Home
About
Links
Archives
July 2010
June 2010
May 2010
April 2010
March 2010
February 2010
January 2010
December 2009
November 2009
October 2009
September 2009
August 2009
July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
August 2008
July 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
November 2006
October 2006
September 2006
August 2006
July 2006
June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
July 2004
June 2004
May 2004
April 2004
March 2004
February 2004
January 2004
December 2003
November 2003
October 2003
September 2003
August 2003
July 2003
June 2003
May 2003
April 2003
March 2003
February 2003
January 2003
December 2002
November 2002
October 2002
Add to Technorati Favorites
Search
July 2010
June 2010
May 2010
April 2010
March 2010
February 2010
January 2010
December 2009
November 2009
October 2009
September 2009
August 2009
July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
August 2008
July 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
November 2006
October 2006
September 2006
August 2006
July 2006
June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
July 2004
June 2004
May 2004
April 2004
March 2004
February 2004
January 2004
December 2003
November 2003
October 2003
September 2003
August 2003
July 2003
June 2003
May 2003
April 2003
March 2003
February 2003
January 2003
December 2002
November 2002
October 2002
Add to Technorati Favorites
Last 15 Articles
 23-2-2004 - Holyhacking, GIGABYTE Arrested! Cluley Behind It? |
| 10:45 am GMT I was working on a piece questioning the inefficacy of the last, let's hope, of the "doom" worm family, this one dubbed "F", that's for sure, as it didn't do jack, but my interest in this badly written and non-spreading variant was because it targeted the RIAA along with Microsoft. Yes, I wanted to see them taken down, but not at the expense of it messing up users' computers. Then I read something that sent alan watts through me -- the Spark I needed. I've written about Gigabyte a couple of times, quite recently, in fact. The first, banged out in August, "Teen Coder Gigabyte Has C# Teeth", the second, "Writer's of Mass Destruction" from February 4, in which I defended her after some guy from Kaspersky claimed she wrote the SoBig virus, total and utter BS. So just imagine how the Spark went nova after spotting Gigabyte's name in Zone-H's forum, and after reading guy after guy trash her, someone posted she'd been arrested. Clear now? Google! Oh yeah, it was true, 10 days after my report, on Valentine's Day, no less. I think of virus and worm writers and trojan creators as pond scum, but Gigabyte was different. As I keep saying, I was fascinated by this Belgian teen who had it in for the wank I love to hate, Graham Cluley from Sophos so badly, almost everything she created was aimed at him. This dude loves it, he can't stop talking about it, over and over there he is spouting like a little teapot about her and the viruses she wrote directed at him. Btw, they never got in the wild. Now, imagine my growl upon seeing the first link on Google pointed to Sophos. I was surprised to see that Cluely hadn't written it and it begins with a bit about her arrest, the years she could do in prison, the fine she's facing, that her website had been closed down, her five computers confiscated, the usual, but then I got to this part: "Gigabyte has gained quite the reputation. Being an outspoken female in a male-dominated arena as well as her strange relationship with my colleague, Graham Cluley, has made her a favourite for the media" said Carole Theriault, security analyst at Sophos. "The simple fact is that writing and distributing viruses is not cool, and one wonders why such a young and obviously clever girl would flirt with the path of a common criminal." Then it goes on to describe in some detail, the viruses she's written and I couldn't have kept a straight face if I had to when reading: "W32/Qizy-A December 2003 Posing as a Christmas screensaver, the Qizy worm asked infected users a number of questions, including what Sophos's Graham Cluley kept between his toes. Correct answers revealed map directions to a mystery package." Of course I clicked on W32/Qizy-A and my endorphin level is rising fast as I crack up reading about it. First, pay close attention to this: "At the time of writing, Sophos has received no reports from users affected by this worm. However, we have issued this advisory following enquiries to our support department from customers." I find this extremely funny as it's clear this is just a joke, no one will ever get it, yet this outfit goes on to list the questions as well as the answers. "The dropped program informs the user of the infection and claims they may be able to disinfect it once they answer ten questions correctly." 1. Which animal would Santa have if he actually existed? 2. In which country do I live? 3. Which season do I hate the most? 4. What does antivirus person Graham Cluley have between his toes? 5. What kinda virus is an HLLC virus? 6. Which chipset does a U.S. Robotics 22Mbps Wireless PCCard have? 7. Which keyboard layout is used in Belgium? 8. In which language did I write Parrot? 9. And Darkness? 10. In the 'Buffy The Vampire Slayer' series, there's a vampire who had a chip in his head for a while. What's his name? Aha, further reading proves she was cited as the creator after her arrest. There was no mention of this when I was researching her less than 3 weeks ago. "On completing the quiz correctly, the user is advised to go to www.geocities.com/quiz_map for disinfection instructions. The site contains a map and five photos, allegedly giving directions to a 'package' which will provide disinfection. The W32/Qizy-A worm was written by the Belgian virus writer, Gigabyte. A 19-year-old woman believed to be Gigabyte was arrested in February 2004." Btw, the answer to what's between Cluley's toes is cheese. I found more on NetworkAssociates, who reports: "This worm was submitted to several anti-virus vendors by the virus author, directly. It is not known to be in the wild." Screeech. Smell the rubber. 'It is not known to be in the wild'. Man these AV peeps piss me off. It's obvious to me no harm was meant -- '...may not succeed due to bugs in the code', 'not in the wild'. Cripes, The glaring absence of the writer's name is what's bugging me. Something stinks. This is more like it. From silicon.com who subheads their article with "Is the war with 'Clueless' over for her now? A female Belgian virus writer who has been waging a very public and protracted war against Sophos anti-virus expert Graham Cluley has been arrested and charged by the authorities. Over the past few years 'Gigabyte' has launched a number of viruses, all identified by a strong anti-Cluley theme. One launched a game on infected PCs which challenged readers to answer questions about the man the author had nicknamed 'Clueless'. Another game required infected users to knock Cluley's head off on a modified coconut shy." They omit mentioning these were never in the wild. Dammit. The rat stench is getting stronger. It seems silicon.com has been writing about the two quite a bit. Like this from July: "However, Cluley and Sophos seem convinced Gigabyte is under the impression the ubiquitous malware expert thinks women and girls aren't computer savvy. He told silicon.com: "She may have misunderstood my comments in the past. My point is that boys mature later than girls, which is why girls see how pointless it is writing viruses." Cluley admitted Gigabyte, who is known to be a Belgian computer studies student and aged 18 or 19, is "a competent programmer". She has also become something of a sex symbol for young male hackers who frequently try to contact her via her website - a kind of cyber-savvy Lara Croft figure, an image backed up after a silhouetted TV interview last year showed her kick-boxing. Cluley added, with a touch of sarcasm: "She is fascinated in me for one reason or another. I'm in a position of authority, so maybe she looks up to me. I'd like to think she's taken with the cut of my jib."" Expletives censored. Back to the arrest article. "Ironically it was that strong streak of the self-publicist in Gigabyte which ultimately led to her undoing. Carole Theriault, a security analyst at Sophos, said: "It is normally incredibly difficult to track down virus writers but when they start coming out and boasting about what they are doing they can often help us to find out where they are." But perhaps the bitterest irony for the outspoken Cluley in all of this is that he is away on holiday as the news breaks. Never one to shy away from public comment, he will be kicking himself to miss this one."" Ohyeah, sure, sure. I picture him gleefully rubbing his hands together and grinning over what he thinks was a job well done. Come on, who else could have had her arrested? I'm sure once his holiday is over, his mouth will be flapping all over the net about how justice prevailed. Wanker. The Register also wrote about her arrest, and like every other site, included her beef with Cluley: "She was also well known for frquent run-ins with ubiquitous AV spokesman Graham Cluley over his sociological analysis of virus writers. In anti-virus circles, Cluley is well-known for describing virus writers (VXers) in less than flattering terms, once memorably saying they only wrote malicious code because they were spotty teenage nerds who couldn't pull. Gigabyte took exception to remarks like this, even going as far as writing viral code that mocked Cluley." Interesting. Google still has a cached page of her site and that allowed access to her guest book. Jeezus, some of the entries are just plain evil and nasty, though there are many who cheer her on. Most keep ragging on her for her stance against Microsoft and the stupidity of having her code on her site for download. I must agree with that -- big mistake. Wow, after reading a whole slew of entries, only after her arrest was Clueley mentioned. "I like what your doing - and your methodology behind it. Don't change - people like you are what keeps this world interesting and worth living in. Cluley would have us be mindless robots who know nothing and wish to learn nothing about computers. Some of the comments people make on your site are ridicoulus, I like your coding style and I am glad your virii are not so much malicious - that is a thing that makes me happy to see. My props go out to you." I am not sticking up for her, or championing her cause. I wish she'd put her skills to better use and hope she doesn't have to do time. I am confused, in that her identity has been known for a long time concerning the first viruses and no action was taken against her, so, why now? The Register article said the Belgian police claimed she was going to put more code on her site. The grande pregunta is, who tipped them off to this? Again, only one name comes to mind. I've said enough. "hopefully this doesnt screw up your life too bad. you'd figure theyd be more worried about people who are actually doing something bad... ie.. selling drugs, guns, bibles." --Guest book entry Brenda Stardom Portugal |
2002-2010 © Brenda Stardom