

foidulus (743482) | more than 10 years ago | (#9092796)

In other countries? He did damage in more than one country, but with the tangled web of extradition treaties etc, how will other countries deal with his arrest? Will they demand justice?
I guess the fact that he was in Germany, a country with a modern justice system and extradition treaties, will help. They have had a hell of a time in the past getting police in places like Russia and the Phillipines to co-operate.
Just another interesting adventure in the globalized, internet-driven world I guess.

Re:Will he go on trial (5, Informative)

Star_Gazer (25473) | more than 10 years ago | (#9092872)

Since both Sasser and Phatbot developers are native germans, they will never be extradited. German constitution luckily forbids it. Only foreigns can be extradited to other countries and only if they don't have to fear death penalty and will get a fair trial.

Re:Will he go on trial (2, Informative)

rduke15 (721841) | more than 10 years ago | (#9092875)

Why would he have to be extradited? If he is guilty, he can be judged in Germany. And one cannot be judged more than once for the same crime.

Phatbot comes from Germany, too (4, Informative)

smk (41995) | more than 10 years ago | (#9092798)

See here in german [heise.de] and the google translation [google.com] . Official say, there is no connection. Well ...

So, how did he find the exploit? (5, Interesting)

Coryoth (254751) | more than 10 years ago | (#9092799)

Excellent, hopefully they can ask hima simple question and we can put another argument to rest - Was he aware of the exploit from his own hacking, or being told about it by someone, or did he just read the exploit advisory from Microsoft when they released the patch?

Realistically odds have to favour just reading the advisory, but there have been plenty of claims to the contrary.

The next question is, will any media actually bother to find out and publish the answer to that question. I'm guessing "absolutely no chance in hell".

Jedidiah.

Re:So, how did he find the exploit? (0)

Anonymous Coward | more than 10 years ago | (#9092930)

compare the code of the patched version with the old version...

that's why exploits usually come out after a fix is available

Two possibilities (4, Interesting)

scum-e-bag (211846) | more than 10 years ago | (#9092800)

Two possibilities as I see them. First the kid was stupid enough to write and release the worm from his own machine leaving behind traces or was not careful enough hiding his tracks. Second, the kids' machine was hacked and used to hide the real creator of the worm while releasing the worm. I haven't RTA but I think these two conclusions are logical.

Re:Two possibilities (0)

Anonymous Coward | more than 10 years ago | (#9092835)

Second, the kids' machine was hacked and used to hide the real creator of the worm while releasing the worm. I haven't RTA but I think these two conclusions are logical.

If that were the case, I don't see why he'd have confessed...

You are an ignorant clod == typical ./ denizen (0)

Anonymous Coward | more than 10 years ago | (#9092890)

>I haven't RTA but [blather deleted].

Timmy, have you taken out the trash yet? If Mom grounds you again, she'll not only take away your computer for a month, but she'll make you leave the basement!

Referenced Story in Der Spiegel (2, Informative)

RidiculousPie (774439) | more than 10 years ago | (#9092804)

The article also referred to Der Spiegel
As reported in Der Spiegel [spiegel.de]

Ultimate punishment (4, Funny)

m00nun1t (588082) | more than 10 years ago | (#9092810)

Make him explain to my mother what a worm is, what he made it, and how to enable a firewall. That'd be punishment enough.

Cyber-terrorism (2, Informative)

amichalo (132545) | more than 10 years ago | (#9092815)

...how will this be transformed into an indictment?
It looks like the Cyber-terrorism [etsu-tn.edu] laws are used (in the US) primary for this type of "cyber joyrider"

It is all a lie! (1, Interesting)

Anonymous Coward | more than 10 years ago | (#9092818)

The Sasser author is an 18 year old man who was arrested on Friday in Rotenburg, Germany.

There is no such thing as an 18 year old man. Only somewhat a slashdot would think such a thing. This is clearly an atempt to get someone to trip up and admit to it. It is a trap people, dont believe it!

BBC Reporting This (1)

JaxWeb (715417) | more than 10 years ago | (#9092827)

I hear this on BBC Radio news. A quick search of the BBC website gave me this link [bbc.co.uk] .

I also noticed this story [bbc.co.uk] from a while back, entitled "Hunt is on for Sasser worm writer".

(You've gotta love the BBCs use of Stock Graphics! :D)

So basically, what's happened here was... (1, Interesting)

Anonymous Coward | more than 10 years ago | (#9092828)

A program exploits the extremely poor security track record of Microsoft products to spread itself. In my eyes, the provider of the broken software (=Microsoft) is just as much guilty as the person who made the self-disseminating program.

But history has shown that Microsoft cannot be sued while expecting to win. It's too big. In other words, Microsoft is above the law.

Re:So basically, what's happened here was... (1)

Ghorin (633504) | more than 10 years ago | (#9092937)

I don't agree with you. Microsoft is not responsable for what viruses written by others. Take another example : If you forget to lock your door when leaving home and if a thieve get in and stole many thing, who are responsible ? You or the thieve ? The thieve. You made the job easier for the thieve but he is still the robber, not you. If there was no robber, no virus, we would not need any lock on our door and no anti-virus and firewall on our computers.

Melissa Virus (2, Interesting)

CptChipJew (301983) | more than 10 years ago | (#9092838)

Didn't the creator of the Melissa virus get his sentence removed in exchange for helping the government with security stuff?

If so, the same thing could happen to this guy with the German government.

Re:Melissa Virus (1)

Schmiddtchen (778080) | more than 10 years ago | (#9092917)

Dont expect the German government to advance Germany technologically or even think of conducting neccesary reforms. All they do is talk jabber and think loudly about China joining the EU... :P

Re:Melissa Virus (0)

Anonymous Coward | more than 10 years ago | (#9092929)

So,

-Write a worm/virus
-Get busted and do some security stuff for the government
-Put it on your CV
-Get a careerboost and a job in security that probably pays a lot

Where do I sign, or better let's look for some security holes.

Re:Melissa Virus (1)

Star_Gazer (25473) | more than 10 years ago | (#9092939)

Since this guy is most probably only a script kiddy, that would have about the same effect as asking GWB to help ruling the US.

Rothenburg an der Wümme. (4, Informative)

Qbertino (265505) | more than 10 years ago | (#9092845)

We've got a few (3?) Rothenburg's in Germany. The one americans probably know the best is Rothenburg op der Tauber.
Rothenburg a. d. Wümme is not the medival postcard town, it's just a small boring northern german town. :-)
BTW: Wümme and Tauber are both rivers. German cities with same names ofter difference themselves by the rivers they lie at.

Re:Rothenburg an der Wümme. (1)

datan (659165) | more than 10 years ago | (#9092882)

americans - Americans

run on sentence: Rothenburg a. d. Wümme is not the medival postcard town; it's just a small boring northern german town.

German cities with the same names often differentiate themselves by the rivers they lie at.

I wonder if we can settle a small question (4, Interesting)

Sun (104778) | more than 10 years ago | (#9092859)

not really an important one, but still.

Sasser broke a new record in the time it took to find the worm, from the time the hole on which the worm was based was issued a public patch. Now that we, allegedly, have the worm's author, we can ask him whether it was rev-enged from the patch, or whether he had prior knowledge of the hole.

Shachar

P.S.
I would wager the former, but still interesting to get an authorative answer.

Blame Microsoft, NOT him! (0)

julie-h (530222) | more than 10 years ago | (#9092860)

It is Microsoft that sold a bad product, so why don't they have to pay for all the damages their product have caused?

He should be treated as a hero (0)

Anonymous Coward | more than 10 years ago | (#9092871)

What if his virus would have erased every jpeg on the computer, like iloveyou? It got everyone to patch without causing data loss - just temporary bandwidth wastage. Also, what happens when someone posts viruses anonymously on a public forum, but doesn't actually distribute them? (Say, base64'd as anonymous coward)

Sentencing... (2, Interesting)

Ianoo (711633) | more than 10 years ago | (#9092886)

Much as I'm pissed off with Microsoft for putting out software with so many holes, I think virus writers still have a lot to answer for.

I reckon he should get 10 minutes of prison time for every machine his trojan infected, since this is the time it probably takes someone on average to clean up the mess.

1,000,000 * 10 minutes = 166,667 hours = 6944 days = 19 years.

Seems fair to me, anyways...

A benefit of Sasser/Blaster (3, Insightful)

mst76 (629405) | more than 10 years ago | (#9092905)

Sure, these worms did cause a lot of inconvenience and downtime and such. But a (probably unintended) benefit of their outbreaks was that many vulnerable machines are now actually patched. Without these worms, if you hit a random 2K/XP machine on the net, there is a very good chance that you can take over the machine through either DCOM or LSASS (port 135 and 445 IIRC). Essentially, everyone can gain access to millions of machines, and the owners would probably be totally unaware. I'm not trying to defend the worm writer, but we all know that millions of people simply wouldn't patch until the machines keeps rebooting every few minutes.

Idiot (3, Insightful)

Pedrito (94783) | more than 10 years ago | (#9092916)

I'm sorry, but any virus or worm writer that gets busted is just plain stupid. It's so simply to NOT get caught:

Step 1: Write virus/worm without your name, intials, alias, or any other identifying info.

Step 2: Release your virus/worm from an internet cafe, preferably one far from home, even a different city or country.

Step 3: Keep your mouth shut!!!

I mean, how hard can it be to avoid getting caught? I think most of these morons have the most trouble with steps 1 & 3, even if they're smart enough to manage step 2.

Lock him up! (-1, Flamebait)

John Seminal (698722) | more than 10 years ago | (#9092923)

Lock him up. Lock him up and throw away the key. What he did caused damage to sooo many systems.

But what I would like to know is what motivated him to write the virus. Was it because he hated society and people, and wanted to do as much damage as he could? He must have known the outcome of his actions.

Whatever the reason, he has to be punished as a show to others not to do this. Someone has to be made an example of, and someone has to be the deterrent to others.

It is too bad Germany can't extradite him to Pakastan, where they would be better able to punish him. If it comes up that he caused damage in other countries, he should be sent there to face charges too.

Come to think of it, start by sending him to the country that likes to cane criminals. I remember some American tourist teen getting 5 lashes across the back for vandalism. That was sweet. And I hope they televise it. I want to see him suffer. He should be beaten so badly that he cries in remorse.

I hope we get back to a society where people have shame when they do wrong. That is the problem. People do things and they don't care about how it effects others.

If he is guilty... (3, Funny)

darth_silliarse (681945) | more than 10 years ago | (#9092925)

...I think he should be locked in a padded cell with a 486-SX and a copy of Windows v3.1 for company, I'd sooner have my left nut crushed in a vice rather than face that

Auuugh! (-1, Flamebait)

Anonymous Coward | more than 10 years ago | (#9092926)

This place is lousy with krauts.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?