Just too bad that the German, as well as some other European and the U.S. governments have seen fit to criminalize the digital crimefighters for using the tools they need to fight digital crime, while the governments, themselves, are legalizing the same tacticts to be used on innocent citizens without the need for a warrant...

Host the cleanup servers elsewhere. Let's face it, there are quite a few hosts out there in certain countries who, for a small consideration, are quite happy to let you run whatever you like, far from the influence of US / European law enforcement.........

I had a quick mooch through the stormfucker code, I think the Xor key has had a few bytes edited and the code needs to be compiled with the flag -DXOR there's probably other things need fixing to make it work but those 2 things stood out.

You would also need the peers.ini from an infected pc to get tit to start talking on the storm network i think.

don't you just love it?

...was posted to Slashdot.

Seconds later, thousands of machines around the globe were editing the makefile (so it'd work) and typing make.

Believe me, it's been run.

^^^ More please. Do these guys have Paypal donation box?

please say you missed a Joke icon off your post.

"Your pc is infected. Click OK to remove". Only the thick dumb asses that get most viruses would click OK.

Actually maybe that's not such a bad idea!

So, if I see a pop-up box on my screen saying "Do you want me to clean up the Storm Worm trojan which has been detected as infecting your PC?", then I press 'Yes' and everything will be ok?

That sounds like a wonderful idea.

Allowing security researchers break the law in order to stop other people breaking the law is digital vigelantism, its not a good idea in the same way that normal vigelantism isnt. Different people have different ideas of justice, and enforcing an individual view, rather than societies view is not healthy. What is needed is a co-ordinated, international body, or group of national bodies that deals with malware in a way that society views is fair.

Point me to a copy of the client, *I've* got no problem issuing the cleanup command...

Mines the one with 'vigilante sysadmin' across the back (in fixed pitch terminal font naturally)

'Twas an article published in '84 in Scientific American. Google 'core wars'. This is essentially a real live core war. Fantastic! Nice one guys.

1) Identify a zombie

---a) Researchers or a cohort of ISP techs agree an verify that a particular computer is acting as a zombie

2) Inform an ISP of all identified zombies on their network, giving them a 48 hour deadline

---a) Zomibies' ISP blocks affected computers and informs users why.

---b) Affected systems not allowed back on until they are verified clean.

---c) Users added to a "watch list" so no other ISP will accept them until system is clean

---d) Users may need to pay for cleaning/verification

3) ISP responds within 48 hours that all zombies are now blocked

---a) Zombies probed - if blocked, all is well

---b) If still live, ISP faces risk of blacklisting (>5% still live, immediate blacklist, <5% ISP has 3 hours to block)

4) Once 48 hours deadline passes with no response that *ALL* zombies are blocked (99% is not good enough), ISP gets black listed.

5) ISPs required to inform users of their responsibility to ensure that their systems are secure. The users should also be informed that they may well be held liable for all costs and penalties the ISP incurs as a result of the user's lax security.

There is NO EXCUSE for a computer being on the net without security. ***NONE*** Even Windows can be secured to a reasonable enough extent (and for free).

PMSL! "the approach - which involves turning the botnet's command and control system against itself - could run foul of computer hacking laws in Germany and elsewhere, which ban the modification of computer systems without consent.".

So, the worm can do it illegally and cause havoc, but it can;t be fixed as that's illegal ROFL.

Yep, played Core Wars in University in '91 on one of the campus Vax machines.

You use a 'programming language' called Red Code, which consists of 7 instructions. Its amazing the range of tactics you can come up with using such a limited instruction set.

I was kind of forgetting about all the other spurious drive-by popup crap.

In my (lame) defence, I was only really interested in the legal side of it, but yeah, I guess you need someone's consent even to get the consent popup to run.

Maybe I'll engage my brain before posting next time.

Naah, on second thoughts, where's the fun in that?

@AC Tue 13th Jan 2009 08:07 - "to get tit " Snurk

@AC Tue 13th Jan 2009 12:09 - "---a) Zombies probed " Erm, no thanks. I like mine living.