What if something like the Morris Worm never happened?
stories.shrikrishnaholla.inHas a ransomware or botnet perpetrator been convicted of a crime in any country?
Morris was convicted under CFAA, it's surprising to me that it isn't a "regular" thing to hear about another hacker getting convicted on a daily basis. What are the reasons this doesn't happen? I understand they can hide their identity, etc., but are there even active investigations? Is there a single biggest reason why, like not being able to prove which person caused something to happen?
I don't really like real world analogies for computer systems, but if there was a big line of people in masks knocking at my door and trying 100s of different keys in the lock, 24/7, I'd probably seek some legal remedy rather than just getting more locks.
It's really hard to track down the perpetrator unless they make a mistake. Even if you tracked the perpetrator down, there is a very good chance they are in Eastern Europe or some other country/region that will not prosecute or extradite them.
So basically it's almost certainly a waste of time for law enforcement and they mostly don't bother. If they did, we would see command/control moved inside Tor and it would become even more difficult to track (AFAIK this already happens in the more sophisticated botnets).
The appropriate analogy is probably something like fake check scams. Illegal, but difficult to trace and likely to lead to a dead end.
> The appropriate analogy is probably something like fake check scams. Illegal, but difficult to trace and likely to lead to a dead end.
Oops, I actually jumped topics for the final paragraph and was making an analogy about scanners trying random passwords on a known port, or similar.
Well - and this goes for ransomware too - if you are smart then you aren't doing the portscanning or mailing from your personal PC. It's coming from compromised PCs or IoT devices in a botnet. So tracking down the perpetrator still involves finding the well-concealed owner of a botnet.
As a mitigation strategy you can certainly perform filtering and rate-limiting at a firewall, or even blacklisting certain IPs. I'm pretty sure there are already collectively-maintained blacklists of badly-behaved machines/devices. But you're really just taking some compromised PCs off the net, not going after the perpetrator.
Some do, see http://arstechnica.com/uncategorized/2006/08/7601/ , but it's hard for US authorities to find and prosecute someone in a place like Chine.
HAHA
When he took off the headset, there was a single tear in his eye, and he was smiling... “We’d like to fund you”
fun read.
But...I'm sure there would have been another worm or virus (and many others - like there had been) that would have caused the same vigilant info security that we have today.
The way I read it, the point was that "another first virus" wasn't likely to be designed as a benign proof of concept by a tinkerer who meant no harm. The author's view is that the Morris Worm was a happy accident in that it grabbed all the attention owed to the first virus to affect networks on a global scale but it did so without causing any real and lasting harm.
It's a fictional short story, so I am guilty of taking liberties in imagination :) On the other hand, we did luck out that, when our systems were extremely vulnerable, the first attack to demonstrate those glaring issues was not intentionally malicious
Given the frequency with which the same mistakes keep on being made (SQL injection, IoT DDOS...) I don't think we did learn much, and the big headlines are still on the cards. Nice short story, though.
Sorry I know this is a story but this is dumb. Morris wasn't the only person thinking about security, and sure it happened but it was bound to happen as some point. And I'm sure he doesn't feel any shame whatsoever from it.
During that time, viruses were being transmitted without Internet through sharing floppies, and they were widespread.
He should suspect it before actually running the simulation.