On RTE Radio One's "Morning Ireland" show this morning, at about 0750, there was a piece about the MyDoom virus. They interviewed some 'expert' about this, and the expert said that in his opinion the virus was most likely written by some open-source supporters. He said a few other annoying things as well, but would it be appropriate for IFSO to write a quick email to RTE saying that while the expert is of course entitled to his opinion, other sources of information point more at a Russian criminal origin, aiming to use the machines to send spam. The SCO/Microsoft DOS in this case would be a decoy.
RUSSIA was 80 per cent likely to be the origin of the Mydoom computer worm, which has become the worst ever internet epidemic, a top Russian anti-virus firm said today. [...] An expert from Kaspersky Labs, Alexander Gostiyev, told a press conference in Moscow the creators of the virus were not aiming to disrupt internet traffic but use infected computers to distribute unsolicited junk mail.
--- http://www.theaustralian.news.com.au/printpage/0,5942,8543890,00.html
RTE put up the individual pieces from Morning Ireland shows at
http://www.rte.ie/news/morningireland.html
but this morning's isn't there yet.
Might be worth making sure the ifso.info website is back up before sending anything though. Also, should we have a "press@ifso.info" email address to send things like this out from?
Ben.
entitled to his opinion, other sources of information point more at a Russian criminal origin, aiming to use the machines to send spam. The SCO/Microsoft DOS in this case would be a decoy.
I find this theory just as unlikely as the "linux fan" hypothesis, probably something thought up by the media whores in mi2g and swallowed whole by the media luvvies that adore them. Seriously, if you were a "russian criminal" (Senator McCarthy would be proud) and you contracted some hacker to create a worm for you for this purpose, would you feel you were getting your money's worth if the hacker built in a DDoS tool that announced the worm to the world? It defies logic.
adam
Quoting adam beecher lists@beecher.net:
[Ben North wrote:]
[...] other sources of information point more at a Russian criminal origin, aiming to use the machines to send spam. The SCO/Microsoft DOS in this case would be a decoy.
I find this theory just as unlikely as the "linux fan" hypothesis, probably something thought up by the media whores in mi2g and swallowed whole by the media luvvies that adore them. Seriously, if you were a "russian criminal" (Senator McCarthy would be proud) and you contracted some hacker to create a worm for you for this purpose, would you feel you were getting your money's worth if the hacker built in a DDoS tool that announced the worm to the world? It defies logic.
Well, possibly, if it did distract attention from the real purpose of the worm. But you're right; this is all heavily speculative. Maybe it's not worth making a fuss about.
Ben.
On Mon, Feb 02, 2004 at 11:32:46AM +0000, Ben North wrote:
Quoting adam beecher lists@beecher.net:
[Ben North wrote:]
[...] other sources of information point more at a Russian criminal origin, aiming to use the machines to send spam. The SCO/Microsoft DOS in this case would be a decoy.
I find this theory just as unlikely as the "linux fan" hypothesis, probably something thought up by the media whores in mi2g and swallowed whole by the media luvvies that adore them. Seriously, if you were a "russian criminal" (Senator McCarthy would be proud) and you contracted some hacker to create a worm for you for this purpose, would you feel you were getting your money's worth if the hacker built in a DDoS tool that announced the worm to the world? It defies logic.
Well, possibly, if it did distract attention from the real purpose of the worm. But you're right; this is all heavily speculative. Maybe it's not worth making a fuss about.
The virus has all the bits necessary to turn your machine into a spam zombie and include code to allow delivery and execution of arbitrary binaries, which could be keyboard sniffers or whatever.
It was definitely not originally developed by open source people. The only possibility for open source involvement would be that some OS advocate who is also a fool took a current virus and modified it to flood SCO and MS. The problem with that theory is that MyDoom is not a simple derivative of a current virus and anyone who could add the SCO stuff would probably have ripped out the other shite before propogating it.
This virus is the most virulent so far, it was going to big news with or without SCO attacks. The SCO stuff provides a handy story to keep the press away from the fact that it turns your machine into tool for criminals and spammers. Pretty clever cos it's working,
F
Ben North writes:
there was a piece about the MyDoom virus. They interviewed some 'expert' about this, and the expert said that in his opinion the virus was most likely written by some open-source supporters. He said a few other annoying things as well, but would it be appropriate for IFSO to write a quick email to RTE saying [...]
In the short run, I think the best thing to do is send a personal email. That's what I do anyway. In the long run, we should make some quick procedure for sending stuff "from IFSO". I'll bring it up at the next meeting.
If people do write such emails, please send a copy to the list so we can build up good responses to issues that might come up again.
The IFSO FAQ is still on my todo list but I'm snowed under this week.
Also, should we have a "press@ifso.info" email address to send things like this out from?
yeh, we need a few @ifso addresses. I can get them set up, but I was waiting for the ifso.ie domain name (soon?)