By Nick Johnson | Article Rating: |
|
February 3, 2004 12:00 AM EST | Reads: |
34,721 |
Now of course not all Linux users are bad people. By human nature, though, we tend to remember the worst out of any group.
I'm sure as time goes by and more businesses and professionals start to take Linux seriously, this reputation is less deserved; but nonetheless if you say "Linux" to many seasoned administrators (especially IRCops), the first thing they think of will be script kiddies - the online equivalent of vandals.
They are of little clue (just enough to cause trouble) and absolutely no positive conflict resolution skill whatsoever. These are nerds who think that launching denial of service attacks affecting thousands or millions of users is an acceptable response to being insulted on IRC. They plague more than just the Linux community, but for whatever reason the Linux script kiddies seem to be more memorable. Perhaps our expectations of Linux are higher - the new guy always has to prove himself - and so failings and disappointments are more memorable.
Now the MyDoom e-mail worm that's been causing so much trouble on the Internet over the past week has deployed its payload, attacking SCO with a massive distributed denial of service attack from infected machines, despite a bug causing the attack to fail from about 75% of infected machines.
It's no secret that SCO has drawn the ire of many a Linux user for its claim that Linux source code stole copyrighted Unix code. The relative merits of SCO's case are beside the point; that matter will be decided not by any of us, but by the courts.
Now there's no direct evidence linking the MyDoom worm to the Linux community. But it would be amazing for someone who was not at least sympathetic to the Linux community's battle with SCO to choose such a relatively-obscure target for attack otherwise. A second variant of the MyDoom virus is set to attack another Linux "enemy": Microsoft.
Even if we suppose that the author of MyDoom and MyDoom.b chose the Microsoft and SCO targets completely at random and their apparent grudge has nothing to do with Linux at all, this action still isn't good for the Linux user community. People are going to put 2 and 2 together anyway. Notably absent from the news articles about the worm are leaders from the Linux community condemning this type of behaviour. The media itself may be partly to blame, but I can't help but wonder if more could be done to get the message out there.
The problem is that even if it isn't deserved and even if Linux has nothing whatsoever to do with it, Internet vandalism on this scale to enact some kind of vengeance on an "enemy" of the Linux community still reflects badly on that community, making it look childish, immature, dysfunctional, and desperate. Outsiders will associate the Linux community with the person or persons who wrote the worm, regardless of whether that's fair.
Outsiders may also assume that "silence = consent." Linux users, take advantage of this opportunity to take a stand against script kiddies and worm hackers. Make it clear that this kind of behaviour is not tolerated within your community. Where are your leaders saying, "Even though we disagree with SCO, this is not the right way to show our disapproval?" Why isn't someone saying, "This is not how we solve problems and resolve conflict?"
It's good to see that open-source advocate Eric Raymond voiced similar concerns [as did Bruce Perens here at LinuxWorld]; now let's hear from folks who control the direction and development of Linux itself.
I know we geek types don't like being thrust into political leadership situations. We'd all much rather bury our heads in code and go about our creative process. Unfortunately, once a community develops around a product, its developers are unavoidably forced into these situations. The community forces the leaders to think about things like PR, conflict resolution, influence and other political nonsense. To migrate to and survive in the business world, you must think and act like the business world thinks and acts. Microsoft didn't hesitate to offer a massive reward for the head of the worm's author. Why was there silence from Linux?
When someone makes your organization and community look bad, it's time to engage PR (hey, it works for Microsoft). It's time to yell from the mountain tops that your community will take the high road and not resort to such lowly tactics. Denounce Net vandalism and disown the vandals. Develop a culture that says this kind of childish behaviour is below your community standards.
You must get the word out (use PR Newswire or get help from allies like IBM if necessary), or folks like me are going to read the news about the next Internet worm that attacks a well-known "enemy" of Linux or open-source and say, "the Linux kiddies are at it again."
Published February 3, 2004 Reads 34,721
Copyright © 2004 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.
More Stories By Nick Johnson
SysAdmin Nick Johnson writes for a number of sites including morons.org where an earlier version of this piece was posted. This version is written specifically for Linux.SYS-CON.com.
![]() |
Pete 08/09/04 02:28:57 AM EDT | |||
I think the news media is making the news agian/still. |
![]() |
vic 02/08/04 11:54:54 AM EST | |||
Just a quick note. Any time there is a virus outbreak everyone starts blaming someone else, and start asking for better anti-virus software. I have yet to read any journalist that fingers the real culprit and offers the real solution: stop using OutLook! I will not even say stop using Windows, I'll keep my opinions on that issue. Tehere is a spanish saying that gose something like this: 'if there is no dog, then there is no rabbies' OutLook is the dog, MyDoom and others are rabbies. |
![]() |
Nick 02/05/04 07:58:23 PM EST | |||
I'm not the among the paranoid kind of people, but this could've been easily a Microsoft (and maybe SCO's too) "little" conspiracy against Linux. They both want Linux out of the way. Why ? Microsoft can't keep up with their patches for their buggy Windows and SCO can't make a better UNIX even with their BIG NAME and experience and FUNDS. So let's find the real problem INCLUDING THE BACKDOOR. Now this a scenario: "The creator of what anti-virus experts say is the fastest spreading virus ever on the Internet signed MyDoom and MyDoom.B with "andy," and left the following message in the latter version: "I'm just doing my job, nothing personal, sorry." Check this link: http://news.softpedia.com/news/2/2004/February/6956.shtml |
![]() |
anuj sethi 02/05/04 07:37:25 PM EST | |||
I am a windows user (with a broadband connection). Please don't hate me for, "I don't want to be bothered by what goes on inside my computer". As a netizen, I can do my duty to remain clean, if I have "a effective & free anti-virus". 'My loss' is the community's loss. Save me. |
![]() |
warren crossing 02/05/04 06:00:49 PM EST | |||
warning - this is NOT a terrorist attack a terriost uses VIOLENCE to further his POLITICAL agenda get real - the attack on sco is not political it's purley commercial. ie sco stole linusesusuesses code! shake your money maker! stop watching so much tv and read a book you @ [monkey] |
![]() |
Kurt 02/05/04 01:52:23 PM EST | |||
I agree with Photocrimes the DoS attack was a cover for the backdoor and key logger. The hammer will drop again when the results of the spammers gains from the backdoor and key logger hit. Even with the massive news coverage thousands of "novice" windows users will not do anything to take care of infected machines. There are a mass number of WIndows users that have no clue as to what goes on inside their machines. It's a mentality supported by the "click it and everything takes care of itself" mentality of Windows. It doesn't require the operator to know much to make it go. Most home users on broadband connections do not have a system admin to make sure virus definitions are updated and firewalls are set up and all security patches are applied. I have worked on a number of systems that have not been updated since first boot. The Linux community should disavow themselves from all the "script-kiddies" and other people who break into, or otherwise compromise, systems for maliscious intent. But to "stand up and shout" about a specific event is to own it. We don't own this one. Instead point out how this wouldn't happen on a Linux box running OS sofware, offer solutions and help out those of us who have to recover Windows systems affected (I run Linux at home but support DOS/WinNt/Win2K/WinXP at work). Building good will will go a lot further than more shouting. |
![]() |
Bryn 02/05/04 06:05:17 AM EST | |||
'Keeping the viruses coming' will give only the most moronic members of society 'a laugh' and will not 'show the world that linux users are a force to be reckoned with'. It will turn the uninitiated away from linux, because every time SCO is the subject of a DDoS attack, the media will again associate the virus attacks with the Linux vs SCO dispute and the general population will make the association Linux = virus writers. They will, understandably, be turned off any thoughts of investiagting the virtues of Linux for themselves and so Linux will end up suffering more than SCO. The logic that says Linux advocates are incapable of writing Win viruses is also completely flawed. Linux users are on the whole more technically capable than the average Win user. The writer of MyDoom was almost certainly a supporter of Linux, though this obviously does not mean they are a contributor (almost certainly not, I would guess). We must all utterly condemn this terrorism, for that is what it is, and demonstrate that we are way above this idiotic level of thinking. We do not need to silence SCO to defeat them, quite the contrary. |
![]() |
Greg 02/05/04 02:35:00 AM EST | |||
We're living in a system of law and order. I certainly agree that the law does not always apear just and certainly not fast enough. However, while there are justified cases of self-defence, MyDoom is certainly not among these cases. MyDoom is more like terrorism. It only destroys for the sole sake of destroying and doesn't show better (or at least other) ways. Assuming it's targeted at SCO, how much sense does that make and secondly what about the collateral damage? Viruses, Worms and the like appear to be funny, as long as you're not among the victims. There seem to be few effective ways agains epidemics and plagues. One of them is certainly respect, another might be carefulness. I'm convinced that mischievousness, either passive or active, is the rather wrong approach! Don't keep those viruses coming. Any such virus author must be condemned and be brought to trial. The Internet has become a vital part of the (civilized) world. Help your legal system with facts and it will work much better towards what you expect. Be responsible yourself and avoid any such virus could be spread through yourself! Don't ask what the legal system can do for you, ask what you can do for the legal system. Don't ask what the Internet can do for you, ask what you can do for the Internet! The Internet needs you! |
![]() |
Tore in Sweden 02/05/04 02:18:04 AM EST | |||
The so called 'Linux script kiddies' are what you say, |
![]() |
warren crossing 02/04/04 11:42:04 PM EST | |||
well one thing is established so far - and that is linux users are not prepared to put up with software commodities and the political capitalist-driven bs that goes along with it. i myself dont run windows because of critical security limitations with the os architecture, and am not affected by the windows user-land viruses why its microsofts inability to produce a stable platform and the users' ignorance who run such a floppy piece of application code that causes this to happen in the first place - why doesn't sco sue ms for allowing this to happen?? surley this would make solid sense. are sco paranoid or what?? i say keep the viruses comming - give us all a laugh and show the world that linux users are a force to be reckoned with!!! |
![]() |
G.I. Taylor 02/04/04 11:12:02 PM EST | |||
SCO and Microsoft are quick to offer rewards. Microsoft was quick to pay for some IP License when SCO started their Lawsuit against IBM. I Think SCO and Microsoft are behind the Mydoom Virus in Order to taint Linux Growing reputation. |
![]() |
Richard C. L. Li 02/04/04 07:53:27 PM EST | |||
It is clear that the creator of MyDoom is expert in Windows, since MyDoom is Windows based coding. Therefore it is quite clear that it is not by any "die hard" Linux users and/or hackers. Did Microsoft funded the journalist to mislead the community to think that it is Linux guys behind the MyDoom? |
![]() |
VoiceOfCommonSense 02/04/04 10:25:16 AM EST | |||
What can the Linux community do when the press doesn't do their homework? Do you have a suggestion? Why don't the Windows users take a stance against "script kiddies", as you call them, or "professional spammers" as others have called them? It's their systems and their ignorance that's being exploited. Why doesn't every networked computer user take a stance? It's their network that's being clogged, their mailboxes that's being polluted. This isn't just a Linux community problem, it's society's problem. |
![]() |
Martin Vermeer 02/03/04 10:45:26 AM EST | |||
I disagree with the idea that we should shout from the mountain tops We should, if asked, comment in ways that explain the situation. By 1) though Linux is pretty immune to viruses, the spam hits us just as 2) every basket has its rotten apples, but this particular basket is 3) contrary to some (i.e., journalists, but you don't have to say that |
![]() |
ashishK 02/03/04 10:41:15 AM EST | |||
Agree, but i think Bruce Perens already said much of this: Thus, I urge all persons who have sympathy for Free Software, Open Source, and Linux: Do not cheer on attacks on the SCO site. By doing so, you falsely implicate our community in the attacks, in the eyes of outsiders who read your words. Our community believes in freedom of speech, not silencing our opponent's speech through net attacks. We will defeat SCO using the truth, not by gagging them. Publicly deplore the attacks as an attempt to defame us, and not an effort of our community. Show others this notice. Continue to fight SCO, using all legal means at your disposal. Show others the analysis of SCO's ongoing fraud at Groklaw.net and elsewhere, and explain to them your own experience as a participant in the Free Software community. Continue the visible presence of Free Software as a force for good in the world by producing excellent original software for everyone's free use and deploying it wherever possible. Promote these projects to the press and public as you carry them out. Do what you can for other public-good projects such as schools and non-profit organizations. FreeGeek.org is an excellent example of how to carry this out. Show others by example that our side always takes the high road. When they see a low-road sort of action like denial-of-service, spam, or stock fraud, they'll know who to blame. Many Thanks |
![]() |
Mark potochnik 02/03/04 09:17:59 AM EST | |||
Although I have heard a couple of negative comments about Linux people. When they said that they didn't want to go online today because of the virus. I told them that I had a solution. I gave them a copy of virus safe Knoppix, and they were happy to get it... A first... MarkP |
![]() |
Photocrimes 02/03/04 08:37:34 AM EST | |||
I find it surprising that biased journalism is still being posted well "after" the experts in the community have stated that the MyDoom trojan was the product of a Russian Spam house. Using SCO and Microsoft was all smoke meant to draw your focus away from the true intent of the trojan, plant a back door and key logger. Cudos, it worked. It has fooled every journalist out there and smeared our good name while planting back doors in some 500,000 PC's ready for the spamers to use. Of course nobody points to the spamers, they are all too wrapped up in blaming Linux users, or trash talking them. Don't you think it's fair to point out that this was a Windows based trojan? In fact Linux users are seldom refered to as "script kiddies" as they are often highly educated. It takes a fair amount of skill to be versed in using any Unix/Linux system. It is safe to say that this trojan could of been created with NO KNOWLEDGE of Unix/Linux whatsoever! It troubles me that a journalist would overlook all of the other evidense and base his conclusion only on the words "Microsoft" and "SCO" It looks like we overlooked one small part of this trojans payload. Not only did it plant a back door and keyloger, it also planted a bunch of journalist. |
Apr. 20, 2018 08:00 PM EDT Reads: 452 |
By Yeshim Deniz ![]() Apr. 20, 2018 07:30 PM EDT Reads: 1,901 |
By Yeshim Deniz Apr. 20, 2018 07:00 PM EDT Reads: 2,793 |
By Liz McMillan ![]() Apr. 20, 2018 05:15 PM EDT Reads: 13,405 |
By Elizabeth White ![]() Apr. 20, 2018 03:15 PM EDT Reads: 12,874 |
By Liz McMillan ![]() Apr. 20, 2018 02:45 PM EDT Reads: 16,897 |
By Pat Romanski ![]() Apr. 20, 2018 02:30 PM EDT Reads: 6,546 |
By Pat Romanski Apr. 20, 2018 02:00 PM EDT Reads: 1,204 |
By Liz McMillan Apr. 20, 2018 01:30 PM EDT Reads: 1,614 |
By Pat Romanski ![]() Apr. 20, 2018 01:00 PM EDT Reads: 5,265 |
By Pat Romanski Apr. 20, 2018 12:45 PM EDT Reads: 2,161 |
By Yeshim Deniz Apr. 20, 2018 12:00 PM EDT Reads: 4,950 |
By Liz McMillan ![]() Apr. 20, 2018 11:15 AM EDT Reads: 7,046 |
By Pat Romanski Apr. 20, 2018 11:00 AM EDT Reads: 2,617 |
By Liz McMillan Apr. 20, 2018 10:45 AM EDT Reads: 2,477 |
By Yeshim Deniz ![]() Apr. 20, 2018 10:30 AM EDT Reads: 1,861 |
By Liz McMillan ![]() Apr. 20, 2018 09:45 AM EDT Reads: 5,105 |
By Elizabeth White Apr. 20, 2018 09:30 AM EDT Reads: 1,642 |
By Yeshim Deniz Apr. 20, 2018 08:45 AM EDT Reads: 1,523 |
By Pat Romanski Apr. 20, 2018 08:45 AM EDT Reads: 2,197 |