Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Chinese Worm Creator Gets High-Paying Job Offer In Prison

Zonk posted about 7 years ago | from the now-i-see-what-it-takes dept.

The Internet 148

martinsslaves writes "The recently imprisoned creator of China's worst computer virus ever (worm.whboy) has now been offered a job paying millions of yuan from his prison cell. He's actually been offered several, and one of the companies that has offered him the position of Technology Director was actually affected by his virus. The General Manager there now believes the virus writer may have just been 'led astray'. The media is reporting that author Li Jun originally wrote the virus due to frustrations over being jobless. 'So far, about 10 network companies across the country have offered jobs to Li, whom they regarded was a "precious genius," the report said citing Li's lawyer Wang Wanxiong. Li's cyber bug, which earned him about 145,000 yuan after selling it to other hackers from December 2006 to February this year, can prevent infected computers from operating anti-virus software and all programs using the "exe" suffix.'"

Sorry! There are no comments related to the filter you selected.

First Post!!! (-1, Offtopic)

oiarbovnb (728906) | about 7 years ago | (#20742693)

Yehaw!!!

Pay (-1, Offtopic)

Anonymous Coward | about 7 years ago | (#20742701)

I didn't think prison bitch paid all that well.

Re:Pay (1)

somersault (912633) | about 7 years ago | (#20744459)

When you're working with Mr Wang Wanxiong, you pick up some good tricks!

This used to happen in the US (3, Interesting)

kill-9-0 (720338) | about 7 years ago | (#20742725)

In the 80's if you got caught hacking, you might get some jail time, and get your gear confiscated, but often you were also offered a job.

Re:This used to happen in the US (2, Funny)

Opportunist (166417) | about 7 years ago | (#20742843)

Not only in the US. There've been others who were found and offered the choice of jailtime or working for the company.

I wonder how many look back and wish they'd have taken jail...

Re:This used to happen in the US (2, Interesting)

Creepy (93888) | about 7 years ago | (#20743829)

Not just companies - the FBI. One of the first major pirate groups busted in the United States had members that worked for the feds in lieu of jail time or juvenile hall (the Super Pirates of Minneapolis [SPM]).

    As a kid I went to church with an FBI computer crime guy (and his kid) and knew a good chunk of the group that replaced the SPM - a group called the Midwest Pirates Guild - from school friends and hanging out on BBS's, so I heard a lot of info from both sides. It was kinda weird knowing the "good guys" and the "bad guys" and almost humorous watching the FBI guy give computer crime talks and use cracks by people I knew as examples. All the people I knew personally that were involved moved on to respectable careers not involving crime, so it isn't always a bad thing to employ them (and many were involved in other crimes such as hacking and credit card fraud, the latter of which would make me want to string them up, having been a victim).

If you've seen the movie "Catch Me If You Can" you'll see another criminal-turned-FBI informant.

Re:This used to happen in the US (1)

greginnj (891863) | about 7 years ago | (#20743863)

Another way to interpret this is that China is catching up to us. It is another sign of the victory of capitalism, even in the labor market -- his skills are in demand, so job offers from Chinese companies are coming in; it doesn't matter that he's in prison. He's the Frank Abagnale ("Catch Me If You Can") of China.

Re:This used to happen in the US (1)

superpulpsicle (533373) | about 7 years ago | (#20745451)

Isn't Shanghaidaily a communist propaganda source? People are biting the commi-bait bragging about how China is all caught up. How about them journalists in prison. No companies dare to hire them.

Re:This used to happen in the US (0)

Anonymous Coward | about 7 years ago | (#20745293)

I just got done rewatching the old "Hackers" Movie with Angelina Jolie. Wow! She's a sweet potato that one. I'm going to rewatch "Sneakers" with Robert Redford at the end of this week. It's interesting how these movies made hscking culture very accepted and cool. It's really made the geeky social awkward nerd become someone to be revered and valued. I highly doubt though that the amount of people who once got jobs committing cyber crime has climbed. It's easy for people to get the tools to do it but the wisdom and deviousness are a separate element from your average cyber voyuer. If you're a person who thinks they can garner a career in law inforcement by holding banks hostage or messing with government files and services; you''ve got another thing coming. Besides; instead of asking you how you did it?, they can make you tell by "other" means which can be a messy hack in itself.

written by
I'madinnerjacket

Oh god... I predict "resume spam" soon (4, Funny)

erroneus (253617) | about 7 years ago | (#20742731)

The more people like this get tremendous job offers, the worse I see things getting since they are ultimately being rewarded for their behavior.

To that end, instead of "stocks" in images and PDFs, I predict the next round will be resumes flying around!

Re:Oh god... I predict "resume spam" soon (1)

Virgil Tibbs (999791) | about 7 years ago | (#20742935)

It's true...
All these stories of ex-'hackers' getting highly paid jobs for multi-national corporations as security advisors is bordering between fiction and fairy tales.
It doesn't work like that; it only happens to Kevin Mitnick and (IN)FAMOUS hackers...
it wouldn't happen to you....

perhaps I'm wrong though.....?

Re:Oh god... I predict "resume spam" soon (1)

bladesjester (774793) | about 7 years ago | (#20745493)

perhaps I'm wrong though.....?

You're wrong. I knew someone in the early 90's that finally got caught hacking into the systems of a security company after a decent amount of playing cat and mouse. They gave him two choices - work for us (at quite a nice salary) or sit in a cell.

Needless to say, he chose the job.

Re:Oh god... I predict "resume spam" soon (3, Insightful)

scubamage (727538) | about 7 years ago | (#20742949)

Are you kidding? This is HOW security comes into being. If no one compromises security, exploits holes, and shows people the errors that exist they will never get patched. That is why black, white, and gray hats exist. Its like yin and yang. Devs write something, black hats find holes, and the white hats fix it. If they can do it all in house, everyone is better off. Whose the one really to blame, the company who writes the shoddy software with gaping holes in it, or the guy who walks in through those holes?

Re:Oh god... I predict "resume spam" soon (1)

speaker of the truth (1112181) | about 7 years ago | (#20743009)

I dunno. Let's ask victims of lock-picking burglars?

Re:Oh god... I predict "resume spam" soon (4, Insightful)

Jarjarthejedi (996957) | about 7 years ago | (#20743317)

Better yet let's be a little more specific. Let's ask victims of lock-picking burglars who were caught (the burglars) if that burglar should be offered a job making sure that other, uncaught, burglars can't pick the locks of that company any more?

I'd feel a lot safer if a burglar who was extremely good at lock picking was unable to pick the locks I was using. Same goes for security, if you have someone who is a professional hacker trying to penetrate your system you're going to find problems a lot faster than if you just have another White Hat, whose more concerned with patching holes than finding them, looking around.

Re:Oh god... I predict "resume spam" soon (0)

Anonymous Coward | about 7 years ago | (#20744303)

You'd have no problem then having a convicted child molester in charge of child protection services then?

Re:Oh god... I predict "resume spam" soon (1)

PitaBred (632671) | about 7 years ago | (#20745433)

I'd have no problem with them acting in an advisory role, saying "Yeah, it's a bad idea to let the back door there unlocked" or whatever. Same kind of thing.

Re:Oh god... I predict "resume spam" soon (1)

pimpimpim (811140) | about 7 years ago | (#20744365)

I'll keep hammering on this, but this is why the recent anti-"hacking" law [slashdot.org] in Germany is one of the stupidest political ideas concerning IT ever to come to reality. It also shows a total neglect of the international state of the internet. By stopping "hacking" for Germans, the German IT systems just become less secure for the rest of the world. It's like an open invitation to break into our bank accounts and company networks. Swell! Not!

Re:Oh god... I predict "resume spam" soon (0)

Anonymous Coward | about 7 years ago | (#20745337)

Sure, escaped convicts should help design prisons too! Lets throw gobs of money at them! I'm sure they're trustworthy.

Re:Oh god... I predict "resume spam" soon (1)

Unkyjar (1148699) | about 7 years ago | (#20745421)

Actually a similar idea was turned into a Reality TV show for Discovery Channel called "It takes a Thief" where former burglers would be invited to break into people's homes and buisnesses and later would offer advice on how to better protect those places from buglaries. http://en.wikipedia.org/wiki/It_Takes_a_Thief_(2005_TV_series) [wikipedia.org]

Re:Oh god... I predict "resume spam" soon (0)

Anonymous Coward | about 7 years ago | (#20745623)

There are a number of unpickable locks. You don't need a burglar to tell you to go out and buy one. Then again, burglars rarely break in through a locked deadbolt, Even if it's the standard piece of crap 5-pin quickset so many people have on their door, that's why no one thinks it's worth it to go out and buy a better lock.

Re:Oh god... I predict "resume spam" soon (0)

sholden (12227) | about 7 years ago | (#20745633)

So instead you have all your locks designed so that a convicted burglar knows exactly how they are set up, how they work, etc, etc.

What do you think happens when things get tight and he decides to return to his previous profession. Guess what locations are at the top of his list, with all the weaknesses already mapped out (and probably inserted intentionally in the first place).

Seriously computer programmers put back doors in their code all the time, accountants steal from the clients, "professional hackers" leave some of the holes open for themselves later, someone with a criminal history is more likely to re-offend than someone without one is to offend.

I know who I don't want designing my security system.

Re:Oh god... I predict "resume spam" soon (1)

NosTROLLdamus (979044) | about 7 years ago | (#20745843)

Computer programmers and accountants?

Re:Oh god... I predict "resume spam" soon (1)

MindStalker (22827) | about 7 years ago | (#20743013)

It depends. If you go around picking random peoples locks you might get in a bit of trouble. If you go around picking random peoples locks and stealing their shit, expect to get in a lot of trouble.

Re:Oh god... I predict "resume spam" soon (2, Insightful)

Nos. (179609) | about 7 years ago | (#20743179)

Its a little more complicated than you make it out to be. "Black hats" should never be offered a job by a company that gives a damn about its reputation. You don't reward people for committing crimes. Secondly, you don't have to be a black hat to look for security holes, and you don't have to look for security holes in other peoples' things.

Re:Oh god... I predict "resume spam" soon (1)

scubamage (727538) | about 7 years ago | (#20743275)

I agree, I screwed up the nomenclature a little bit. Either way, someone who comes up with a creative hack should be rewarded for it. By exploiting the hole, he increased security. In the short term he cost people money. In the long run he most likely saved them money. The guy is serving his time in a Chinese prison which is no cakewalk. I am of the opinion that someone who has served their time has served their time. Maybe I'm too optimistic about human nature. The fact is, he came up with a nice hack, and hopefully he'll be coming up with other nice hacks in the future. Its a whole lot better than the one worm that had a hidden marriage proposal for Morgan "The ManJaw" Webb.

Re:Oh god... I predict "resume spam" soon (1)

Nos. (179609) | about 7 years ago | (#20743815)

Sure he came up with a nice hack. The fact that he sold that hack to people he obviously knew were going to do bad things with it is what concerns me. I work in IT security. My job requires a criminal record check. If I was looking for new people, and saw that one of my applicants did something like this, his resume immediately goes to recycling. He may be brilliant, but I can't trust him. And when you're talking about your IT security staff, if you can't trust them, you're in a lot of trouble.

Re:Oh god... I predict "resume spam" soon (1)

db32 (862117) | about 7 years ago | (#20744253)

Right... So by that logic it makes sense to hire a rapist to protect your daughter from other rapists right? Hire a criminal to protect against the criminal. I think I would rather pay someone who isn't a rapist for that job.

Devs write something, black hats find holes do lots of damage and make some profit, white hats have to find the black hats using the holes and then fix it. Seems to make more sense to fix the problem at the Devs rather than hiring known criminals. This whole white hat black hat crap is just a convenient way to downplay "you are a fucking criminal, I don't care that you only wanted to see if you could break the hinges on my door and you didn't steal anything".

As for your question...easy...the blame belongs to the guy who walked through those holes. How would you like it when you come home to find your entire family murdered and the cop says "Sorry, you didn't keep your doors locked, your fault." Just because your lock is broken, the door doesn't close, the windows won't latch, whatever, does not make it legal for me to waltz into your home and do as I please. At a bare minimum its trespassing.

Re:Oh god... I predict "resume spam" soon (1)

somersault (912633) | about 7 years ago | (#20744417)

The skills required for rape aren't exactly in high demand..

Re:Oh god... I predict "resume spam" soon (1)

db32 (862117) | about 7 years ago | (#20744631)

The skills required for catching or preventing rapists is in high demand. The argument goes that you should hire people who can commit the crime to protect against it. Only a serial rapist would know the details of the how and why of target selection and other important factors involved it commiting the crime. Now when you start hiring serial rapists for high paying jobs to try and catch other rapists, do you think maybe the number of rapes would go up as people try and land a high paying job? It is a dumb freaking idea and is not the way to go about business.

Re:Oh god... I predict "resume spam" soon (1)

somersault (912633) | about 7 years ago | (#20745071)

Yeah because it's really hard to work out who is more likely to be a potential victim for assault :/ Most people know that it will depend on your body language, and you would be better travelling with someone else, in well lit/'better' areas, etc.. you could probably just get advice from muggers/thieves rather than actual rapists..

Re:Oh god... I predict "resume spam" soon (4, Funny)

jollyreaper (513215) | about 7 years ago | (#20744169)

The more people like this get tremendous job offers, the worse I see things getting since they are ultimately being rewarded for their behavior.
CEO's get rewarded for ruining companies, isn't it time the same courtesy is extended to the IT set?

mod parent up (1)

pimpimpim (811140) | about 7 years ago | (#20744435)

It's insightful/funny/sad, because it's true.

Re:Oh god... I predict "resume spam" soon (1)

pimpimpim (811140) | about 7 years ago | (#20744507)

Resume spam is already happening in the academic world. Any university researcher with a website offering positions will get a lot of job applications from people all over the world (probably mostly india/asia though) from totally irrelevant fields, either done by the applicant themselves or maybe there are companies that offer the addresses or send them around. They are written in a standard way, often not even mentioning the name of the addressee. Then again the same might happen for any job offer on monster, but I have no experience with that.

Re:Oh god... I predict "resume spam" soon (1)

Bearhouse (1034238) | about 7 years ago | (#20745427)

Easy fix for this. Since what he did could easily be construed as 'corruption' or 'fraud', (or a least conspiracy to do so, or to aid and adbet others), they should just string him up! That's what they do to 'corrupt' (are they not all?) party officials in China. The damage he did was easily as high-profile as what others have done...(sorry, too lazy to look up links for party boss from Shanghai who was executed for stealing 'millions'.

Hey, while we're at it, we could extend this to to West, also... Could bring a whole new meaning to 'lethal' for the Hackerz...

Accomplices (1, Interesting)

just_another_sean (919159) | about 7 years ago | (#20742733)

Three of Li's accomplices were also jailed for up to two-and-a-half-years each yesterday.
I wonder if they will get offers as well or do these companies want to stick to just the mastermind?

(Oh and I for one welcome our burning joss stick wielding, cute and cuddly Asian overlor^W, um, IT guys...)

Pfft (1)

thefear (1011449) | about 7 years ago | (#20742745)

<blockquote>can prevent infected computers from operating anti-virus software</blockquote>
Don't all viruses do that nowadays, seems like a standard practice to me.

<blockquote>and all programs using the "exe" suffix.</blockquote>
so.... how did windows boot?

Re:Pfft (4, Informative)

Applekid (993327) | about 7 years ago | (#20742853)

and all programs using the "exe" suffix.
so.... how did windows boot?

IIRC, the virus modified the registry entries which tell Windows how to handle .exe files. Booting up is fine. Once the system's up, every time explorer tries to launch an .exe, Windows wound up checking the registry for what it should do with the file. The registry modification removed the "magic" that told it that it's an executable.

I remember at work someone convincing me it was a good idea to copy the .exe registry class into another one, say, .myinitials, so if the .exe registry settings got clobbered I could always rename regedit.exe to regedit.myinitials and fix it.

Re:Pfft (4, Funny)

dcollins (135727) | about 7 years ago | (#20743077)

Dammit. Screwed again.
- Eugene Xavier Edwards

Re:Pfft (0)

Anonymous Coward | about 7 years ago | (#20743963)

I remember at work someone convincing me it was a good idea to copy the .exe registry class into another one, say, .myinitials, so if the .exe registry settings got clobbered I could always rename regedit.exe to regedit.myinitials and fix it.
Better yet, use a boot cd until you can reinstall. You don't want to be working in an OS you know is already compromised.

Re:Pfft (0)

Anonymous Coward | about 7 years ago | (#20742913)

The worm loads after the windows kernel is loaded and the kernel doesn't have an exe-suffice.

Maybe not so new (4, Funny)

east coast (590680) | about 7 years ago | (#20742769)

From the blurb: Li's cyber bug, which earned him about 145,000 yuan after selling it to other hackers from December 2006 to February this year, can prevent infected computers from operating anti-virus software and all programs using the "exe" suffix.'

Navidad [symantec.com] did kind of the same thing but it seems to be a coding mistake more then the intended purpose of the virus.

Just for the record: I didn't read the article.

Re:Maybe not so new (1)

Red Flayer (890720) | about 7 years ago | (#20742963)

Moderation: +1 Informative.

Just for the record: I didn't read the article.
Now if you HAD read TFA, that would be informative. Default value for rtfa is 0, not 1, so stating you hadn't read TFA is redundant :)

Re:Maybe not so new (2, Funny)

Anonymous Coward | about 7 years ago | (#20743029)

One guy wrote a virus that tricked users to think the virus was update to their windoze boxes.. After users installed the virus it wrote annoying messages to them all the time.

He was hired later as a WGA expert-developer.

well yeah (4, Insightful)

circletimessquare (444983) | about 7 years ago | (#20742775)

the only real way to ensure security is to have it constantly challenged. that's a job. and this guy did a good job of doing that. thus, he earned the income

which means 2 things:

1. there is no security in an environment where the security doesn't get challenged and defeated every now and then. or get's challenged, and the fallout kept secret

2. go ahead and make virii and worms. just make damn sure the payload is harmless or simply annoying. if the worm this guy wrote did something really nasty, you can be sure he wouldn't be getting kudos and job offers

Re:well yeah (1)

somersault (912633) | about 7 years ago | (#20744611)

1. There would also be no need for security if people weren't trying to break the system, but I know what you're saying.

2. He sold the code to criminals who have no doubt used it for something 'really nasty'?

I like to play devil's advocate a bit, but this guy really does seem like a prick rather than someone who wants to be helpful.

Re:well yeah (1)

db32 (862117) | about 7 years ago | (#20744807)

So. Where should I send the bill when I break into your house and take pictures of you sleeping? I mean there is work there testing your security (physical security), observing your sleep patterns (doctors get big bucks for this work), and I didn't take anything myself. Oh, and just so you know, I am going to show everyone else how to do the same, so if they do anything nasty to you in your sleep I can't be held liable for that.

I swear to God people need to get over this moronic idea that hiring hackers is a good thing. You are aware that computers run important things now right? Medical devices, manufacturing devices, and all manner of other things. People act like all of these worms and virii and whatnot are just little annoyances to office workers and nothing more. Boy I sure hope you aren't getting a MRI when some jackoff runs an exploit that causes it to do unpredictable things while you are in there. If you get lucky it will only fudge the data causing you to get improper treatment and maybe you will be ok, if you get unlucky it could do damage to you while you are in. I mean after all, the payload was just an annoyance so its ok right?

crime pays (1, Insightful)

Anonymous Coward | about 7 years ago | (#20742845)

The lesson to be learned from this is that crime pays.

Re:crime pays (0)

Anonymous Coward | about 7 years ago | (#20743383)

in China apparently.

of course they have other problems too

What if he wasn't led astray... (1)

Virgil Tibbs (999791) | about 7 years ago | (#20742861)

Though I'm sure he would like them to believe he was led astray,
what if he wasn't and is just manipulating the authorities to get himself back online?
what are they going to do if he creates another worm, while in prison?
I would hope this is an unlikely scenario but it is one worth considering...

first thought (1)

twoboxen (1111241) | about 7 years ago | (#20742883)

...where he earns up to 7 cigarettes on a good day. I'm not sure what that would be here after cost-of-living adjustments, though.

Re:first thought (0)

Anonymous Coward | about 7 years ago | (#20742959)

Given the current state of the US economy, 5 cigarettes?

He did this because he couldn't get a job? (1)

crivens (112213) | about 7 years ago | (#20742921)

Was the virus technically fantastic, or did he download a virus kit from the web and just modify it's name before releasing it?

He did this because he couldn't get a job? Maybe he should get a life instead.

Re:He did this because he couldn't get a job? (1)

speaker of the truth (1112181) | about 7 years ago | (#20743039)

Had he gotten life the job offer would be less appealing I imagine.

Incentives (0)

Anonymous Coward | about 7 years ago | (#20743709)

In general, people do what they are incited to do.

If working within the system simply doesn't pay as well as working above it, then plenty of people will work above it. Whether or not this is "right" will not be very important to them.

The familiar meme evolves (2, Funny)

Dystopian Rebel (714995) | about 7 years ago | (#20742933)

1. Lose job.
2. In despair, write a Windows worm.
3. PROFIT.
4. Get caught, go to jail.
5. ???
6. PROFIT.

Bad idea? (1, Interesting)

GreyPoopon (411036) | about 7 years ago | (#20742943)

Am I the only one that thinks rewarding a virus writer in this manner is a really bad idea?

However, he later learned from media reports that Li, who created the virus over discontent at his failure to land a job, may not be a bad guy and "just went astray," the report said.

Sorry, but taking your discontent out on scores of innocent victims does not strike me as merely being led astray. At best, it shows a complete failure to consider the consequences of your actions. At worst, it shows that your personality is borderline sociopathic, in that you don't actually _care_ about the consequences of your actions.


Maybe I'm wrong, but I would think that rewarding someone who did this would simply invite others to repeat the performance. At first glance, it may seem that the price of imprisonment should be a sufficient deterrent. But the dude got five years in prison, and he now stands to make over $133,000 per year on his release. $133,000 a year is a heap of money in China. If you told me I could "play nice" and make less than $10,000 for most of the rest of my life, or I could instead spend five years in miserable conditions but not paying anything for room and board and then make $133,000 per year afterwards and live like a king, the choice would be pretty easy.

Re:Bad idea? (1)

pitu (983343) | about 7 years ago | (#20743187)

Beeing offered a job is not a reward. A job is just a human right.

  theese times though, many people feel rewarded if they have the opportunity
  to be employed and exploited.

  =>he did not go astray... the society did - "the society is to blame" (c) Monty python

Re:Bad idea? (1)

GreyPoopon (411036) | about 7 years ago | (#20743691)

A job is just a human right.

On the chance that you weren't making a joke, I have to respectfully disagree. Keeping your citizens gainfully employed is a good idea for any government (otherwise anarchy and rebellion arise). However, I don't believe it's a human right. It is the responsibility of each person to strive to educate and locate themselves in such a way as to gain employment that takes care of life's necessities. It is the responsibility of society (if they have the means) to assist other members of society in this pursuit. It is not anyone's responsibility to provide a job for someone who has no interest in learning the necessary skills or performing the work required by the job.


Also, I agree that being offered a job is not a reward. However, being offered a job that pays more than ten times the average white collar salary _is_ a reward.

Re:Bad idea? (1)

pitu (983343) | about 7 years ago | (#20744583)

I gather it's more of a human right because you can not refuse it to someone based on
his origins, colour (put your custom discrimination here), nor because of one's criminal (and served) history.

A man has a right to work and have a job, that's all, it does not mean governments should secure & offer it.

now, a company says he rocks and offers 130k$. You say he'll feel rewarded as other sous-payed chineese suits get 10k$. ...or just maybe he'll still feel like shit because he's worth a lot more anywhere else & he's going for the world, not where you put him.

Re:Bad idea? (1)

dwye (1127395) | about 7 years ago | (#20744811)

> Am I the only one that thinks rewarding a virus writer in this manner is a really bad idea?

Bad idea for whom? The Chinese get a good virus writer to make more, as munitions against someone. It encourages others to try. This is no different than England knighting or ennobling "pirates" who took the Spanish treasure fleets or the Silver Train from inland South America, back in Henry VIII's or Elizabeth I's reigns. For that matter, it is no different than pardoning a successful bandit and employing him in the nation's army, as many medieval or earlier rulers did.

Of course, it is not particularly good for the victims of his earlier viruses (or of those he might later create for his employers), but then, we don't count in their accounting. Surely, you don't think that he is being hired for his database design skills?

> $133,000 a year is a heap of money in China.

It is rather a heap almost anyplace.

Re:Bad idea? (1)

GreyPoopon (411036) | about 7 years ago | (#20745523)

Bad idea for whom? The Chinese get a good virus writer to make more, as munitions against someone.

Good point, but even then, I still think it's a bad idea. Somebody like that will sell out to the highest bidder, which can easily turn a great asset into a traitor. It's kind of like making explosives. You know that at some point there will be an accident during production, and that it will be really bad. Are the risks worth the returns? You have to do the math.

Re:Bad idea? (1)

vertinox (846076) | about 7 years ago | (#20745333)

Sorry, but taking your discontent out on scores of innocent victims does not strike me as merely being led astray. At best, it shows a complete failure to consider the consequences of your actions. At worst, it shows that your personality is borderline sociopathic, in that you don't actually _care_ about the consequences of your actions.

This is China we are talking about. The run by a different set of rules. Corruption is common and ethics is often considered when we are talking about the bottom line. You are talking about corporation who have no qualms employing slave like conditions for child laborers, letting men die in coal mines due to negligence almost on a monthly basis, and no qualms whatsoever of having poisons in pet foods and on child's toys.

To be fair... The punishment for corruption in China is far worse. The equivalent of the head of the FDA in China was put to death for corruption. I doubt we would see the same response in the US other than a slap on the wrist and maybe some time in the ClubFed.

The Chinese will learn, too, eventually... (5, Insightful)

Opportunist (166417) | about 7 years ago | (#20742947)

The "West" learned in the 80s. You do NOT want those people in your security department. Yes, they have the skill, but they don't have the ethics. And that's the big deal here.

You will not get a job offer here for writing a virus. No reputable IT sec company will touch you with a 10 foot fiber cable. Yes, you obviously have the skill, but you lack the morals not to use it for what you've done.

What is really lacking in today's IT world is lectures and courses about the topic. Do you see many universities teach you something about malware? How to exploit a system? How to look for security holes? Yes, very controversial topic, but it's necessary. I mean, where are you supposed to learn that? Self study takes a long, long time, time you don't have in today's IT sec world where what you learn today is dead weight in a month. And, well, self study is usually only done by people who have an interest in applying that knowledge, and rarely for good...

Re:The Chinese will learn, too, eventually... (1)

spleen_blender (949762) | about 7 years ago | (#20743287)

But what recourse do disenfranchised hackers (of either hat colour) have for an industry that in one breath will tell you that skill in the trade is the most valuable thing, then in the other breath farm out your job to a programmer in India who barely knows how to use a hash table?

All I am saying is that it is hard to decipher if the ethical concerns with an individual hacker were present before they had the skill or if the ethics are merely a result of happenstance.

Re:The Chinese will learn, too, eventually... (1)

Opportunist (166417) | about 7 years ago | (#20743649)

It's not necessarily only a matter of your attitude towards the industry. If your malware only affected business targets, I could see that it's some kind of revenge to an industry that shipped your jobs to a country where the average coder asks you what he needs a hash table for, because he only needs one for coke.

Malware, though, strikes predominantly "civilian" targets. And with the advent of botnets like the Storm net, the net itself. And, sorry, with this on the table, you cannot tell me that the ethics of people who write that are terribly high. If you strike against corporations who wronged you, that's one thing. If you lash out indifferently against the net as a whole, it tells me something about your moral code (or lack thereof).

Re:The Chinese will learn, too, eventually... (1)

spleen_blender (949762) | about 7 years ago | (#20745343)

But what is the motivation for that behavior? It is financial for the most part, save a few renegade hackers who are living out some sort of Matrix fantasy, if I am not mistaken. So what is wrong with giving the ones with the skill the incentive to use their abilities for good? Shouldn't they be compensated according to value? Or is it too disturbing paying the lion to not eat you?

Re:The Chinese will learn, too, eventually... (1)

clickety6 (141178) | about 7 years ago | (#20743543)

Yes, they have the skill, but they don't have the ethics. And that's the big deal here.

Yes, because every day we hear how ethical the big companies are here in the West. Our big companies would never abuse monopoly positions, would never swindle share holders, would never abuse their staff, would never seek every way possible to avoid paying taxes, would never rip off their customers, would never fix prices, would never use scare tactics, would never spread lies and disinformation about competitors, would never spy on competitors or their own staff, would never collude with their own government to break the law, would never work with an oppressive regime just for profits...

yes, I'm constantly amazed at how ethical Western companies are... ;-)

I'm not sure if I should tag this post as or !

Re:The Chinese will learn, too, eventually... (1)

Opportunist (166417) | about 7 years ago | (#20743839)

I've said it in the comment above, I say it again, if you're pissed at companies, go ahead and bring them to their knees. But there's no excuse for launching an all out attack against everyone who uses the net because you're angry with a company or two.

Re:The Chinese will learn, too, eventually... (1)

Hoi Polloi (522990) | about 7 years ago | (#20744379)

It doesn't matter what the ethics are of the company as a whole. If they can't trust you as an employee they won't hire you since all organizations (whether you think they are corrupt or not) depend on trust. If they are cheating, they want to be the ones doing the cheating, not being cheated. Even an Enron wouldn't be in a rush to hire a convicted embezzler.

Re:The Chinese will learn, too, eventually... (1)

thePowerOfGrayskull (905905) | about 7 years ago | (#20744551)

Our big companies would never abuse monopoly positions, would never swindle share holders, would never abuse their staff, would never seek every way possible to avoid paying taxes, would never rip off their customers, would never fix prices, would never use scare tactics, would never spread lies and disinformation about competitors, would never spy on competitors or their own staff, would never collude with their own government to break the law, would never work with an oppressive regime just for profits...
Being able to trust your employees not to steal and sell hundreds of thousands of customer credit card numbers to the highest bidder has nothing to do with corporate morality or lack thereof.

Re:The Chinese will learn, too, eventually... (2, Informative)

dark404 (714846) | about 7 years ago | (#20744699)

Do you see many universities teach you something about malware?

Um... yes? Actually, where I go there's an entire CS Masters concentration dealing with the subject along with digital forensics topics...

Re:The Chinese will learn, too, eventually... (1)

Opportunist (166417) | about 7 years ago | (#20745847)

Care to share the secret which university would be that? And how long you had to search to find it?

Offered a job for your crime (3, Interesting)

craigkup (1161507) | about 7 years ago | (#20743015)

It's like you robbed a bank, but you did it so well the bank wanted to hire you as security to protect them.

Re:Offered a job for your crime (0)

Anonymous Coward | about 7 years ago | (#20743201)

Apparently some ex-felons are hired on this basis.

Re:Offered a job for your crime (1)

edrie (1159819) | about 7 years ago | (#20744105)

i dont think so..maybe you are hired as actor in OC 14 XD ~

if I was chinese... (0)

Anonymous Coward | about 7 years ago | (#20743035)

and I was going to be getting that much money, I would totally change my name to Suk Maidong.

In communist China... (0)

Anonymous Coward | about 7 years ago | (#20743049)

...prison attracts you!

on hiring the insecure and the vengeful (2)

westlake (615356) | about 7 years ago | (#20743095)

The media is reporting that author Li Jun originally wrote the virus due to frustrations over being jobless.

You hire a guy with a record with of lashing out against the world when he meets with life's frustrations. What next? Do you offer him lifetime job security and rebuild your IT infrastructure every time he twitches?

Shoot them (0)

Anonymous Coward | about 7 years ago | (#20743219)

People who write viruses and worms should be shot.

Something to be concerned about (1)

Targon (17348) | about 7 years ago | (#20743235)

Considering the changes in the computer industry over the past 20 years, it should scare people that this sort of thing is going on right now. There have been an increasing number of hacking attempts from China, and there are also an increasing number of businesses that are based around infecting computers with spyware/adware.

As a result of this, paying hackers and cyber-terrorists(which is really what worm creators are) for their expertise in this sort of program is a VERY VERY bad thing. The culture in that part of the world is different from "western" nations, and as a whole tends to be more accepting of illegal activities(look at pirated software being sold on store shelves). Many people are worried about scams from Russia, but those are nothing compared to some of the scams that originate in Eastern Asia.

Gn44 (-1, Flamebait)

Anonymous Coward | about 7 years ago | (#20743421)

all$ along. *BSD morning. Now I have 3 simple steps! startling turn and juliet 40,000 and Michael Smith Standards should were compounded have their moments under the GPL.

Inspiration! (1)

caesura (1159543) | about 7 years ago | (#20743597)

Excuse me while I go write a virus that will replace the boot sector on all windows-running computers with a small program that displays my resumé and contact information.

Communism? (1)

operagost (62405) | about 7 years ago | (#20743651)

I thought this was a Communist country. What happened to "to each according to his needs?" Does a hacker need millions of yuan?

Re:Communism? (1)

budword (680846) | about 7 years ago | (#20743869)

China hasn't been communist in a damn long time. Now they are just a one party dictatorship. Think Soviets without the good intentions. The funny part about it is the communist party isn't even embarrassed about it.

Re:Communism? (1)

tnk1 (899206) | about 7 years ago | (#20743929)

China is now about as Socialist as the National Socialists, if you get the picture. More National than Socialist.

Basically, China is an oligarchical state that gives lip service to the theories of people who are pretty much discredited: Mao, Lenin, Marx. For lack of a better mantra, they've stuck with it, since they can punish you if you argue with it and they've printed all the textbooks in Red already. There's nothing more comforting than being able to say you're a revolutionary without having to create another actual revolution. New revolutions get messy and people get lined up against walls. They're very profitable either.

The Chinese have a very specific brand of morality, and they insist that you stick to it, but its not the same as in the West. They won't hesitate to employ a troublemaker, if they have real talent, because they can promise punishment and monitor them much more effectively than you could in the US. The real reason this guy was a threat was because he was unknown. Now that he's known, he's like an ameboa under a microscope. And he's been in a Chinese jail. He knows what's coming if he screws up again.

Re:Communism? (0)

Anonymous Coward | about 7 years ago | (#20745795)

Yeup. It is just an oligarchy. A party that stays in power to keep itself alive. I'm sure every American political party that likes to toss the word "freedom" around would love to have that kind of power.

Re:Communism? (1)

edrie (1159819) | about 7 years ago | (#20743969)

dont think about communisme..all hacker need the money to upgrade their system XD ~ if u child also need money to buy the chocolate~

It is a communist country (1)

sonoronos (610381) | about 7 years ago | (#20744133)

It's just not a Maoist communist country anymore. Deng Xiaoping changed everything.

Re:Communism? (1)

PalmKiller (174161) | about 7 years ago | (#20745179)

1 Million Yuan is 130K in US dollars which is good but not great for the title they are offering him. Now I do agree that is a lot considering that china's cost of living is low, but still not all that amazing in US terms.

Industry, or government? (0)

Anonymous Coward | about 7 years ago | (#20743729)

Seems like such an individual would be very valuable to government espionage agencies...

Give him a job only after... (2, Interesting)

Simonetta (207550) | about 7 years ago | (#20743983)

I believe in fairness. Everyone needs to work productively. So yes, give this guy a job.

    But only after he has spent MANY years in jail, and has reimbursed all the people who lost work and data directly resulting from the virus being on all the computers affected by this crime.

    So if this criminal has written and released a bit of secret code that wipes out data a hard drive, then he (always a he) should be required to compensate for the cost of collecting and entering this data. He must also be responsible for loss of income and profit in all the companies infected by his virus code.

    If he is still interested in coding after all the effort and expense that he must do to correct the bad effects of his deliberate action of writing and releasing a destructive virus, then he should be allowed to do so.

    But not until all the compensation has been made. It doesn't matter if this criminal is a coding genius, we can always get the same results from having more ordinary people working on the same coding problem as a lone genius.

    What I'm saying is that regardless of any individual's coding skills, if this individual causes millions of dollars of damage, he should not be allowed to work in this industry.

Chinese Worm Creator Gets High (1)

CrazyJim1 (809850) | about 7 years ago | (#20744215)

Anyone else misread the title at first?

What? No military contract? (1)

n dot l (1099033) | about 7 years ago | (#20744545)

I'm just surprised this guy wasn't hired by their government. A cyber-attack would be a pretty good start to their next war, especially against their highly industrialized (and networked) neighbors. You could disrupt their economy for days (or weeks, depending on how good the worm is) before launching an actual attack and nobody could really counterattack right off the bat because they'd think it was just another random teenager in his basement up to no good...

Re:What? No military contract? (1)

fire5ign (675508) | about 7 years ago | (#20745557)

I'm just surprised this guy wasn't hired by their government.

How do you know if he wasn't? In China, "business is politics and politics is business." China's economic model is what's known as 'Leninist Corporatism', and there are many for-profit corporations run by the government and the People's Liberation Army.

What about next time he gets frustrated? (1)

1.000.000 (876272) | about 7 years ago | (#20744837)

Would he then

a) get over it?
b) do something harmful?

Good luck giving him access to your IT system.

Go to prison, win at life (1)

cylcyl (144755) | about 7 years ago | (#20745667)

So, committing a crime is a part of the recruitment process? Cool!

Reminds me of the A-Team

I've found it (0)

Anonymous Coward | about 7 years ago | (#20745739)

Step 2 is go to jail

Oblig "It's a Wonderful Life" (1)

seven of five (578993) | about 7 years ago | (#20745971)

Mr. Potter: "Merry Christmas to you - IN JAIL!"

Why disable .exe? (0)

Anonymous Coward | about 7 years ago | (#20746003)

Isn't that self-defeating? It makes the hijacked machine unusable, people will notice immediately and reinstall their OS.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?