Kermie wrote:
>http://news.bbc.co.uk/2/hi/business/3457823.stm>> direct quote
>> "There seems little doubt that SCO was targeted - illegally and
> unacceptably, lest anyone be in any doubt - because it has enraged
> many people devoted to the Linux operating system."
>> Is this fair comment?
>> Why could they have been targetted?
>> a) - disgruntled employee b) - the law suits c) - random domain name
> d) - the colour of the sunset on a friday in november e) - the smell
> of napalm in the morning.
>> Of all the various reasons behind it, what is the most likely answer.
>>> and since i am not a lawyer lets attempt logic ;-)
>> If one says that <insert random race here> are responsible for
> certain attacks - thats racism right?
>> If one says that <insert random gender here> are responsible for
> certain attacks - thats sexist right?
>> If one says that <insert random philosophy here> are responsible for
> certain attacks - thats obviously alright.
>> Its quite possible that in some countries, and under some conditions,
> "fair comment" can be mistaken for incitement.
>> Ribbit.
>
I read that article this morning - where to begin?
I reckon the DDoS component of the virus was inserted to take attention
away from the backdoor/trojan component. It looks to be a professional
job (professional as in for money - nothing to do with ability or
integrity) and in what appears to be a qualm of conscience the author
inserted a message into the code reading "I'm just doing my job, nothing
personal, sorry." (see
http://www.informationweek.com/story/showArticle.jhtml?articleID=17601394 )
This article mentions the virus being signed "Andy" but it seems more
likely this Andy is the intended recipient of the message - much
speculation abounds.
Assuming this is the case it is easy to speculate who commissioned the
code. An immediate suspect is SCO given their history of gaining press
columns by claiming malicious attacks against them but looking at the
backdoor component I would be more inclined to point at spammers - as I
said the DDoS aspect looks like a decoy, it being the aspect of the
infection more likely to gain press inches.
I have also seen many people point the finger at the Russian mafia.
While some exploits have come from that end of organised crime (online
protection rackets targeted at financial institusions) my guess is that
the origin would be stateside given the research showing the pure volume
of spam that originates there and that a common purpose of many of
todays viruses/trojans is to create mail relays.
Than again, I am probably mistaken - I have a history of that sort of
thing :)
</slightly drunken response>
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
