Full Disclosure mailing list archives
RE: Sasser author
From: Tobias Weisserth <tobias () weisserth de>
Date: Fri, 14 May 2004 16:46:41 +0200
Hi Nils, On Fri, 2004-05-14 at 15:54, Nils Ketelsen wrote:
As soon as your virus changes the content of any part of the system's memory, be it the RAM or any other medium you have already manipulated data and are guilty of the corresponding crime. It's as easy as that. InNo it is not as easy as that. When I look at some random webpage, the webserver has to load data into his ram and will then deliver it to me. Thus I changed data in RAM. If this ever becomes a crime internet will become quite boring.
The webserver is offering a public service. A victim's PC is not offering a public server that any virus may use... The fact that I actually have to explain this difference is quite amusing in itself. Are you that stupid or is it just you being a troll?
With this email distributed to a lot of mailboxes, I changed data on many mailservers, that have to store it. Sending email is not illegal according to german law, though.
Same as the webserver. Mail servers offer a public service and are actually welcoming connections. You have the permission to use the service. It becomes illegal data manipulation as soon as you don't have a permission to use a service or exploit a bug where there is no service at all. In the case of Sasser, it's even more obvious. Sasser doesn't make fraudulent use of a service, it exploits a bug and installs itself, running an own service (FTP). Anybody claiming this is not illegal data manipulation is simply a troll, blackhat or idiot. Or possibly all three of those.
This is idiotic.Yes. Because there is no simple logic behind this, we have judges. They have to aplly common sense to the law. And common sense always is a point for discussion.
I guess the judges won't disappoint you. They'll judge him allright. He can be lucky he doesn't get grown-ups law but is treated under law for minors. 3 years behind bar are possible though and I really hope it is going to be 3 years and lots of rear-end penetrations for this guy.
The real world is not digital. It is not as easy as "if (MEMORY_modified) {jail($years)};"
Let's just hope they'll use an eternal loop to calculate his penalty :-) At least the damages he'll have to repay will probably be calculated this way...
Intentions play a role here.
Well, the prosecution won't have to prove what his intention was when they have evicence he wrote it and spread it. Apart from that, he has already confessed. And then it's up to him to prove he had "good" intentions, not the prosecution.
So does the ability to judge your own actions.
Well, I'm really interested to learn why someone should write a virus and spread it. There's really not a single answer that could explain why it makes sense to write a virus and actually spread it.
And (last but not least) how easy it was made for you to commit a crome is often affecting the time you have to spend in jail or the amount of cash your crome costs you.
The judge will also hold into account how great the damages were he caused. THAT will be an essential part of the consideration regarding his punishment. Tobias _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Sasser author Earl Keyser (May 13)
- Re: Sasser author Andrew Morris (May 13)
- Re: Sasser author van Helsing (May 13)
- Re: Sasser author Tobias Weisserth (May 13)
- RE: Sasser author Nils Ketelsen (May 14)
- RE: Sasser author Tobias Weisserth (May 14)
- Re: Sasser author Paolo Mattiangeli (May 14)
- Re: Sasser author van Helsing (May 13)
- Re: Sasser author Andrew Morris (May 13)
- RE: Sasser author Larry Seltzer (May 13)
- Re: Sasser author morning_wood (May 13)
- Re: Sasser author Rodrigo Barbosa (May 13)
- Re: Sasser author Oliver Kellermann (May 13)
- Re: Sasser author Anders B Jansson (May 14)
- Re: Sasser author list (May 14)