Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
The Courts Government News

Melissa Virus Suspect Confesses 133

Posted by Roblimo from the all-this-to-impress-a-topless-dancer dept.
rcade writes "Melissa virus suspect David L. Smith 'admitted to investigators that he created it and then destroyed the personal computers he used to post it on the Internet,' according to court papers turned up by the Asbury Park [NJ] Press."
This discussion has been archived. No new comments can be posted.

Melissa Virus Suspect Confesses More

Melissa Virus Suspect Confesses

Comments Filter:

  • Never. :( (Score:2)

    by jd ( 1658 )
    Software is exempt from any form of quality control and customers are not protected by consumer rights.

    If Microsoft shipped Windows 2000 in a form that wouldn't boot, or wiped the hard disk every third day, not a single user would have any rights to complain.

    In fact, if Windows 2000 e-mailed confidential company information to every competitor with an e-mail box, those users could still not raise a fuss. They have no rights. And even fewer, with the new software legislation that's going through.

  • Apparently this guy unhooked his peripherals and removed the systems unit(s) from the apartment, but I'm wondering just how much of them he felt it necessary to destroy to erase the evidence. Was he afraid that his case and power supply had encoded their serial numbers into his Office '97 docs?

  • My employer's sysadmins spent at least 3 days ealing with Melissa and its aftereffects. That's three days that they didn't spend working on their normal tasks. Multiply that by all the companies that were infected by Melissa, and, yes, you're talking serious money.

    It is no longer "free" for external E-mail to be down. Down E-mail = unhappy customers and (potentially) lost sales. I suspect the customers who received Melissa from us are very unhappy indeed.

    Yeah, Outlook sucks, and we should have been using open software. Tell that to the PHBs who like scheduling meetings, filing their nails, and slicing french fries with their mailer. Meanwhile, my company lost time and money because of Melissa, and I very much doubt we're the only ones.

  • A business case can be made for that. For example, at my company, we work with remote developers, investors, and partners. My boss gets very pissed when the server here gets hosed, or the relay hosts go down, or the pipe gets clogged, or the big router we're homed on throws a fit and spits out an ATM card.

    If we're waiting for confirmation on a contract from Intel, say, or waiting for a conference call time sent via email by one of the overseas investors, or a follow-up from a developer re. a bug fix to code that needs to be out this afternoon, and the developer is in Taiwan. Well, that can cost us money.
  • The Unibomber left blocks of wood with nails sticking out behind cars. People saw them an thought that it was to flaten car tires. They of course blew up as soon as people touched them.

    Did they trigger the bomb! YES
    Are they at fault. NO of course not.

    So those silly people who use MS software might one day lose a hard drives worth of data. They would be to blame for losing the data. That doesn't make this guy any less guilty.

    BTW.. Should Microsoft be called in this case to answer for their shoddily built OS, Office Software, and mail client? YES
  • They use the seized equipment not just as evidence, but as leverage against the suspect ("we have your stuff, cooperate and you can have it back").

    Same technique used in The Hacker Crackdown [umr.edu]
  • At any rate, it's not in the job description for the cops doing the raid to know about computers - that's for the eggheads in the lab. (And hopefully the prosecutors, or someone advising them, who are pressing the case.) I don't care whether my cops think the CD-ROM drive is a cupholder, so long as they know one end of their sidearms from the other.

  • I'm just saying that the modern day script kiddie (even though he's like 30...) is in a symbiotic relationship with computer users (and that term is loosely used here).

    Thousands of crimes are made possible because of foolish, ill-advised, or insecure behavior by the victims. Should we let a car thief kiddie go because a driver made the decision to leave his keys in the car and the motor running?

  • Please... Grow up. (Score:3)

    by Inoshiro ( 71693 ) on Wednesday August 25, 1999 @09:28AM (#1725836) Homepage
    Big Businesses seem to love sueing people when they have problems they can't explain.

    "But these Microsoft marketting people told me NT was good, so I told my IS and IT managers to use it.. Now this! We mu sue!!!"

    Disgusting!

    1) I never noticed any slowing of the internet as a whole (whereas the sendmail worm of the 80s affected actual network speeds all over the Darpa-net).

    2) Postfix MTA didn't receive one mail with a doc attachment. It if had, it would have at least done something sensible like message me whens everal thousand outgoing emails started happening.

    3) Clueless IS people who don't notice the network bandwidth is being eaten by hundreds of thousands of SMTP trasnfers should be fired.

    4) Netscape Communicator mail, PINE, and Eudora all have no problems with this (I use them, millions of others do).

    The problem only affected a fraction of the "true" internet population, because not many people use Outlook 9[78] ... And of those, the people who were not trained about their business machines were already a liability to their business (re: the stupids earlier on Slashdot).

    I hope Businesses grow up about responsibility, perhaps by demanind service contract, or perhaps by listening to their technical staff.
  • My employer's sysadmins spent at least 3 days ealing with Melissa and its aftereffects. That's three days that they didn't spend working on their normal tasks. Multiply that by all the companies that were infected by Melissa, and, yes, you're talking serious money.
    Let's do the math:
    • Low end: $20/hour * 2 sysadmins * 8 hours * 3 days = $960
    • More realistic minimum: $100/hour * 2 sysadmins * 8 hours * 3 days = $4800
    The $100/hour includes benefits, employer's taxes, and other things which don't show in a wage. This assumes only 2 sysadmins (plural was used by original poster) and does not include other losses, such as recovery of damaged documents and employee time lost while machines being cleaned.

    A felony is often based on dollar value of loss. Depending on jurisdiction, $4800 is generally well above the felony minimum. And this is just one company.

    Say "Thanks, Bill" everyone!

  • If people tried other software packages, it wouldn't spread so fast, like...


    FreeBSD! and elm.

    George
  • In his brief, Bubb suggested that Smith may not be the only defendant ultimately prosecuted in the "Melissa" case, saying that the investigation is centering on figuring out the amount of harm inflicted by the virus and determining if anyone else was involved.

    Other involved parties:

    • Microsoft
    • People (namely IS managers) clueless enough to use Microsoft software
    • People who habitutally send files through email, instead of using FTP

    --
    Interested in XFMail? New XFMail home page [slappy.org]
  • I wonder what apartment he lives in. It would be
    interesting to have a chat with him about this whole mess he has gone through. Not that I don't
    think he deserves every bit of it, but it would
    be interesting to get his real perspective.

  • Plus all the people stupid enough to open the attachment. The message sounds suspicious as it is, especially when you didn't ask for any documents.
  • I wonder if they took his extension cord as "evidence" also... The floppies and writable CD's I can understand their taking in order to determine whether they contain evidence, but *cables*??

    Apparently anything even vaguely "computer" is fair game when searching the lair of a "hacker". I wonder if they take the car-vac along with the car when they bust a getaway car driver. ;)
  • Fine for Melissa, but how about the Excel vulnerability? This was finally patched a few days ago (HP just sent me a patch notice yesterday), but its been around at least for weeks, some say years.

    This one is the "Good Times" nightmare in reality. The act of opening mail (not the attachment, the mail) is sufficient. It can also be implemented as a web page that destroys your computer on viewing. All because Microsoft never considered that an embedded spread sheet might contain malicious programming.

    I agree users do have to take responsibility for their actions, but that doesn't mean Microsoft isn't negligent sometimes.

    Jim



  • You could use a public FTP directory, for files which aren't terribly confidential. Places like wuarchive.wustl.edu come to mind (but I could be way off on the spelling or the status of that one).

    The difficulty I see from where I sit is in dealing with a corporate firewall ... you'd have to use a socksified FTP client, which can be a little tricky to set up. There's also the issue of confidential files.

    Yes, there are ways around e-mailing attachments, but I know lots of users (and IT managers) who look at the alternatives and ignore them.

    --
    QDMerge [rmci.net] 0.21!
  • or an Atari 800 with 128k and a Happy Chip!
  • ""Smith admitted, among other things, to writing the 'Melissa' macro virus, illegally accessing American Online for the purpose of posting the
    virus onto cyberspace, and destroying the personal computers he used to post 'Melissa,' " Bubb wrote"

    "Posting onto Cyberspace" is as valid in this case as "making the men not quite well feeling" would be in a murder case, except less so since "cyberspace" is not a valid term for email..

    Also:
    " on April 1 that central processing units from two computer systems had been removed. Police seized the remaining components of the systems, including power cables, monitors, monitor cables, floppy disks and writable CD-ROMs."

    I'm reminded of the people who hit enter, intstead of letting wordwrap handle their comments on Slashdot.. The central processing units led me to bevlieve they had found two complete cases, with motherboards, expansion cards, power supplies, etc, except with the CPU socket empty.. Oh, no. The "monitor, monitor cables" (yes, monitor cables are somehow important evidence, they could've just siezed the HD) "floppy disks and burnt CD-ROMs."

    Where are the HDs? Where are the expansion cards, etc? I think these st00pids meant the computer was removed from the peripherals. Sad. Pathetic. I hope this kid gets off scott free.

    Certainly, their evidence gathering "methods" must have at least destroyed the evidence itself. I'd personally convince one of them (people who watch the evidence) to have a bulk demagnetiser around the "CPU" all the time to stop the viruses jumping to their systems.
  • or Windows 3.1 with Eudora Light! :)
  • You'd think they would at least prosecute MS.

    "Do you admit that you sold these products to businesses that were crucial to the infrastructure of America, and yet did nothing to enforce or even implement the basest security of Macros, Mr. Gates?"

    It's a bit like, do we prosecute the person who sold the gun to the kid, out of spite, or do we get off of our duffs, and go make guns illegal (or at least harder to own). Which would save more lives, and ultimately make more sense?
  • I'm still unclear on whether this guy actually sent out this virus to anybody's computer, or whether he just posted it to Usenet and waited for people to download it. If the latter happened, it seems it would be arguable that he didn't do any damage at all. I'd like to see someone post a similarly virulent macrovirus to Usenet, with clear warnings that "This is a worm", with the actual code commented out so the Usenet post doesn't hurt anyone accidentally, but with effects that are tempting enough to script kiddies that a million people are infected the next week. If you write malicious code, but someone else uses it, whose fault is it?

  • My understanding of the situation is that the guy was identified by the Word ID on the most common melissa-infected document that circulating the internet, and that there are records of him posting the infected document to usenet.

    What a lot of people have overlooked is that this does not necessarily mean he created the virus.

    This is a Word macro virus and like other Word macro viruses it infects the system such that all new documents created are infected with the virus. The new infected documents don't automatically get mailed out, unless you send the document to people who are not already infected, in which case they will automatically mail out YOUR document, not the document that originally infected you.

    Such is the nature of viruses: they get spread by people other than the person who created it.

    It is conceivable that a person could unknowingly contract the virus from someone else and then simply be the first infected person to post to such a widely accessable location as alt.sex.whatever, thus causing their infected document to spread exponentially faster than any other infected document. If you create a new document it would have your ID. If you are infected it would have the virus. This is not the same thing as creating the virus.

    I'm not saying the guy didn't create the virus (they say he confessed) I'm just saying that finding the person who created the most widely spread infected file and assuming that they created the virus is a dangerous precedent. If the Word ID and upload records is sufficient to convict a person of creating a virus, then anyone who's ever been infected and unintentionally spread a virus can be charged for creating it, if their infected file gets enough distribution.

  • So he created a macro that tells another piece of software to do something bad.
    Well if I tell anyone to go kill someone, and they do so, I wouldn't be the only one to face court actions would I ?

    Dumb is, as dumb _does_.

    I tell people on a regular basis, that I don't understand why so many people (including them) put up with systems that willingly will destroy everyting they work on. And get this, I either get blank stares, or some muttering about nobody wanting to switch to Linux....

    Hell, if MS Word or any other product with just as little notion of security was ported to Linux, that would be just as bad. But why the fsck does people fail to see that security is just as needed in applications as it is in operating systems and front doors ?

    I don't run netscape as root either. And my seti@home clients run with their own UID.

    It all boils down to, if the source ain't open, you don't know what you got.

    But I'll be the first to sell you the Eiffel tower if you tell me people will realize this.
  • this guy was obviously good with computers... he made one of the "best" virus's of yet. he made use of holes in micro$ft, so he had to know a bit about micro$ft.. he probably knew about the id tags, and when he was arrested he waved his rights and flat out admitted to doing it!! the guy just wanted his 15 min.
  • There were a number of damaged systems and networks across Lake Washington as a result of this, not just Microsoft itself. But none of those companies wanted to publicize their vulnerability.

    Even a few firms in Seattle proper were hit.

  • This event has shown that writing viruses is no longer reserved for highly skilled crackers with a great deal of time. Hinting at another post, I would compare the skill required to write (or modify) a macro virus with that of a good car stereo thief. The difference is that even the best car stereo thief has to steal one at a time. Why waste your time when you can bring down all the computers in corporate America? During the panic you might be able to target a vault or something...

    This could become an extremely serious problem. Microsoft will not lose profits, however, until the public can understand the issue. But that will never happen. Like Y2K, it just doesn't make sense to most people.

    - "Will my PC stop working in the year 2000?"
    - "No."
    - "Then what's this Y2K thing?"
    - "Some programs store only 2 digits of the year to save space. Those programs may interpret the year 2000 as the year 0. Since 0 will come after 99, some date-related calculations will be incorrect. Their may be hiccups in deliveries, payments, interest rates, bank accounts, and public utilities."
    - "But 0 doesn't come after 99. How come the programs can't just figure that out?"
    - "Computers can only perform calculations, and in general cannot adapt to special situations unless they have been programmed to do so. That's why there are so many people reprogramming the computers."
    - "It's Microsoft's fault, isn't it? Windows always crashes for me."
    - "No, Microsoft doesn't have much at all to do with it. Microsoft has dominated personal computers but not the older servers and mainframes, where the problem is."
    - "So who would make a computer that crashes just because the date changes?"
    - "Well, in general it's not the computer that's incorrect, it's the software. A lot of programmers didn't believe their programs would still be in use when we switched to the 21st century."
    - "Microsoft released a Y2K patch for Windows. If I don't get it, will my computer stop working?"
    - "No. Certain older components of Windows will display the year as 00 rather than 99. On the other hand, you do need to make sure you have the latest software updates if you run financial or other date-sensitive software."
    - "So does that mean my PC will stop working in the year 2000?"

    Arghhh...

  • That's what I was wondering about. The article mentions illegally using AOL to "post" the virus. If they are using "post" in the Usenet sense, then his culpability is much less than if he "post"ed it by mailing it to someone (the old-fashioned meaning of post). Of course, breaking into AOL (if that's what happened) is illegal in and of itself.

    Another question is: if this guy only mailed (assuming that it was initially an email and not a news posting) Melissa to one other person, and this other person's computer then started off the chain reaction of email, is the original author liable for all of the damage worldwide, or just the damage to the one machine he sent an email to? You could argue that after that original email, it is downstream recipients of those messages which are in turn attacking other machines. I'm not saying this is a good argument necessarily, but it is an argument.

    For example, say a dishonest building contractor uses cheap cement in a building. Then some kids come up and throw rocks at the side of the building. The rocks damage the facade of the building, but then (because the construction was so bad in the first place) the slight damage they've caused to the outside of the building cascades into a complete structural collapse. In this (admittedly far-fetched) case, are those kids responsible for destroying a building? Many people would also assign some blame to the poor construction of the building in the first place.

    Likewise, I think it would be fair to assign some blame to those who wrote and deployed such a rickety and insecure email system. There's professional negligence at the root of Melissa at least as much as there is evil intent on the part of the macro virus writer.

  • A friend of mine once observed that the purpose of locks is to keep honest people honest. Most car thieves can get into a locked car no problem - as another friend of mine learned a few months back with a brand new car.

    If I leave my house unlocked, and someone goes in and take things without my permission, they are still guilty of theft. The fact that it was easy doesn't make it right. From a practical point of view, I am being stupid, but from a legal point of view I am in the right.

    So I don't really buy all this. The insurance company should realize that car theft is still possible without the keys (and probably simpler as the break in equipment is standard but the keys are custom made).

    As for unlocked cars, a third friend of mine used to do this all the time and just left nothing valuable in the car. Worked great for him, although to be fair the car was an orange '73 volvo wagon!
  • I wonder too.

    But I also wonder why he'd have all the rest of the equipment just gathered at/on a table in his apartment. I realize that he wasn't necessarily expecting the police to come search his apartment, which would be a reason why he could leave it just sitting out in the open, but I'm thinking that if I had done what he did, I would certainly have destroyed all the evidence that I could possibly destroy. i.e., _all_ of the equipment, floppies (or at least reformatted them), the CD-Rs, etc. or, if not, I'd certainly re-employ them, so that they weren't lying around suspiciously, saying "look at me, i'm just sitting here with no cpu. wonder why?" then again, I could be way off here, but I'm thinking that if he wanted to ensure that he wouldn't get caught/be arrested, there were steps that he could have taken that he didn't. oh well, it's no worry on me..

  • Re:Was there really any _damage_? (Score:1)

    by Anonymous Coward
    The HR office would take the biggest hit.

    Imagine coming to the realization, after your network and mailservers exploded, that 50% of your workforce are complete idiots and would have to be replaced.

    That's a ton of firing and hiring. You'd have bring in extra hires just to handle all the firings.

    -kabloie
  • Unabomber

    If you're going to correct someone, do it right.
  • "Do you admit that you sold these products to businesses that were crucial to the infrastructure of America, and yet did nothing to enforce or even implement the basest security of Macros, Mr. Gates?"

    Oh, but our lawyers assured me that our EULA means that we can't be held responsible no matter what our software does.
  • yes we should let that kid go.. why should we waste tax money on an idiot that left the keys in his car with the motor running.. the government should have attacked mircro$ft for incompetent software, and left mr. smith alone.. after all his virus didn't cause that much damage.. maybe a few server went down, but that was the system adm. fault FOR BEING AN IDIOT!!
  • I can assure you that none of this was 'turned up' and it had to be a press release or a planned and structured 'leak' to the Park Press. This is a local paper and let me tell you definitively that they are the equivalent of a fourth grade class newspaper and do not know the meaning of investigative reporting. Hmm wait a minute...they just may be able to figure out the origin of tech-vests if pushed enough...the mall is rather close to them ;-).

    This paper incidentally has come out in favor of govt. regulation and censorship of internet content many times. They are a reprehensible source of 'news'.
  • Ask me if I'm a truck.

    (Hi, Dee :)
  • I wans't trying to absolve the cracker. He is responsible for his own actions and he ought to suffer the consequences. what he did was wrong. That is so obvious I didn't think I had to point it out.


    My point was simply that I think it's about time we ALSO started looking how software makers are being negligent. They do not respond to vulnerabilities in a timely fashion and there doesn't seem to be very much will to release a quality product. Software seems to be the only industry where this is not only tolerated but expected.

  • read the article.. he just removed the CPU's.

  • Let's do the math:
    • Low end: $20/hour * 2 sysadmins * 8 hours * 3 days = $960
      More realistic minimum: $100/hour * 2 sysadmins * 8 hours * 3 days = $4800
    The $100/hour includes benefits, employer's taxes, and other things which don't show in a wage. This assumes only 2 sysadmins (plural was used by original poster) and does not include other losses, such as recovery of damaged documents and employee time lost while machines being cleaned.

    Okay, so it did "cost" something to clean up Melissa. But in this case we have someone to blame. What about when the Exchange Server "just" fails and it takes 2 weeks to get it running again. Is that a felony? Car manufacturers are held liable when a defect, for instance, causing the gas tank to blow up. Not that I'm saying that car manufacturers *shouldn't* be held liable, but why not software manufacturers when their products fail for "reasonable" causes?

    I don't think Smith intended to shut down the whole world with his virus. In fact I don't think he intended to cause any damage at all. No payload, remember? He was like a driver on the freeway, who, of no fault of his own smashed into another car, where upon the "gas tank" blew up.

    Just as a car manufacturer is liable even though the buyer had a reasonable ability to not buy the car, even though they made their bed and slept in it, I think that software manufacturers should be held to the same standard. Software monopoly aside, I understand that Microsoft stated in the license agreement that the software shouldn't be used in "mission critical" environments and therefore shouldn't be held liable. However, Smith didn't guarantee that his program was free of "defects" either, and the user *did* have to accept his program, just as they had to accept Word 97.

    In this case, I think we should find Smith not-guilty for anything more then we'd find a virus writer guilty that didn't affect any PC's. However, I think that we should hold Microsoft liable in this case for producing a product that had a known possible defect. Office97 should be "recalled" and Microsoft should be found guilty to the fullest extent of the law.

    Just as it wasn't the buyer of the defect car, nor the driver of the other car, but the manufacturer that is liable for gross negligence, in the same way it should not be the buyer of the product, or the virus writer, but the manufacturer of the software that should be liable for gross negligence in developing the product

    -Brent
  • Maybe he wasn't destroying evidence, he just had some partially disassembled machines in his house, like most of us probably have.
    ---
  • I read the article, and it wasn't clear to me at all.

    ...central processing units from two computer systems had been removed.

    So the guy "removed" his CPU.. "removed" it from where? his desk? This implies to me (and obviously to the original poster) that just the CPU chip was removed. Otherwise, it's not a computer system, is it?

  • This reminds me of the Bernie S. case. [2600.com] This is a guy who removed batteries from an autodialer that wasn't evidence (and he wasn't told not to) and was thrown in jail. Law enforcement's view of computer/technological devices is frighteningly warped. What really worries me is that most computer law is getting written by people who don't begin to understand them.

  • I have a right to program any damn thing I like on my computer.. I don't have to right to release it into the wild.. that is what this moron did.
  • These implementors DO take responsibility for their security bungles "oops.. you found a bug eh.. ok.. we'll fix that" vs microsoft "There is no bug, there never was a bug and there never will be a bug.. what bug?" and since the first day they said it virus authors have been trying to convice people that they are lying. When win95 came out the marketing guys at microsoft quickly jumped on the bandwagon of "There's no viruses for win95.." which quickly became "win95 is virus proof" which is just a blatantly lie because the first win95 virus was written before win95 was even released (thanks to the win32 subsystem for win3.1). The problem is not that virus writers keep writing viruses.. it's that no matter what happens, people don't learn from their mistakes.. Microsoft _is_ to blame.. that's what virus writers are trying to say but no-one appears to be listening.. so many of the old skool virus writers have just given up because of that.
  • No-one cares.. no-one stands up and points the finger at Microsoft and says "how dare you endanger my system?" so the virus author tries to make you take notice.. "I'll write a virus, it will spread all over the world, get on the news and everyone will say 'how could microsoft let this happen?'" but that doesn't happen.. people take it as given that Microsoft originated bugs will always exist and they are not at all responsible.. the virus writer is evil.
  • In the UK it is illegal to write viruses.. that is the only country on earth where it is. Reason: I have the right to program anything I wish on my computer. Here in Australia it is illegal to deliberately infect a computer with malicious intent.. this does not include posting it onto usenet or giving it to someone to run.. you have to be caught actually putting the executable on the machine and running it (and perhaps drooling from the mouth and saying "oh.. I'm gunna get this guy").. in the US the laws are a little worse.. you have to answer charges if you distribute a virus in non-source (ie.. ready to roll) form even if you never intended for the code to ever be run.. The legitimate way to transfer viruses is in source form or, for analysis purposes, with a non-executable extension inside an archive with clear documentation.. most common way is the name of the virus with the last letter of the extension underscored: CIHv4.EX_ inside a zip with a README file explaining that this is an infected binary.

    Posting a virus to usenet as "hotfuck.exe" with a "run me, run me, run me" message is not only stupid, it is blatantly obvious.
  • Bring on the marshmallows while they burn this poor slob at the cross! Ya ain't seen nothin like this since Salem and, more recently, those non-stop laugh-riot KKK barbecues!

    You KNOW it can't be Microsoft's fault that their OS and mailers are completely insecure, since they are super successful and make lots of money.

    I love AMERICA! Isn't that the American dream? To make enough money that you are invincible?
  • Who cares if he declared the author or not.. we're not in the UK.. it is not illegal to write viruses.. it is illegal to be a moron and spread your virus (or anyone else's for that matter) and cause people grief.
  • Sure, its caused annoyance for quite a few people, but I have lots of software on my computer that annoys me.

    If Microsoft, or whoever, puts a feature? in their software that allows remote execution of arbitary code on that system, then, at the very least, they should publish a clear warning on the packaging of the product that states this. In this case, its not a bug thats being exploited, its a published and documented interface.

    I see absolutely nothing illegal about using these features, and, since the user of the software doesn't 'own' it anyway, they have only 'licensed' it from Microsoft, doesn't that mean the only one who should be able to 'sue for damages' is Microsoft?

    And, as one poster stated earlier, if you leave the keys in the ignition, how can you reasonably expect your car to stay in one place?

    My 2c

    -Pete

  • police told Smith his Miranda rights, but the defendant voluntarily waived his rights and chose to speak, Bubb asserted. At that time, "Smith admitted, among other things, to writing the 'Melissa' macro virus, illegally accessing American Online for the purpose of posting the virus onto cyberspace, and destroying the personal computers he used to post 'Melissa'

    They make it sound like the cops sat down and had tea while discussing this...

    I imagine his "voluntary waiving" of his rights went something like "OWWW!!! Why do you keep hitting me? OWW!!! That hurts! Quit it! OK, I'll confess if you stop hitting me! Just Please stop!"
  • Picky, picky. Email servers shut down, networks flooded, smells like "damaged a network" to everyone except netgeeks. Doing a full restore and clean wipe on all your email servers for a full day sure counts in most people's books as a "damaged network".

    My point being that the US did not get off scot free and the damage was WORSE than was admitted to in public. I'm basing this on a number of friends who admitted the same while the public perception was that they were ok.

    Redmond is just one of the cities across the water from Seattle. Kirkland and Issaquah are some of the others.

    Try reading the post I was replying to before posting as an AC next time.

  • Yeah, sure. Right after he admitted to throwing himself down the police station stairs, and beating himself up while alone in his cell.
    Consciousness is not what it thinks it is
    Thought exists only as an abstraction
  • who actually uses macro's anyways? Stupid feature.. it's a word processor people.
  • Yer.. it's a bit of a worry.. "Here's a feature that allows you to propogate a message around the world fueled only as fast as the stupidity of the user.. what's more, we guarentee that the user will be stupid.." Wow, cool, I'll use that "oh.. you're not allowed to use this feature.. go to jail".. but microsoft said I could.
  • I dont think the AC was trying to flame you, he/she was just saying that the kind of email flood and damage the virus could have done to systems could not take out "real" routers. Sure if you have a 486 with 8 megs ram and no swap on a fractional t1, I can see you having a little trouble, but with a cisco 6509 router it would take a heck of a lot more than a mellisa virus to pull those monsters down. I am a sys admin on a few linux machines and If they had a static line to the internet with dns and mail then I would have pulled my systems ofline to avoid the virus, its common administration. You dont try putting out the fire when it hits, you avoid the fire by being secure and safe. Just my $00.02
  • more like "What the hell do you people want?" "You're under arrest for writing a virus" "that's not illegal" "Hey guys.. he just confessed!" "what?" "Do you have anything to say for the six o'clock news?" "This is news?" "'I did it all, I confess' got it" "what? Why are you hand cuffing me" "we've gotta walk past a lot of keyboards on the way to the car son, don't want you writing any more viruses" "what?"


  • So he confessed...

    How many of you out there have a bit (maybe only just a little twinge) of doubt about that.

    It seems that in todays society, if a case has media attention then a conviction is mandatory, guilt is irrelevant.

    When the Oklahoma bombing occured I was convinced that whoever was charged would be convicted, regardless of their guilt or innocence.

    A trial should be a process where the truth is determined. When the pressures are so great that the prosecution will do _anything_ for a conviction the outcome becomes predetermined.

    As people realise that the trial shows nothing, people begin to think that those in jail are, in fact, innocent. When why else would the prosecuters have been so heavy handed, surely if he/she had have been guilty then they could have taken things easy and still gotten them.

    This gerates sympathy for the victims, guilty or innocent.

    And most of all. Is this justice?

    How far have they gone in this case? I don't know, Guessing from the information we receive is just a gauge showing which side has manipulated the media the best. It seems as though they have done enough in the past to make thir actions suspect in this case.

    How far can they go? Ask Kevin.
  • Thanks for saying "Thanks, Bill!", although in a few more words.
  • Macros can be extremely usefull when used in conjunction with something like F9.
  • I had that experience before. I was accepting stolen equipemnts from my friend, They got busted and cops show up at my house and took everything that i have + I gave them all kind of computer garbage that i want to throw away, Like broken cables, old stereos, radio that been tooken aprt, remote contoled car, 300 baud modem, Pieces of wires that i found, all AOL CD's, AOL floppies, some oudated PC magazines, basically they came and clean my room.

    Luckly the computer i use is been relocated to Family room and they didn't see it.
  • Heheh. You haven't tried VBA, have out? It sucks. It's horrendous. I don't even see how it can be related to Visual Basic.

    I've had more problems with VBA (trying to get databases to work, nonetheless), than I had with a VB program I wrote. I'm still maintaining the databases I wrote because of various VBA bugs (been over a year now), yet the program I wrote is more or less bugfree (it has installation issues, but if someone follows my instructions, it works).

    I've even had wizard-generated code for VBA fail! After a little while of using VBA, whatever clean code one writes becomes messy, spaghetti-like, kludges.

    And people wonder why m$ writes buggy software...

  • However, not meaning to offend any tech support folks, the computer is quite more complicated and those of us who "know what
    we're doing" with computers wish the idiots would leave us alone. Techies probably agree they'd rather that their job was obsolete
    than have to listen to the proverbial cup holder users.



    I do tech support and I've talked to Idiot day to day.

    I just have to say this " If you don't know don't use it ".


    before it was geek thing now its main stream.. well It did help me get a good job thought.
  • If I recall correctly, It was much lauded about the time that they caught him that Microsoft had released access to its much publicized database of "Registered Microsoft Users Product IDs" to track the embedded ID in the Melissa virus, which was ultimately how they located Mr. Smith.

    I would like to know how the Prosecution intends to get around this one...
  • They probably take the system as a whole, which is smart. No searching around for the obscure cable to hook up some device. Not everything is standardized and the smart move is to go overboard and just take a working setup rather than find out his SCSI devices were hooked up via those delicate 68 pin high density connectors.

    If a car is impounded just about everything inside of it is as well, they don't take the time to ensure that the dust buster isn't a container for a half pound of cocaine and hand it off to the perpetrator.
  • He's alleged to have destroyed the computers by removing the CPU. Right... Ok... It never occured to anyone that this would have no affect on data on the disks, and that you could either move the disks over or put a new CPU in. Ok... Nor does it seem to have occured to anyone that the guy might have been doing a bog-standard processor upgrade.

    Both sides accuse each other of manipulating the media, and the alleged confession seems to have been denied by the defence. Sounds to me like both sides are so obsessed with the glitz of being celebrities that they've long since left Earth and their egos are floating around the stratosphere of Jupiter.

    Maybe this new Interstellar protocol can be used by the judge to talk to these guys. I doubt anything else could.

  • When is this going to stop? (Score:5)

    by GeneralTao ( 21677 ) on Wednesday August 25, 1999 @07:11AM (#1725907) Homepage
    Here's what I don't understand. If your car stereo gets stolen, and there are no signs of forced entry, you can forget about the insurance company paying you one red cent for damages. This is because if you were dumb enough to leave your car unlocked, the insurance company sure as hell isn't gonna pay you money.

    If your whole car is stolen and you can't produce the keys, they aren't gonna buy you a new car. You shouldn't have left your keys in the ignition.


    The macro vulnerabilities have been around for EVER. Why, then, are companies allowed to continue whining when they are exploited? Why isn't there more pressure to plug this up? How many times can you listen to a guy moan about his car stereo before you yell "LOCK YER FRIGGIN DOORS, MORON!"

    Further consider.. what kind of crap would a car company get if they shipped a car with doors that just plain don't lock?

    I dunno. It just seems like software companies can get away with persistent bugs than never go away while the rest of the world is expected to provide a GOOD product.

  • Microsoft is not required to obey the same rules with regards to search warrants as the police are. As long as Microsoft wasn't acting under explicit instructions from the government, they're allowed to use their database in any way they see fit, and that includes finding people who distribuite viruses aimed at their products.

    Not that I like the idea of Microsoft keeping a database of my software....
  • IIRC they identified him by the Word ID number inside Melissa, which he had previously released document containing in a less-than-completely-anonymous way.
    %japh = (
    'name' => 'Niklas Nordebo', 'mail' => 'niklas@nordebo.com',
    'work' => 'www.pipe-dd.com', 'phone' => '+46-708-444705'
  • Ummm.. I think you need to read the article again. It seems pretty clear to me that by "CPU" they meant the CPU case. They stated specifically that all that was left were monitors, keyboards and cables.
  • Lame logic. Regardless if someone locks the doors on their car or not, if you take the stereo YOU ARE STILL A THIEF!!!
  • "Ironically," Bubb wrote in another portion of his brief, "the technology that allowed David L. Smith to spread so freely (the) 'Melissa' macro virus is the same technology used to identify David L. Smith.

    Technology = Security/privacy holes in Microsoft software.
  • True enough, but the person who didn't lock his car will be known as an idiot for quite awhile. I haven't seen any bad press about micros~1 and their software from this incident.
  • But Fsck jee Fsckin krist! What did it take for the guy to actually admit his crime?

    Like being interogated by the police or something like that? Of course I don't condone what the poor bastard did, but think about what the police had to do to make him talk!!!!

    Doesn't this remind you of WW2 or Vietnam? Sorry, I'm just as pissed as pissed-off.
    We french people don't like any of those fsckin pigs.

    Sous les pavés la plage...

    ---

  • ...because if he did in fact use these computers for illegal activities, the monitor cables would surely prove it!

    *sigh* sometimes our legal system makes me cringe.

    -James
  • At this moment, i am sitting in front of a linux ftp server at work that i set up for this very reason... to get some of the files being transfered out of the email attachments and onto an ftp server. among other things, this reduces a lot of the traffic to and from the mail server, and decreases the chances of somebody opening up one of these macro-virus-attachments.

    my co-workers can now upload their file to our server, and email just a URL to the recipient.

    -James
  • No.. End user license agreement always said they are not liable for any damages. so you can write a virus and put desclaimer on it.

    "Run it at your own risk, The authour of the software take no action."

  • They take everything for a reason... (Score:1)

    by Anonymous Coward
    The computer crime laws are very obscure. They don't know if they can even make the charges stick most of the time. So, they take all computer equipment, reference material (printouts, books, manuals), electronics (answering machines, alarm clocks) in the vicinity of the computer. This way, if they can't charge you, they can legally hold all of your equipment for 7 years (statute of limitations). In 7 years your equipment isn't worth crap, so you can consider it gone. This the fed way of putting a hacker out of business (at least for a little while).
  • 100000000000000 of peoples will run it. i'm sure of.
  • He lives two blocks from me too :) I'm in Holmdel (well, I was up until a few days ago when I left for Cornell)..

    • And if the person trying to steal your unlocked car is caught, they're arrested for stealing. It's the same thing.


    Okay. But when you steal a car, you have control over which and how many cars you steal. A computer virus' spread is dependent upon the luck/vulnerability/stupidity of the people who, by chance, end up interacting with it. At some point, people need to take responsibility for damage caused by their own actions. Who's actions caused the damage?

    If a kid decides to be mischievous and throws a nail into the road, s/he should be responsible for the damage s/he cause to the car that runs over it. If the owner of that car takes the nail out and throws it back onto the road, who's responsible then?

    I'm not a fan of this guy, and maybe he should get punished; but too many people are living by the motto "it's not my fault..."



  • Oh, I don't know. I personally know of a big bank, which has a *huge* internal network, which was hit this week by Melissa. The network is powerful enough to fully reload the OS of every single machine nightly, to insure they have a single OS standard throughout. No, I can't provide the name of the bank because they too want to keep it private. Yes, the network has been completely smashed by this, because the first 50 entrys on the global address book happen to be their biggest mailing lists, which has caused a tiny little bit of trouble for them. :)
  • If I leave my house unlocked, and someone goes in and take things without my permission, they are still guilty of theft. The fact that it was easy doesn't make it right. From a practical point of view, I am being stupid, but from a legal point of view I am in the right.

    The point is: Should you take responsibility for your own security, or just assume the police/insurance company etc. will do it for everybody?

    Does the police have unlimited resources and catch all thieves, returning all stolen goods to their rightful owners? Only in Utopia.

    Do the insurance companies have unlimited amounts of money to shell out to people who practically invite criminals to their stuff? Only in Utopia. In fact, most insurance companies have clauses for how you should protect the insured stuff.

    Yes, it's theft whether it was easy or not. But people who think everyone else are nice still lose their stuff. There are a fraction of "borderline" criminals who will steal it if it's easy and not if it's hard (locked in). Why would you reduce your security by the "amount" they represent?

  • Should we let a car thief kiddie go because a driver made the decision to leave his keys in the car and the motor running?

    No. Should the driver be held partially responsible for "helping" the car thief steal his car? Yes, as most insurance companies will tell you.

  • Worthless though they are, a better analogy might be: suppose a person throws a nail in the road. Later a car fails to see it and avoid it, and their tire blows out causing the car to hit other cars, resulting in a major fender bender.

    Who's responsible for the damages to the cars? If it were up to me (IANAL), I'd say that most of the liability is on the person who maliciously threw a nail into the road. The driver really can't be blamed too much for missing something that small. There may also be liability for the Mycrostuft Tire Company if their products are provably shoddy.

    I doubt the Melissa perpetrator really thought they'd cause as much damage as they did, no more than a kid might when throwing a nail into the street. Fact is, damage occurred and I'd expect a kid to be disciplined for such an irresponsible act.

    Jim
  • "He was like a driver on the freeway, who, of no fault of his own smashed into another car, where upon the "gas tank" blew up."

    Not exactly. More in the nature of a driver who attempts to do something funny like flash his taillights and causes an accident.

    Obviously he knew it would spread -- why else 50 copies? Having a list of porn sites sent out under their name was a little embarrassing for some companies I imagine, not to mention calling those sites up to tell them you've given them a worm! So I wouldn't call it no payload -- just a non-destructive payload.

    I agree he may have not realized it would cause the massive shutdowns that occurred. I also agree Microsoft bears some responsibility here.

    Jim
  • Yes, true, but you still take precautions with your car don't you? Or, do you leave the doors open for anybody to get in? Of course, they won't take anything, because then they would be a thief.

    This is lame logic.

  • FBI Finds Key Evidence (Score:1)

    by Anonymous Coward

    The FBI made a major breakthrough in the Melissa case today when they discovered hidden evidence that the perpetrator stored in the serial cable.

    "Apparently a few remaining bits were left behind the last time he used the serial cable," said chief investigator R.S. Tothirty II. "We believe he didn't realize the traces of data, or otherwise he would have destroyed the cables as efficiently as he did the CPUs."

    Sources close to the investigation say there is some dispute as to what the bits mean. It is difficult to determine what parity he was using during the transfer. The investigators hope that dissection of the parallel cable will reveal a clue.

  • On a related note: (Score:3)

    by bgdarnel ( 2144 ) on Wednesday August 25, 1999 @08:00AM (#1725937) Homepage
    Mozillazine (www.mozillazine.org) has this article today:

    Yet another hole has been found in Internet Explorer's ActiveX
    implementation. This one allows arbitrary code to be written to the user's
    hard-drive. The bug was found by Georgi Guninski, who has found many
    security bugs in IE and Communicator. To read more about it, click here to
    visit Georgi's page. If you click "Test it" beside the name of this bug
    ("Executing programs with IE 5.0") while using IE, the page you visit will
    write a small bit of sample code to your StartUp menu. You've been warned.
    Georgi calls this bug "the most significant of my discoveries and the most
    dangerous also".
  • Blaming IS managers is not entirely fair. Many do still have to answer to someone higher up, and if the CEO of a company wants all his sales weasels on Win9x... *shrug*

    Blaming the sales weasels who open Word files with macros, now that is more reasonable.



  • I say 'Let the car companies sell doors that don't lock' - no one's forcing anyone to buy the car. Now, granted, a lot of companies out there have already set their standards to this particular model of car, but now that they know the doors don't lock, they are free to buy new cars who's doors do lock.


    Um, fsck the car metaphor - I resent the fact that in today's society everything is the fault of someone else. Can't we just take a little responsibility for ourselves? It's not M$'s fault. Period. If someone open's up an email attachment that they can't *guarantee* is safe, then tough luck, but they should've been more careful. So the end-user is a moron in that case, why should anyone else be liable? The only other person who's accountable should be the bastard who wrote the virus in the first place.


    I guess my beef with this whole thing is that MS get's unfairly pounded because their software was exploited. BFD, they DID acknowledge that Macros could be dangerous and all the new versions/patches to Office make that very clear to new users. Their software is a tool, just like anything else - no more, no less.


  • This is why, if you're writing Word macro viruses, you should use someone else's copy of Word. Preferably, someone who isn't remotely related to you (e.g., some ID code from a stranger off the net).

    Hell, I use someone else's copy of Win98 just to play games. If I were writing viruses, I would be damn sure that nothing is tracable back to me.

  • Re:Monitors and cables!? (Score:1)

    by Anonymous Coward
    I wonder if they took his extension cord as "evidence" also... The floppies and writable CD's I can understand their taking in order to determine whether they contain evidence, but *cables*??

    That's standard procedure. The raids are usually conducted by people with little computer knowledge, they take everything that might be related. Answering machines, printers, monitors, cables (even ones that aren't hooked up). They use the seized equipment not just as evidence, but as leverage against the suspect ("we have your stuff, cooperate and you can have it back"). I'm sure the more they take,the more they can demoralize somebody.

  • Microsoft's software definately has a large number of gaping security holes. Most professionals in the corporate sector are aware of this, yet they still use MS products. Maybe they like the features and feel the risk is acceptable (until they get burned). Maybe it's just herd mentality, other people are using it, the security must be good enough. Whatever the reason, people use it.

    That however give some malicious jerk the right to write a virus and crash a bunch of servers. The melisa virus cost the corporate sector a small fortune in lost productivity. I hope they fine him for all he's worth and throw his but in jail for a good long time. The confiscation of his computer hardware should be the least of his problems.

  • No. Should the driver be held partially responsible for "helping" the car thief steal his car? Yes, as most insurance companies will tell you.

    I have no problem with people being held responsible for their actions. That's why I don't think David L. Smith deserves to walk simply because his virus was made possible by poor programming decisions on Microsoft's part. The world's full of security exploits. The idea that people should be able to take advantage of them simply because "they should have known better" is juvenile, script-kiddie thinking, and I pity anyone who buys that argument and acts on it.

  • No damage done (Score:3)

    by Anonymous Coward on Wednesday August 25, 1999 @08:32AM (#1725955)
    I have yet to hear of one sys admin having a system actually go down because of this virus. Every system that I have heard go down was due to the sys admin hearing about this virus and then pulling the plug. Does preventative maintenance count as damage? I admit if Symantec and others didn't have an update 3 days after the release of this virus it may have caused some damage. But really this virus sent a little word doc around the world a few million times. There are more problematic e-mails than this: SPAM, Dancing babies etc. Also, has anyone ever read the source for this virus? Its crap, and obviously written either by more than one person or copied right out of a book and then edited a little. Someone with NO VB skills could easily create this hack with a few Microsoft Library MAPI articles. Give this guy a break. He had no idea what he was doing/creating. Someone left a gun unlocked for a child to play with. Do persecute the child. Two cents
  • I think that it shouldn't be illegal. No I'm not condoning cracking or virii or anything that is "damaging"

    I'm just saying that the modern day script kiddie (even though he's like 30...) is in a symbiotic relationship with computer users (and that term is loosely used here).

    We on the other hand (to clarify "computer users") are above the standard issue computer user. So I say let the script kiddies live in peace. Of course, the arguments will be made, but like yesterday's link to the computer humor page showed, owning a computer involves responsibility.

    I really wish that people would take the responsibility of learning about their new machine, but considering the total number of VCRs flashing 12:00, i'm asking too much? No, because some people just don't need to "program their VCRs" to tape what they want to watch.

    However, not meaning to offend any tech support folks, the computer is quite more complicated and those of us who "know what we're doing" with computers wish the idiots would leave us alone. Techies probably agree they'd rather that their job was obsolete than have to listen to the proverbial cup holder users.

    Finally, if the supposed method of trashing his computer is true (by removing the processor), then I really, I mean REALLY question this guy's knowledge of computers.

  • Was there really any _damage_? (Score:3)

    by Skinka ( 15767 ) on Wednesday August 25, 1999 @08:43AM (#1725958)
    - "So Mr. xxxx of management, how much damage did Melissa inflict?"
    - "We estimate that Melissa cost us about 100 000 000 USD"
    - "A hundred million? How?"
    - "Um..well, we recieved a lot of bogus e-mail."
    - "$100 000 000 for that?"
    - "erm..uh.. Oh yeah, our mail server crashed twice so we had to reboot it a couple of times. That's pretty expensive, you know."

Slashdot Top Deals

"If value corrupts then absolute value corrupts absolutely."

Close