Suspected creator of one Blaster virus in custody!

If you disapprove of his actions, contact him and tell him so:

<address and phone number removed - CF>

That virus shut down my entire apartment complex’s internet for a whole damn week, and it still ain’t working right, so fuck that dude.

That said, isn’t posting his addy and phone number a little iffy?

Jeffrey Lee Parson should have his scrotum nailed to a board until he personally cleans every computer his virus attacked. This should be the punishment for all virus writers, as they are eeevil!

I said “he” and “his” because I haven’t heard of a female virus writer. It seems to be a bright, bored but demented and ultimately evil guy thing. Anybody know if there are any females out there who are doing the same thing? If so, a similar punishment should be devised employing a large fishhook :smiley:

Much as I’d love to go and do nasty things to this person with a range of medieval devices, I don’t think you should be posting his address and phone number on this board.

Apart from anything else, what if you got it wrong? It only takes one mistyped digit to make an innocent bystander’s life a complete misery.

Don’t put someone’s address and phone number on the SDMB, suspected, guilty, or otherwise. Don’t do this again.

Sorry! I didn’t realize that was prohibited. (It doesn’t say so in the SDMB Guidelines document.)
But if that’s the policy, OK.

[But it’s hardly like I was posting something secret – this is public information, easily obtained by anyone at Yahoo or many other sites on the internet. And since his is the only Parson family living in Hopkins, MN, there is not much chance of getting the wrong number.]

Well, yeah, but posting it here could get the Reader in hot water.

How, specifically?

It’s not libel, since this is clearly factual information.

It’s not trademarked or copyrighted info.

It’s not private information, since it is already published in the Minneapolis phone book, among other places.

So unless the SMDB is foolish enough to publish an incitement to criminal acts, like telling readers to go and burn his house down, or call him up late at night and scream obscenities in the phone, etc., I don’t really see how re-publishing this already public info could get them in hot water.

t-bonham:

The Reader could get in trouble had they allowed your posting of an invitation to harass someone to stand with the inclusion of the personal information. & don’t even try to say you didn’t invite harassment on the guy:

If you disapprove of his actions, the responsible & legal thing to do is let the courts work the way they’re designed.
It’s been a rule for a while on these boards that one doesn’t post another’s actual phone number and/or address.

Thanks, Monty.

No problem, Jeff. Actually, I thought my answer is the incredibly obvious one.

'Course, sometimes the obvious one is hardest to see.

There’s a pic of me on one of the SDMB picture pages where I am 6’6" and 325 lbs. - not that big of a difference. I am not ‘morbidly obese’, though I admit I am overweight I don’t look ‘fat’.

Today, the Register had a great write-up today on the status of apprehending and/or punishing the authors of the most well-known viruses since the dawn of the modern virus era (1988, birth of the Morris worm).

After reading it, I can feel fairly confident about these things:

  1. Virus writers only get caught when they either fess-up, are stupid, or live in a virus-writer friendly juristiction and don’t bother covering their tracks.

  2. The worms that have been bent on pure distruction (Nimbda, SirCam, Slammer) are written by people who aren’t in catagory 1. They haven’t caught a non-copycat author of a virus I’ve heard of since 2001.

  3. Worms come in waves. Remarkably, the first wave can be fairly benign compared to the later waves (Kournakova was written because the auther couldn’t believe that people didn’t learn anything from LoveBug, and the people infected with SoBig still haven’t learned that lesson…people that didn’t load in the fix to CodeRed were treated to the might of Nimbda, etc).

  4. So individual users have to take responsibility to protect themselves from such attacks. Download the latest security patches once a month. Don’t click on unknown email attachments. If there’s a big virus/worm going around, or a major exploit announced, make yourself immune before you catch it so you don’t get hit by the next wave. If you do get hit by an early wave, and all you lose is time, be thankful that your ignorance didn’t cost you data and consider your lesson learned, don’t go complaining about how these things “shouldn’t” happen.

I know, I know, “easy attitude to take when you’re not the one” yada yada. But I was hit, 3-4 years ago, by one of the early .vbs script viruses. I was used to .com, .bat, and .exe being the only executable extensions, so I thought that .vbs would open a viewer or something. Half a gig of pictures destroyed later…but even then I didn’t lash out at that “evil virus writer”, I considered myself to be stupid for opening an unknown attachment type.

So even if my attitude “mystifies” you, at least I’m consistant with it.

And how about Sobig, then? You know, the virus that’s causing millions in damage mainly to people who aren’t infected with it. Curse us for being able to recieve e-mail from someone else who got infected. How could I be that stupid as to actually recieve e-mail?

And that’s just the obvious example since it’s causing major havok right now in the IT industry. Viruses cause an awful lot of collateral damage beyond the point of infection and the authors are always looking at secondary methods of infection that don’t require the user to do anything stupid to get in. The blame for all of this cannot be laid at the feet of the user; it’s some maladjusted punk who’s decided that just because he can’t see the harm he’s causing it’s okay to do it.

BTW, there’s a transcript of a short interview with this loser at http://www.msnbc.com/news/960377.asp where he shows a complete lack of understanding as to the seriousness of what he did. He apparently thinks that what the original author did was wrong but what he did was just fine. And that line about not realizing he was a suspect was insane. For future refrence, if you’ve committed a major felony and the FBI comes around asking you about it they’re not making general inquiries due to your expertise in the field.

Yes, this Parson guy comes across as an idiot. His parents seem to be playing up his moron defence.

If only that were true. I have a fair amount of computer knowledge, but I couldn’t do what he did - mainly because I have no desire to cause anybody grief or malicious damage.

In other words, they’re no different from any other type of criminal. MOST criminals are caught because they do something stupid - that doesn’t mean we don’t take investigation of crimes such as robbery, rape, and murder seriously. Why should we treat virus-writing any differently?

Yes, they’re going to be hard to catch. Some virus writers will never be caught. That doesn’t mean we shouldn’t attempt to catch them and hold them accountable for the damage their creations do.

One can do all those things and still be infected. And in many cases, the loss of time IS the most critical loss.

My hospital’s computer network is protected by a router firewall; we have a full-time IT staff who updates the anti-virus software regularly. In spite of this, one of the recent worms got past our safeguards. It took the entire hospital computer system down for two days. Fortunately, we have a completely manual backup system for reporting most laboratory results - but no such backup system exists for issuing pathology reports on tissue specimens. I couldn’t sign out biopsy results for two days. The IT department had to work mandatory overtime (the first two days, round-the-clock) to get the damage under control, and it took them nearly a week to get everything up and running correctly. The med techs had to work overtime afterward to re-enter the manual lab results issued during those two days of downtime back into the computer database, once the system was up and running again.

I shudder to think of how much this cost in terms of dollars. For patients who were waiting for biopsy results, the costs could have been even higher. How would YOU feel if you had to reschedule your upcoming surgery or a followup appointment with your oncologist because your biopsy results couldn’t be issued promptly? I don’t think you’d be so sympathetic to the “all that was lost was time” argument then.

The internet has matured; it’s no longer merely a nerds’ playground. Viruses and worms now cuase real, tangible harm; they’re no longer merely trivial annoyances (if they ever were). That change needs to be reflected in the way we treat the people who write them when we manage to catch them. People who write viruses and worms need to be treated as the criminals they are, and they should serve jail time commensurate with the damage their creations cause.

Sobig is causing untold havok and destruction on a major level. 1 out of every 17 emails sent currently carries the virus. And it’s author has released 6 different versions of it since January, each with a time limit on them, and each new version comes out shortly after the time limit on the previous one expired. I’ve got no sympathy for the author, but the FBI has had 5 chances to locate the source of the new infestations and the author is still very much at large. I have no faith in their ability to catch him, and I have no faith in their ability to stop any copycats.

The fact remains that Sobig depends on the stupidity of the common user, to open unknown attachments, to be able to spread. The sad part is that “smart” people pay the price as well, for they get all the glurge from the infected people. Do you have a plan for exterminating Sobig that doesn’t involve educating users?

Keep in mind that Sobig’s author is no dummy. Remember me saying that millions of people in the world could have written Blaster? Take a look here at what Sobig is trying to do. We’re talking highly specialized knowledge following a master plan here, and at the pace they’re developing it’s either the author’s full-time job to write this virus, the author is a programming god, or there’s a team working on it in their spare time.

Yes, and computer security people are always looking for them as well, so they can notify the company that’s providing that method so that company can close the hole before virus writers can exploit it. MS has traditionally made this more dificult for the computer security industry to do by not releasing source code. But Blaster is a perfect example of this, the user doesn’t have to do anything to get infected, they just have to not apply the patch.

In cases like this, I almost endorse the behavior of CodeGreen and Welchia, which attempt to exploit the security hole so that the worm can then install the fucking patch and close the hole.

adam, please register in your brain the difference between “could” and “would”. I “could” have written blaster, and LoveBug, but I “wouldn’t”. I think that the statement “It doesn’t take a genious to take the original Blaster and change it to drive traffic to my web site” stands on it’s own.

Not that I have any sympathy for Mr. Parson, but he is being scapegoated. It seems like a good fourth of the people in this thread are acting like Parson wrote the original Blaster, while his version only infected about 7000 computers.

-lv

I’m not saying that we shouldn’t. But it’s naive to think that if you do catch today’s virus-writer and he happens to live in a juristiction that’s in the position to punish him, that that will somehow make all virus writers go away. Just like there will always be robbers, rapists, and murderers, there will always be virus writers, so it makes sense to avoid confrontations with their creations.

Quite frankly, your full-time IT staff needs a shake-up, or more manpower, or both. Worms will not get through a properly configured firewall unless somebody lets them in (like with a laptop they connect to the internet with at home), and once in it won’t be able to infect any other computers if they’ve been patched against that exploit. Now Slammer was a heck of a worm, it exploited a flaw in software that most people didn’t realize that they had installed, and 1 infected computer could take out a whole subnet, but even then it’s easy enough isolate that infected computer by pulling cables until the activity lights stop blinking.

In your case, you didn’t “just lose time”, so you shouldn’t consider yourself lucky. You should be taking steps to ensure that it doesn’t happen again. There are plenty of out of work IT guys on the market who would be willing to help you out. A quarter of them may even be able to help.

Not only am I aware of the difference between ‘would’ and ‘could’, I phrased my response in the way I intended to.

Where does this statement appear?