Posted Wednesday 1st July 2009 02:16 GMT
If the attack took place in mid 2007, why in God's name did the idiot keep evidence lying around until March 2008? Why didn't he quietly erase all copies of the bot from all systems under his control? Was he really that much of a retard?
Posted Wednesday 1st July 2009 08:23 GMT
"Was he really that much of a retard?"
Yes. He was.
Posted Wednesday 1st July 2009 08:23 GMT
So, if I want to get someone in trouble, and they own a domain name, all I have to do is:
1. Infect a domain they own with "listening" software
2. Infect a large group of computers with software to create a DDOS on large number of websites and have the call back to the "victims" domain name?
3. perfect.
Heck, may not even have to do step 1.
Posted Wednesday 1st July 2009 08:23 GMT
Well, his bots did directly contact domains he controlled, so he was pretty dense.
Posted Wednesday 1st July 2009 12:23 GMT
Some people don't understand that you can't so easily get rid of files off a flash drive.
If you delete them, they can still be recovered as was already known about many kinds of media but with flash memory even if you try to overwrite the file you have no reasonable expectation that typical overwriting software will circumvent the wear-leveling of the flash controller. It'll do what appears to be overwriting then simply re-reading all sectors later the data may be retrieved unless the flash drive is either destroyed or filled with enough data to be sure the old was overwritten.
Even then someone will come along and say there are ways to detect what was previously written but in the real world such measures are more of a theory based on simple principles, not a working viable method if the data was actually overwritten on flash.
The better question is why was the bot ever stored on any media the perpetrator had at all without strong encryption. There was no assurance that days or weeks, letalone several months later would be a period available to dispose of the evidence. Feds don't generally give advanced warning before the knock on the door in the wee morning hours.
Posted Wednesday 1st July 2009 15:26 GMT
Why did he _still_ have the damn flash drive _months_ later? Why didn't he just drop it into a shredder or an incinerator or just into the nearest large body of water? Why didn't he, well, go out into the bloody woods and dig a hole and drop it, and any other evidence, in there? If it was me, all of that stuff would have been bloody gone two bloody seconds after the DDoS attack went out.
Damn but that boy was a retard.
Posted Wednesday 1st July 2009 18:40 GMT
The funny thing is that if you read the Rolling Stone article, it tells the unflattering story, but is sympathetic to the guy.
Posted Wednesday 1st July 2009 18:43 GMT
The entire point of this story screams "Look at me!", yet he didn't think that someone might, you know... look at him?
All because he got caught exchanging some phrases of questionable morality with some he _thought_ was a girl... but didn't bother doing anything to confirm it.
Paris - because even if she is fake, she is still all woman.
Posted Thursday 2nd July 2009 08:26 GMT
Well it's pretty hard NOT to be sympathetic to anybody when compared to an amoral misanthrope who spends all his time pretending to be a teenage girl in chat rooms. Xavier may have found a socially acceptable target for his bullying but it hasn't made him any less of an asshole, and he's terribly bad at hiding that.
This post has been deleted by a moderator
Sign up, sign up for The Register's weekly IT security newsletter - click here
Back to the article
