Another kid arrested, this one seems more intelligent that the other guy.
---

Juvenile arrested in release of variant in Blaster worm attack
GENE JOHNSON, Associated Press Writer
Friday, September 26, 2003

(09-26) 15:49 PDT SEATTLE (AP) --

Investigators have arrested a juvenile in connection with the release of a variant of the "Blaster" computer worm, which crippled thousands of computers worldwide last month.

It was the second arrest stemming from the release of variants of the worm, but detectives have yet to determine who created the main version.

Prosecutors refused to release any information about the suspect, not even the youth's gender or home state. They cited confidentiality rules protecting juveniles accused of crimes.

The U.S. Attorney's Office in Seattle said in a statement that the youth was arrested as a juvenile for intentionally causing damage to protected computers.

The variant the juvenile allegedly created was known as "RPCSDBOT." Prosecutors did not say how many computers they believe were infected.

Collectively, different versions of the virus-like worm, alternately called "LovSan" or "Blaster," snarled corporate networks worldwide, inundating 1.2 million computers, said Oliver Friedrichs, a senior manager with Symantec Corp., a leading maker of antivirus software.

Friedrichs said Symantec had not determined how many computers the "RPCSDBOT" variant infected. Its chief difference from the original worm was that it used a "Trojan horse" that allowed the attacker to retain control of infected systems, he said.

Earlier this month, Jeffrey Lee Parson, a high school senior from a Minneapolis suburb, pleaded innocent in Seattle to federal charges he crippled more than 7,000 computers by modifying a version of the "Blaster" worm. The charges carry up to 10 years in prison.

Federal prosecutors in Seattle are handling the cases because the worms directed infected computers to bombard Redmond-based Microsoft Corp. Web sites with e-mails.

Earlier this month, police in Romania said they were investigating Dan Dumitru Ciobanu, a 24-year-old former student suspected of modifying the worm to attack computers at a university he attended. A Bucharest computer security company said Ciobanu had been arrested, but police denied that.

---
Actual Story URL (http://sfgate.com/cgi-bin/article.cgi?file=/news/a/2003/09/26/national1640EDT0727.DTL&type=printable)

These kids must have skills to be able to make these viruses. Its so fustrating that there is nothing for them to put their skills towards that is more positive.

Another one caught,

Well i have to give him some credit damaging a lot of computers with the virus.

The 10 years in jail sucks.

Wasted life for sending out a virus that killed computers. Computer nerd.

This guy actual did somethign new to the Blaster worm code. He actual executed a trojan to get access to the infected computers not like the other kid who just made the worm communicate with his server. Even though this kid screwed a bunch of people's computers I have more respect for him as a "hacker" (in quotes cause the definition is wrong).

I dunno, i would honestly told the reporters and anyone that if BIll Gates would try harder, he might make a secure operating system, just like how he secured his wealth and being a monopolizer.

---
Actual Story URL (http://sfgate.com/cgi-bin/article.cgi?file=/news/a/2003/09/26/national1640EDT0727.DTL&type=printable)

Come one man... you put that link for us to check the original newsresource....right?

But in that url they show this thread as the original resource.

So, what kind of game are you playing?

These kids must have skills to be able to make these viruses. Its so fustrating that there is nothing for them to put their skills towards that is more positive.

Actually, these people they arrested are noobs. They only modified the existing virus code. It is a lot harder to write a virus from scratch. It would only take a few hours to write some code into an existing virus.

Come one man... you put that link for us to check the original newsresource....right?

But in that url they show this thread as the original resource.

So, what kind of game are you playing?

Im not playing any game. That is just the referer to that page. If you make your own and link to that page your web address is going to appear.

Just defending my reputation.

I'd be more interested in knowing who wrote the original,than who wrote the variants.Poor kid ruined his life just for a stupid virus.

All these stupid kids who write virii, especially when they dont even make their own it makes them look more retarded.

Whats the point of writing virii anyway, why not create and make something people will remember for a long time and help society too.

When you destroy other peoples information on such an extremely large scale you deserve every ounce of jailtime you get.

I Guess some kids prefer to get it in the ass by their bunkmate.

Im not playing any game. That is just the referer to that page. If you make your own and link to that page your web address is going to appear.

Just defending my reputation.

Defending what?
Don't be afraid dude.

Ok, let me explain you something;

When you post a news article and in the end you show us a link with the "Story URL" title, it's means that in THAT link we will find the resource, the confiable and orginal resource.

Now that you have learned something new, you can continue posting more news.
Cheers.

Defending what?
Don't be afraid dude.

Ok, let me explain you something;

When you post a news article and in the end you show us a link with the "Story URL" title, it's means that in THAT link we will find the resource, the confiable and orginal resource.

Now that you have learned something new, you can continue posting more news.
Cheers.


Ok let me explain something you dont understand. The URL I posted was for the printer-friendly version. I did this because it is the more graphic-less version and it loads faster for most 56kers. Now the printer friendly thing is just a template. Now lets examine the URL:

http://sfgate.com/cgi-bin/article.cgi?file=/news/a/2003/09/26/national1640EDT0727.DTL&type=printable

Ok, for you this may look like a typical URL and tells you only the address of the page. Now for me it tells me they are using a script template (im guessing PERL since its CGI). You see that little '?' it tells the server over at SFGATE.COM these are variables. Now a variable in the 'article.cgi' file has the variable 'file'. I know this because ITS RIGHT HERE "?file=" now whatever is after the little equal sign is the value of that variable "=/news/a/2003/09/26/national1640EDT0727.DTL". So in reality the actual story is at http://www.sfgate.com/news/archive/2003/09/27/national0350EDT0449.DTL

But wait, theres more:

"&type=printable" tells the cgi script "Use the printer-friendly template."

The address from ZP like I said appears there because the printer friendly template does not know which page it was sent to from (AKA the referer). So since the referer is in this case this page. The address of this page will appear. Now we could have avoided this if you in doubt just removed the "&type=printable" from the url in this case http://www.sfgate.com/cgi-bin/article.cgi?file=/news/archive/2003/09/27/national0350EDT0449.DTL or would have gone to the main page of SF gate and checked for your self.

Now who has learned something new?

Ok let me explain something you dont understand. The URL I posted was for the printer-friendly version. I did this because it is the more graphic-less version and it loads faster for most 56kers. Now the printer friendly thing is just a template. Now lets examine the URL:

http://sfgate.com/cgi-bin/article.cgi?file=/news/a/2003/09/26/national1640EDT0727.DTL&type=printable

Ok, for you this may look like a typical URL and tells you only the address of the page. Now for me it tells me they are using a script template (im guessing PERL since its CGI). You see that little '?' it tells the server over at SFGATE.COM these are variables. Now a variable in the 'article.cgi' file has the variable 'file'. I know this because ITS RIGHT HERE "?file=" now whatever is after the little equal sign is the value of that variable "=/news/a/2003/09/26/national1640EDT0727.DTL". So in reality the actual story is at http://www.sfgate.com/news/archive/2003/09/27/national0350EDT0449.DTL

But wait, theres more:

"&type=printable" tells the cgi script "Use the printer-friendly template."

The address from ZP like I said appears there because the printer friendly template does not know which page it was sent to from (AKA the referer). So since the referer is in this case this page. The address of this page will appear. Now we could have avoided this if you in doubt just removed the "&type=printable" from the url in this case http://www.sfgate.com/cgi-bin/article.cgi?file=/news/archive/2003/09/27/national0350EDT0449.DTL or would have gone to the main page of SF gate and checked for your self.

Now who has learned something new?

LMAO!!!

hahaha

ok... so, now the url was the printer-friendly version.... LOL

Come on clown.... the show is already finished.

LMAO!!!

hahaha

ok... so, now the url was the printer-friendly version.... LOL

Come on clown.... the show is already finished.

wow you resort to insults. Have you even tried going to SF Gate (http://www.sfgate.com/)? Did you at least try to understand what I was explaining to you? It is the online version of the San Francisco Chronicle. How can the god damn San Francisco Chronicle not be a "confiable resource"?