One wonders how many parents of non-script kiddies were affected by these destructive criminals, or how many of these script kiddies are professionals making a living.
This story concerns 18,000 script kiddies. Imagine the scale of impact we're talking about when magnified to their victims.
I think you just can't compare those 2 scenarios, 25 years apart.
Back then: We got the 2nd computer in the household in 97, exactly so I would not have to use the family (actually business) computer anymore.
Now: I mean ok, maybe it's already swung past a certain point that there is actually only one non-mobile device in the home, but the chance that it is the targeted script kiddie's machine (and not the important family computer) is so much higher.
someone does something bad -- by all means that gives whoever carte blanche to do whatever is just as bad or equally so to the victimizers.
This doesn't make sense -- even less sense when you realize that 'script kiddies' is anyone who ran an executable from an image board; you couldn't ask for a lower bar.
Half the people who downloaded the thing probably didn't even know what the fuck an IP address is, they probably shouldn't be the ones saddled with taking on the entirety of repercussion that was meant for the person(s) who wrote the tool.
tl;dr : I bet half of the '18,000' people were 11 year olds who typed 'google.com' or their least favorite AIM screen-name into the target criteria of this already half-assed 'tool', yet people act righteous for wiping their hard-drives as if they were the real culprit.
read : wiping the not-culprits parents hard-drives in many cases, I would bet.
First, parents are responsible for the actions of their children.
Second, we assign blame to the person that pulls the trigger, not the maker of the gun.
Third, these people are likely to never face any other form of punishment.
Personally, I think these facts justify this level of retribution. That doesn’t make it “legal” or “right”, but I definitely do not think it is “wrong”.
> Second, we assign blame to the person that pulls the trigger, not the maker of the gun.
The analogy here is more akin to a booby trap than a gun, in which case we do assign the blame to the person that made the contraption intended to harm the unwitting user.
That aside, considering once it was discovered how the drive wiper that OP (aaza) claims to have made works, it basically just became a drive wiper that any bad actor could drop into a target system and run, “I intentionally distributed malware that I think, but have no way of verifying, only hurt The Wrong Sort Of People” isn’t just illegal and wrong, it’s stupid.
> That aside, considering once it was discovered how the drive wiper that OP (aaza) claims to have made works, it basically just became a drive wiper that any bad actor could drop into a target system and run, “I intentionally distributed malware that I think, but have no way of verifying, only hurt The Wrong Sort Of People” isn’t just illegal and wrong, it’s stupid.
Imagine copying an entire binary onto a system just so you don't have to run `cat /dev/zero > /dev/sda`
> Imagine copying an entire binary onto a system just so you don't have to run `cat /dev/zero > /dev/sda`
Imagining script kiddies using stupid software in stupid ways very clearly and easily, also imagining a script kiddie pasting `cat /dev/zero > /dev/sda` into the windows command prompt of the computer he’s controlling with sub7 and getting very frustrated
"when you realize that 'script kiddies' is anyone who ran an executable from an image board; you couldn't ask for a lower bar."
Wow. Just wow.
I looked at keygens and whacked an entire site of 900+. Not a single one did not have a virus, and some more than one. I kept it as a zoo to test scannets.
The poster was preventing a crime against innocent parties. His "victims" were the criminals. The script kiddies were responsible for running malware and trying to launch attacks from their parents' computers in this scenario, and they would be the ones responsible for data erasure of others using the same computer.
In that sense, file deletion is destructive but honest. The poster owned the systems at this point and could have exfiltrated data or used the control of the systems for further attacks. This was decidedly mild.
It’s not black and white, so I won’t argue for black or white, but an important factor to me is: ddos eventually stops and then everything is back to normal; no permanent damage is done.
They are both cybercrime. I'm not disagreeing with that. But if you sabotage a bombmakers tools and they blow their own household up instead of other innocent people, is it the same thing?
Let's be very specific: "if they actually used it as part of a DDoS.". This wasn't embedded in warez or cracking tools, it was in botnet controllers, and ran when someone had pulled the trigger to execute an attack.
What if the bomb maker lives in a shared house with innocent people, or even in their parents basement?
Thats a more relevent analogy here, as probably most of those script kiddies were using the family PC which had other other innocent peoples important stuff on.
you are saying it was "botnet controllers" all the op said was "ddos tool on 4chan" - LOIC wasn't a "ddos" tool. it was a DoS tool. sub7 wasn't a ddos tool. BO wasn't a ddos tool. butttrumpet wasn't a ddos tool.
A "botnet controller" requires a botnet. The OP made malware. A program, when run, that would delete your files without permission.
merely having the thought of doing something illegal isn't illegal and afaik the catholics have the only guidelines on how to deal with illegal thoughts, and "delete all the files on their hard disk or otherwise corrupt their system" wasn't in the canon that i saw.
"Years ago when DDoS tools were being distributed on 4chan I fixed a bug in one of them and redistributed it there"
"if they actually used it as part of a DDoS"
You are incorrect, they said it was a DDoS tool. You are incorrect about "merely having the thought", it required executing an attack. FAFO. Again, this is part of the personal evolution of tons of security professionals who longer do juvenile stupid shit. Or at least learned how to do so in a hardened sandbox vm.
One wonders how many parents-of-script-kiddies were affected, having their data or work destroyed by blind retribution for having naive children.