RE: Sasser author

[Tobias Weisserth <tobias () weisserth de>]

Hi Nils,

On Fri, 2004-05-14 at 15:54, Nils Ketelsen wrote:
> > As soon as your virus changes the content of any part of the system's
> > memory, be it the RAM or any other medium you have already manipulated
> > data and are guilty of the corresponding crime. It's as easy
> > as that. In
>
> No it is not as easy as that. When I look at some random webpage, the
> webserver has to load data into his ram and will then deliver it to me. Thus
> I changed data in RAM. If this ever becomes a crime internet will become
> quite boring.

The webserver is offering a public service. A victim's PC is not
offering a public server that any virus may use...

The fact that I actually have to explain this difference is quite
amusing in itself.

Are you that stupid or is it just you being a troll?

> With this email distributed to a lot of mailboxes, I changed data on many
> mailservers, that have to store it. Sending email is not illegal according
> to german law, though.

Same as the webserver. Mail servers offer a public service and are
actually welcoming connections. You have the permission to use the
service. It becomes illegal data manipulation as soon as you don't have
a permission to use a service or exploit a bug where there is no service
at all.

In the case of Sasser, it's even more obvious. Sasser doesn't make
fraudulent use of a service, it exploits a bug and installs itself,
running an own service (FTP).

Anybody claiming this is not illegal data manipulation is simply a
troll, blackhat or idiot. Or possibly all three of those.

> > This is idiotic.
>
> Yes.
>
> Because there is no simple logic behind this, we have judges. They have to
> aplly common sense to the law. And common sense always is a point for
> discussion.

I guess the judges won't disappoint you. They'll judge him allright. He
can be lucky he doesn't get grown-ups law but is treated under law for
minors. 3 years behind bar are possible though and I really hope it is
going to be 3 years and lots of rear-end penetrations for this guy.

> The real world is not digital. It is not as easy as "if (MEMORY_modified)
> {jail($years)};"

Let's just hope they'll use an eternal loop to calculate his penalty :-)
At least the damages he'll have to repay will probably be calculated
this way...

> Intentions play a role here.

Well, the prosecution won't have to prove what his intention was when
they have evicence he wrote it and spread it. Apart from that, he has
already confessed. And then it's up to him to prove he had "good"
intentions, not the prosecution.

>  So does the ability to judge your own actions.

Well, I'm really interested to learn why someone should write a virus
and spread it. There's really not a single answer that could explain why
it makes sense to write a virus and actually spread it.

> And (last but not least) how easy it was made for you to commit a crome is
> often affecting the time you have to spend in jail or the amount of cash
> your crome costs you.

The judge will also hold into account how great the damages were he
caused. THAT will be an essential part of the consideration regarding
his punishment.


Tobias

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html