Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

[P]
Another DDoS Attack on the Way?

By skim123 in News
Fri Jun 09, 2000 at 10:35:04 AM EST
Tags: Internet (all tags)
Internet

According to this ABCNews.com article, a computer security firm has determined that over 2,000 home user computers have been hit by a "malicious program disguised as a movie clip" that sends passwords and other sensitive information so that the computer can be broken into at a later date. Could another DDoS attack be in the making?


Perhaps, though, these computers will be used for good, having their computational power parallelized to complete some difficult task (like distributed.net). While the ILOVEYOU worm of a couple of months ago was destructive, why couldn't it have been altered to attempt to perform some good?

For example, rather than deleting files, such a worm could randomly select a small partition from a fantastically large input set from a problem (some brute-force problem) and try that small set of inputs on the person's computer before reproducing itself and sending itself off to people in the user's Address book.

This topic interests me and I wrote a small email worm like ILOVEYOU that attempts to solve an N-Queens problem with a gigantic board (50x50). Perhaps this methodology could be used to solve genetic algorithms?

Sponsors

Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure

Login

Related Links
o this ABCNews.com article
o distribute d.net
o Also by skim123


Display: Sort:
Another DDoS Attack on the Way? | 32 comments (32 topical, editorial, 0 hidden)
"malicious program disguised as a m... (5.00 / 1) (#1)
by Inoshiro on Fri Jun 09, 2000 at 02:24:10 AM EST

Inoshiro voted 1 on this story.

"malicious program disguised as a movie clip" -- then they should be sueing Microsoft for poor design. This "movie clip" is likely "Hot_Chicks_Naked.mov.vbs" or similar. Because of the choice that MS Windows should determine MIME types via a three letter extension, people have to see the extension to know what the file is. MS hides this extension on some files -- including ones with executable content. Security hole? Yes. And since not all apps show the correct icon based on the MIME type, clueless lusers are more likely to be darwinized for their actions. It's a mixed bag.

"having their computational power parallelized to complete some difficult task (like distributed.net)." You are aware that such actions (using a computer to crack without explicit consent) is grounds for having your blocks yanked (all of them)? Just because you can take things from stupid people and use them for good doesn't mean you should.



--
[ イノシロ ]
Re: (none / 0) (#27)
by skim123 on Fri Jun 09, 2000 at 12:46:14 PM EST

Just because you can take things from stupid people and use them for good doesn't mean you should

Ah, but that's what makes us human.

Money is in some respects like fire; it is a very excellent servant but a terrible master.
PT Barnum


[ Parent ]
Re: (none / 0) (#29)
by Anonymous Hero on Fri Jun 09, 2000 at 03:19:13 PM EST

You are aware that such actions (using a computer to crack without explicit consent) is grounds for having your blocks yanked (all of them)? Just because you can take things from stupid people and use them for good doesn't mean you should.

They said *like* distributed.net. Someone could set up computers to crack encryption keys on DVD's, software licenses, or anything else they need a lot of computer power for (I know DVD cracking doesn't need a lot of power, it's just an example). Or maybe the crackers will set up a distributed warez network using these computers, especially if they're on high-speed connections. With thousands of computers (each acting as mirrors), it would be extremely hard to shut down.

[ Parent ]

The ends don't justify the means. ... (none / 0) (#10)
by PresJPolk on Fri Jun 09, 2000 at 03:02:50 AM EST

PresJPolk voted 1 on this story.

The ends don't justify the means.

While I don't think that writing a virus should be criminal, I do think that deliberately infecting people with a virus, with the intent to destroy people's data, or to steal people's resources, should be criminal.



IT sounds to me like this is just s... (none / 0) (#15)
by squigly on Fri Jun 09, 2000 at 03:23:00 AM EST

squigly voted -1 on this story.

IT sounds to me like this is just someone playing with his new toy. Script kiddies tend lack the imagination to actually do anything once they're in.

--
People who sig other people have nothing intelligent to say for themselves - anonimouse

Using viruses for good has been thr... (none / 0) (#13)
by haakon on Fri Jun 09, 2000 at 03:37:30 AM EST

haakon voted -1 on this story.

Using viruses for good has been thrased out many a time on Virus mailing lists. The general consenses is that it ain't a good idea. Just look how dammage the Morris worm did because of a programing error (IIRC certain worm processes would become imortal and choke up your process table)

Everyone and his mothr is posting t... (none / 0) (#14)
by martin on Fri Jun 09, 2000 at 03:43:54 AM EST

martin voted -1 on this story.

Everyone and his mothr is posting this - yawn

>>This topic interests me and I wro... (none / 0) (#18)
by Jake96 on Fri Jun 09, 2000 at 03:57:49 AM EST

Jake96 voted 1 on this story.

>>This topic interests me and I wrote a small email worm like ILOVEYOU that attempts to solve an N-Queens problem with a gigantic board (50x50). While I think distributed computing is a Good Thing, I must say that I think it's wrong to co-opt unwilling or unknowing users' computers for any purpose, even an ultimately beneficial one. An analogy I can think of would be writing a law (instead of a worm) that co-opts a room of your house (instead of a bit of your computing power) to house soldiers (instead of data to be analyzed) for the ultimate benefit of low-cost housing for our military that would free up funds for other uses (instead of a solution to an N-Queens problem with a gigantic board). In other words, the end doesn't justify the means. That said, I would encourage all those with unused processor cycles to donate some time to a distributed computing project, or even make money at it (very slowly).

it sounds like just another executa... (none / 0) (#8)
by 31: on Fri Jun 09, 2000 at 04:49:05 AM EST

31: voted 0 on this story.

it sounds like just another executable that'll bite people without virus scanners. myabe I've spent too much time at that other site, but I can imagine this turning into "it's just a bunch of lusers who got what they deserved" but just in case, I'm not quite willing to go to -1.

-Patrick

This topic interests me and I wrot... (none / 0) (#9)
by farlukar on Fri Jun 09, 2000 at 05:27:20 AM EST

farlukar voted 1 on this story.

This topic interests me and I wrote a small email worm like ILOVEYOU that attempts to solve an N-Queens problem with a gigantic board (50x50). Perhaps this methodology could be used to solve genetic algorithms?
Interesting, but - using a worm for it isn't very nice is it? If you like that stuff you can join something like seti@home (or start your own n-queens@home project).
I would be pissed off if somebody just stole my CPU idle time.
______________________
$ make install not war

New and ideas. Fantastic.... (none / 0) (#7)
by Gentry on Fri Jun 09, 2000 at 06:13:49 AM EST

Gentry voted 1 on this story.

New and ideas. Fantastic.

Uh, N Queens gets easier the bigger... (none / 0) (#3)
by alisdair on Fri Jun 09, 2000 at 06:23:44 AM EST

alisdair voted 0 on this story.

Uh, N Queens gets easier the bigger the board, so what's the point in that? Anyway, non-malicious trojans are still trojans, and not acceptable.

Re: Uh, N Queens gets easier the bigger... (none / 0) (#26)
by skim123 on Fri Jun 09, 2000 at 12:42:56 PM EST

Uh, N Queens gets easier the bigger the board

No, I don't think so. How in the hell could it be? How could placing 100 queens be easier than placing 5 queens? I can do a 1x1 board in my head very easily, but try to do a 10x10 board. Also, with a brute force search the bigger N, the slower it is.

Money is in some respects like fire; it is a very excellent servant but a terrible master.
PT Barnum


[ Parent ]
Re: Uh, N Queens gets easier the bigger... (none / 0) (#30)
by Anonymous Hero on Fri Jun 09, 2000 at 06:55:07 PM EST

Umm.. I think you're confusing the number of queens with the board size (N is the number of queens obviously). The problem gets harder as you increase the number of queens, but easier as you increase the board size. If you had to place 3 queens in a 4x4 board is easy in itself, but 3 queens on a 50x50 board is trivial. Of course this also has somewhat to do with how you're doing it (brute force, random trial-error, etc.)

[ Parent ]

Re: Uh, N Queens gets easier the bigger... (none / 0) (#31)
by skim123 on Fri Jun 09, 2000 at 08:49:05 PM EST

I don't think you understand the N-queens problem. In it you try to fit N queens on an NxN board, with no queens threatening one another.

Do a search on Google and you will find plenty of sites, explanations, and demos of the problem.

Money is in some respects like fire; it is a very excellent servant but a terrible master.
PT Barnum


[ Parent ]
Uhm. Spreading a virus to solve sc... (none / 0) (#16)
by Setar on Fri Jun 09, 2000 at 06:28:51 AM EST

Setar voted 1 on this story.

Uhm. Spreading a virus to solve scientific problems doesn't sound like a particularly bright idea to me. Got to admit I'd like to see a publication using data acquired in such a way, though ,-)

is this strictly a ddos attack? I t... (none / 0) (#21)
by new500 on Fri Jun 09, 2000 at 06:55:02 AM EST

new500 voted 0 on this story.

is this strictly a ddos attack? I think its a trojan. maybe witha different title.
== Idle Random Thoughts. Usual disclaimers apply. ==

Morally ambiguous doesn't begin to ... (none / 0) (#19)
by kieran on Fri Jun 09, 2000 at 07:35:08 AM EST

kieran voted 1 on this story.

Morally ambiguous doesn't begin to describe this. But can the end justify the means? Perhaps more importantly, does this password-grabbing worm herald a new wave of automated cracking? Could the contents of your machine one day end up indexed by a cracker's search engine to aid him in finding juicy titbits among all the detritus of hacked desktops?

You answered you own question. That... (3.00 / 1) (#2)
by Pelorat on Fri Jun 09, 2000 at 07:57:46 AM EST

Pelorat voted 1 on this story.

You answered you own question. That's what distributed.net and its ilk are already doing, and they don't rely on deception to get their problems solved. They don't *force* people to do their work for them. Your reformed virus would do just that. It's a bad idea.

Rounding up from 0.5 `coz I'm in a ... (none / 0) (#4)
by marlowe on Fri Jun 09, 2000 at 08:05:15 AM EST

marlowe voted 1 on this story.

Rounding up from 0.5 `coz I'm in a mean-spirited mood and want an opportunity to laugh at how stupid those wanker porn addicts are. I'm gonna be ashamed of my pettiness later.

The idea of using a virus as a distributed processing platform is fun, but is it legal? Remember, "used for good" is not a distinction that everybody in this world and his lawyer really cares about. They don't give a damn about SETI. They want to see girls in high heels crushing gerbils, and now, dammit!
-- The Americans are the Jews of the 21st century. Only we won't go as quietly to the gas chambers. --

Yeah, it will be used to solved the... (none / 0) (#6)
by nictamer on Fri Jun 09, 2000 at 08:35:01 AM EST

nictamer voted 1 on this story.

Yeah, it will be used to solved the hunger problem for good. Yeah, right.
--
Religion is for sheep.

When looking at viruses and trojans... (none / 0) (#12)
by unayok on Fri Jun 09, 2000 at 09:11:31 AM EST

Athos voted 1 on this story.

When looking at viruses and trojans that 'do good', remember that it's still a non-consensual use of a victim's computer. Distributed.net rules don't allow that (for one). I'm not convinced that the ends justifies the means in such cases.

Re: When looking at viruses and trojans... (none / 0) (#25)
by skim123 on Fri Jun 09, 2000 at 12:27:19 PM EST

But think of all those people who just use their computer once every other day for nothing other than checking email! Those poor, wasted cycles... how sad.

Money is in some respects like fire; it is a very excellent servant but a terrible master.
PT Barnum


[ Parent ]
I think this would be a really neat... (none / 0) (#11)
by tzanger on Fri Jun 09, 2000 at 09:16:17 AM EST

tzanger voted 1 on this story.

I think this would be a really neat idea...

Imagine.. a internet worm that the better it spreads, the higher your score on d.net! :-)



It would still be using MY cycles..... (none / 0) (#5)
by hooty on Fri Jun 09, 2000 at 09:36:24 AM EST

hooty voted 1 on this story.

It would still be using MY cycles....

The idea that something like this (... (2.00 / 1) (#17)
by jmweeks on Fri Jun 09, 2000 at 10:17:43 AM EST

jmweeks voted 1 on this story.

The idea that something like this (that is, a virus that does more than just damage--but rather utilizes the resources that it gains) has intrigued me for quite a while. It sort of stands to reason that someone, sometime, will actually do something interesting or innovative (although likely malicious) with the wide-open holes in, for example, Outlook. Well... maybe... or maybe the only virus writers these days are just of the script-kiddie ilk. In any case, while I expect something interesting, I don't expect anything beneficial (or, that is, beneficial to the community--perhaps beneficial to the virus writer). I think the idea of a viral (read: non-voluntary) distributed problem-solving virus is absurd. Seizure of resources is by nature malicious, and does not lend itself to altruistic goals. The idea of a good virus is both naive and self-contradictory.
Jose M. Weeks jmweeks@cord.edu

Re: The idea that something like this (... (none / 0) (#24)
by skim123 on Fri Jun 09, 2000 at 12:25:06 PM EST

What if the virus only takes system resources (your account of maliciousness) when the computer is idle/load is low?

Money is in some respects like fire; it is a very excellent servant but a terrible master.
PT Barnum


[ Parent ]
Re: The idea that something like this (... (none / 0) (#28)
by hurstdog on Fri Jun 09, 2000 at 01:35:24 PM EST

I don't think it matters. What if someone broke into your house and used the pool and spa, only when you were not in it? Any way you cut it you are stilll exploiting their computer and using its resources without their permission. This is the reason why so many posts are against it.

Now if you got a distributed.net client set up so that the people _knew_ what they were getting into, and choose to let you use their extra cycles and bandwidth, that wouldn't be so bad. In fact I think that would be kinda cool.

-hurstdog

[ Parent ]
The title is misleading, and has no... (2.00 / 1) (#20)
by wb on Fri Jun 09, 2000 at 10:33:37 AM EST

wb voted -1 on this story.

The title is misleading, and has nothing to do with anything past the first paragraph. Also, "benevolent" viruses (or virii, I don't care) that do distributed computing are nothing new.

Remember when... (4.50 / 2) (#22)
by Rasputin on Fri Jun 09, 2000 at 10:54:56 AM EST

Before you get too carried away with your "harmless" virus/worm/whatever, you might want to think about the stellar example that was Robert Morris ;)

Besides, what gives you the right to use my bandwidth and cycles to solve your problem?
Even if you win the rat race, you're still a rat.

Let me try to be as clinical as possible... (3.50 / 4) (#23)
by Anonymous Hero on Fri Jun 09, 2000 at 11:32:05 AM EST

Let me try to be as clinical as possible... Are you out of your fucking mind?

little snub to m$ (none / 0) (#32)
by vsync on Sun Jun 11, 2000 at 07:45:17 PM EST

Heh... I love that. At the end of the article, they said, "movies end in .mpeg, .mpg, or .mov". No mention of .avi or their weird streaming stuff (.asw?).

Now avi files will be viewed as virii. Somehow that is so appropriate.

--
"The problem I had with the story, before I even finished reading, was the copious attribution of thoughts and ideas to vsync. What made it worse was the ones attributed to him were the only ones that made any sense whatsoever."

Another DDoS Attack on the Way? | 32 comments (32 topical, 0 editorial, 0 hidden)
Display: Sort:

kuro5hin.org

[XML]
All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!