BBC Links Linux To MyDoom

minus_273 writes "It seems the BBC has a story on their front page titled 'Linux cyber-battle turns nasty', very specifically linking Linux users to the MyDoom virus. Some lines to note: 'If anyone's anger has no measure, it is the wrath of internet zealots who believe that code should be free to all (open source). So, it seems likely that the perpetrators of the MyDoom virus and its variants are internet vandals with a specific grudge.'"

Why I'm not surprised...

[nametaken]

That the BBC is being criticized worldwide for making unfounded claims.

They got it wrong

[Mork29]

who believe that code should be free to all

We just believe that GPL code should STAY free for all like it was when it was published under the GPL. I know such an idea could come only from a zealot... but hey....

Complain

[26199]

Click 'feedback' at the bottom of the page, fill in the article URL, and explain why this really isn't on.

Keep it civil, folks, and with any luck we can get an apology or at least a retraction.

I e-mailed

[SkArcher]

As soon as I saw the story - Please, for the love of whichever god you happen to believe in and/or live in fear of, be polite and give them references - the guy that wrote this article is obviously living stateside and Darl must have corrupted him.

Mainstream media...

[Max Romantschuk]

There's not much one can do about stuff like this. The media wants a story, they'll be happy to distort reality in order to get one.

The most important thing is to let people know we don't approve of the actions taken by creators of these viree. Not by shouting about it, but telling people, calmly, whenever given the chance. Tell your neighbour's dog walker if he/she will listen.

Fortunately popular belief does not rule (most) legal systems.

Re:Why I'm not surprised...

[jangell]

Who gives a shit if a Linux user wrote it? If a Windows user wrote a virus to attack Linux the news articles wouldn't be saying "Microsoft Users are Evil. Attacking innocent Linux Users".. They would be.. "Linux is Inseccure and worthless" ..

If you don't want viruses to spread, don't have users running as adminstrators as default. Don't write worthless code.

Microsoft is just asking for it, as is SCO.

Re:Why I'm not surprised...

[Goldberg's Pants]

What amuses me is the opening part.

The MyDoom virus represents a new level of sophistication in attacks on company websites.

How is it anymore sophisticated than the last 20 viruses down the pipe that DoS sites?

Methinks SCO has a journo at the BBC bought and paid for...

Logic, but not of a good quality.

[dbirchall]

Generally when something bad happens, you do try to figure out who might have made it happen. There are "usual suspects" for a lot of things. And "people who dislike or are mad at the victim of this particular thing" tends to be part of that set...

However, there's also the matter of a modus operandi. While the Linux community certainly doesn't like SCO or Microsoft, its members aren't particularly known for writing virus code. In fact, writing Windows virus code would probably require greater... intimacy with Windows than most users of other operating systems would ever want to have.

My guess is that it's either a rogue coder or a coder in the employ of somebody (spammers are "the usual suspects" for employing virus writers lately, but why attack Microsoft and SCO, then?) who's probably using, and used to coding for, Windows. That's far more logical.

this is not surprising

[circletimessquare]

there are two elements of understanding any issue in the news

there is an informed, fair and balanced view

then there is the 15 second layman appraisal from viewing bits of media coverage

clearly, mydoom is an attack by linux zealots in the mind of the average layman

clearly, the truth is linux advocates are horrified at what this script kiddie has done

however, the court of public opinion is 99% of the population and the court of computer scientists is 1% of the population

if we have learned anything about wmd and iraq, the court of public opion matters alot, while the microscopic court of the informed matters very little

so what is mydoom all about? angry linux zealots

scream about how it is not so on slashdot, the turth is mydoom is the work of script kiddies, we all know that, but you are preaching to the choir

in the court of public opinion what mydoom is is very clear, and the informed on the issue can do very little about it

Biggest problem with the net...

[segment]

You know I wrote something along these lines a while back. (Breaking Point [politrix.org]) Not this scenario exactly, but how easy it would be to digitally frame someone online. It's a shame things are getting out of hand. Maybe I should take some time write the document correctly (formatting, spelling) and make a request for comments from others in the community and make some little "READ ME" for people who don't understand tech too much. I know BBC would have probably taken a different look if they knew enough about computing to understand how easy it is to pass off something as someone else on the net.

Re:Well, duh

[Zo0ok]

Who else would have written it?

Assume your implication is correct, and it is obvious that the virus writer must have been some Linux-warrior. Then it would make sense for anyone who wants to discredit Linux to write such a virus.

Thus, SCO, M$ or someone else who dislikes Linux could have written it.

Pretty hilarious...

[Anonymous Coward]

I see unfounded and baseless claims about Microsoft on /. all the time, nobody complains or feels aggrieved about those. Regular posts based on outdated perceptions and ill thought out assumptions. Funny how the media suits people when it is publishing stories that work for them. Sadly this will get modded to Troll.

Re:Mainstream media...

[rjelks]

After all of the SCO FUD, I'm not suprised so many people were taking enjoyment out of SCO's misfortune. Unfortunatly, people are looking for someone to blame and this does make for a good story. I've seen slashdot members' comments quoted on stories about this virus, so people are looking here for a response. I know it's been talked about before, but here [perens.com] is Bruce Perens letter to the OSS community again. Everyone's certainly entitled to their opinions, but he makes a good point.

More and more stereotyping

[mind21_98]

Why can't we just all get along? I'm serious. The actions of the MyDoom creators are not indicitive of the actions or opinions of the rest of the community. To say otherwise would be the same as being what you're against. I would have expected better from the BBC, but whatever.

ok then

[n.o.d.y.n.e]

So we all believe the MyDoom virus attacking SCO was a coincidence? Yeah, right. Face the facts kids, it had disgruntled Linux geek written all over it.

Re:They got it wrong

[NanoGator]

"I know such an idea could come only from a zealot... but hey...."

That's not what they tuned in to. It's the comments like "I might just let this virus do its work..." that led to that conclusion. If you 'non-zealots' don't want to have the finger pointed in your direction , then I would strongly recommend treating this case with more objectivity instead of cracking anti-SCO comments.

Let us not forget our Truth Tables

[Saint Stephen]

Not a troll, but try to remember the inverse of the statement "All Linux Users are responsible for the MyDoom virus" is not "No Linux User is responsible for the MyDoom virus". The validity of the statement "The MyDoom virus author is a Linux User" is not verified -- but drawing any sort of Universal conclusion (affirmatively or negatively) is not valid reasoning.

Re:Pretty hilarious...

[gilroy]

Blockquoth the poster:

I see unfounded and baseless claims about Microsoft on /. all the time, nobody complains or feels aggrieved about those.

slashdot is not a news organization, despite its byline. There are no crack investigative journalists working for slashdot and no one pretends that there are. The BBC is a widely respected news source accorded respect by its viewers/listeners, who will tend to accept its pronouncements based on its reputation (recently tarnished anyway) for journalistic integrity. They have a responsibility to check their facts and not spin conspiracy theories for the heck of it.

Reality of course is different.

Re:this is not surprising

[grahamtriggs]

But then Linux advocate != Linux zealot.

Like any criminal act, there had to be a motive for the act. MyDoom singled out SCO and Microsoft for attacks - it isn't a stretch to say that is more than simply random coincidence.

There are many reasons why someone would choose to attack Microsoft, but SCO? Most people haven't even heard of SCO, let alone have a reason for attacking them.

Just maybe it is random coincidence, maybe it is just because SCO has had quite a bit of coverage on sites like Slashdot recently. But surely - to most people - it looks like someone either wanting to make it look like the Linux community, or is a Linux 'sympathiser', or is within the (greater) Linux community.

Of course the vast majority of Linux users have had nothing to do with it, and are horrified by what has happened. But it only needs one bad apple.

To sort of echo other comments, it is kind of typical of the BBC at the moment - the reporting may be woefully flawed, but there is a hint of a genuine story at the core of it.

Re:Why I'm not surprised...

[Anonymous Coward]

I sent them the following through their feedback section. Please assist them by adding your own comments.

===============

Re: Linux and MyDoom article by Stephen Evans
BBC North America Business Correspondent

Stephen,
Do you have _any_ evidence of anything you say in your article? Any at all? You know the virus contained an open port that would leave unfirewalled machines vulnerable to remote exploit with the potential of turning the machine into, for example, a zombie for spamming. Since you appear to be able to link half baked ideas with zero evidence, how about the whole thing was sponsored by IBM to allow them to gain greater control of linux after they have stomped SCO into the ground? Or how about, SCO did it to themselves to generate more anti-linux feeling? The latter of course is a situation you are helping to perpetuate with unsubstantiated rumours such as this badly written article. After all that the BBC has gone through in recent months, please refrain from heaping further ignominy on the pile.

Regards,

Re:Pretty hilarious...

[Anonymous Coward]

Infact the BBC did say that the link to linux was a theory and not fact, perhaps reading the article in depth should come before attacking the BBC

Re:Complain

[welshwaterloo]

sent this:

Hi

This is in relation to the story "Linux cyber-battle turns nasty."

The is telling people who read the Business section that:

"run-of-the-mill geeks" are "wreak[ing] damage on the unsuspecting computer user."

There is no evidence that this has been coded by 'geeks', Linux or otherwise. Most reputable IT news sources are agreed that the main aim of the virus is to install a 'backdoor' to allow spam to be sent through the PC. This means the virus is *much* more likely to have been written by (or partly sponsered by) organized crime.

It's not mentioned once in the article that the virus opens a back door to allow the PC to be remotely controlled. Is this perhaps because it doesn't fit in with the way the article was crafted..?

"in the case of the MyDoom computer worm, the motivation seems clearer. It has attacked a company based in Utah called SCO, bringing down its website with a barrage of emails sent from countless computers" Good lord - if you're going to do a tech story, get a techie to read over the damn thing before you hit 'send'. The attack was *not* carried out using emails. How would you address an email to a website? It was a DDOS attack. Two words - Goo gle. Is is a silly point? Perhaps but when the BBC is writing about computer viruses I tend to expect them to do the tiniest bit of research.

I use Linux, and I think it's aims are noble. I am insulted that this lazy article tars Linux users with these baseless insinuations I ask that you withdraw the article and/or print a retraction.

Re:BBC Article is Uninformed

[drsmithy]

I don't think this article sees very much of the issue. Why didn't they do a more serious analysis of SCO and the fact that many top executives are dumping stock? Why didn't they look at it from a legal standpoint focusing on the etymology of the code supposedly in question? Why didn't they point out keenly that SCO has not produced any real evidence?

Maybe because it's an article about MyDoom, not the SCO v IBM court case ?

Don't get mad....

[CountBrass]

Do what I did when they reported in a previous article that SCO were the owners of Unix. Send them an email reporting a factual error in the article. I did, pointing out that SCO *claim* ownership but that was disputed by the people they say they bought it from (Novell).

Here's the link you'll need: http://news.bbc.co.uk/1/hi/help/3281777.stm just add your correction and the article's URL.

Re:They got it wrong

[shepd]

>It has nothing whatsoever to do with "preserving the freedom" of *your* code.

In that case, copying Windows' ftp.exe to a disk "for a friend" is A-OK with the law, right?

Re:Pretty hilarious...

[be-fan]

The unfounded and baseless claims about Microsoft on Slashdot get written by *users*. This is a not a media site but the comments page of one! An official website of the BBC is just a little bit higher up on the "I trust this for my information" ladder than random, anonymous user comments!!!

Re:Complain

[menscher]

My complaint (submitted to BBC):

I'm disappointed by the errors included in the article by Stephen Evans on the MyDoom virus. His statements regarding the intents of the virus creators are treated through most of the article, except in a minor comment near the end, as statements of fact. This is improper, as Stephen could not possibly know the intent.

There are also some blatant factual errors. For example, Stephen writes "[i]t has attacked a company based in Utah called SCO, bringing down its website with a barrage of emails...." This statement is false. The virus attacks the SCO webserver, as is noted later in the article (self consistency was not even maintained).

Finally, the article closes with the statement "[i]t is about malice not money." This is also widely regarded, among the computer security community, to be untrue. The article failed to mention that the virus creates a backdoor on infected machines that can be used to relay spam. The virus appears to have been written by for the purpose of helping spammers. The DoS (denial of service) attack on SCO appears to have been added later, almost as an afterthought, as a way of distracting the news media from the more insidious threat. It is unfortunate that it seems to have succeeded in that goal.

Please feel free to contact me if you have any questions about my statements. I have not included references since this is fairly easy to confirm by visiting any reputable security site. I especially recommend reading the comments of the "incidents" list at www.securityfocus.com to see what experts are saying about the relative importance of the "spam relay" part of the worm to the "attack SCO" part.

It concerns me, when I recognize such blatant reporting errors, that I cannot trust the other articles originating from your site. I hope that this will be an isolated incident.

Re:Why I'm not surprised...

[NanoGator]

"That the BBC is being criticized worldwide for making unfounded claims. "

Unfounded claim my ass. Slashdot has a field day every time there's a juicy update for SCO. Don't believe me? Well let's take a look at Slashdot's introduction [slashdot.org] to this virus. Let's have a peek at the first post there, shall we?

Finally! (Score:5, Funny)
by someonehasmyname (465543) on Monday January 26, @04:40PM (#8094762)

Finally, a worthwhile virus!!
--
Common sense is not so common.
[ Reply to This ]

+5, Funny? Okay, let's look at the immediate reply:

Re:Finally! (Score:5, Funny)
by Anonymous Coward on Monday January 26, @04:46PM (#8094852)

Is there a Linux port yet???

+5 Funny? Okay, let's look at the third comment:

Re:Finally! (Score:4, Funny)
by Geek of Tech (678002) on Monday January 26, @06:32PM (#8096045)
( http://www.hopper.net/~joshuarogers | Last Journal: Friday November 28, @06:26PM )

So, uh where can I download a copy?

+4 Funny, okay the joke started to get old then. So Slashdot breaks the story, and people get modded up for joking about wanting the virus on their machine. Now, I know what you're thinking "Oh they just meant that like as irony cos nobody'd really do that." Valid argument, except that's not the case I'm making. Folks, the case I'm making is about impressions. Frankly, the impression from that whole thread is "Yay, SCO will be attacked." Unfounded claim my ass. The active Slashdot Community did all but beg for SCO to point the finger at them.

Be dismissive if you like, but consider the effect Slashdot sensationalism against SCO is having on your reputation here. Slashdot has legitimate complaints about SCO's behaviour here, but when that type of BS happens, it is REALLY hard to take the lot of you seriously. Now you've got the media turning its guns against you. Well gee. It was worth it to get that +5 Funny, mmm?

My response on the BBC feedback page..

[FishermansEnemy]

Mr Evans,
I assume when you went to Journalism school they stressed to you the importance of researching a subject before you start an opinionated rant.
"The MyDoom virus represents a new level of sophistication in attacks on company websites. It is also a new front in a war waged by those who want to preserve the open-source Linux operating system."
The MyDoom virus is not sophisticated in the slightest, and any Anti-virus vendor would have told you that. It is not a self replicating worm like Blaster or Nachi that used holes in the windows code to spread itself. It is simply a program attached to an e-mail that rely's on users being dumb enough to run it. If that is your idea of sophisticated then I suggest that you dont try and report on any other IT matters. You say that this represents a new front on the war between SCO and the open source comuntiy. That is pure speculation based on the target of the DDOS part of the virus. Are you aware that the virus also contains code to alow the author and the spamming community to use these infected machines as open relays to send their anoying rubbish. I am of course assuming that you have heard of SPAM but there is no mention of this in your article, very sloppy journalism on your part or an indication of your own personal opinions about SCO and open source software.
"Deep in the darkness of the psyche, vandals and arsonists no doubt have their reasons - and so, presumably, do the run-of-the-mill geeks who wreak damage on the unsuspecting computer user."
Run-of-the-mill geeks? are you suggesting that you have information to indicate that this was NOT written as your standard virus to facilitate the sending of spam. You KNOW who wrote this was a nerdy crusader who just 'snapped' and wanted a piece of SCO? I'm sure the FBI/CIA/GRU would be very interested in your info. If you have this information then pass it to the authoroties, if you don't then you are widly speculating again. Do you not think that the choice of target in this case MIGHT have been made to discredit the open source movement and conceal the real intent of the virus. You see, you dont have to install a backdoor to a computer to make a DDOS attack, you need to do it so you can use that computer to do your bidding AFTER the smoke has cleared.
"It's just that the reasoning isn't easy for most of the rest of us to understand. "
There is plenty of information available on the internet for you to find this information out Mr. Evans.
"But, in the case of the MyDoom computer worm, the motivation seems clearer. " Only of you spend less that a minute investigating it.
"It has attacked a company based in Utah called SCO, bringing down its website with a barrage of emails sent from countless computers into which the worm had been insinuated, unbeknownst to the users."
This is just plain incorrect. The infected computers used HTTP GET'S to the companies web site, not a 'barrage of e-mails' Any anti-virus vendor would have been able to tell you that. Facts Mr. Evans, heard of them?
"There seems little doubt that SCO was targeted - illegally and unacceptably, lest anyone be in any doubt - because it has enraged many people devoted to the Linux operating system." There is plenty of doubt Mr. Evans if you care to take more than a superficial look at the situation. The open source community is up in arms about this, they feel that they are being framed for this because they are an easy target, esspecialy when non-impartial reporting starts pointing fingers without doing adequate research.
"On top of that, SCO has sued IBM, accusing it of using SCO property because it too uses Linux." Dare I point out that you have failed to find the facts in this case too? There is reams of information on the internet regarding this case and even a cursory glance would have told you that SCO is not sueing IBM because is 'uses' Linux. It is sueing IBM because it alledges that IBM donated code to the Linux kernel that it did not have the right to. These facts have not been proven, and SCO has not even been able

Re:Pretty hilarious...

[Anonymous Coward]

Another funny thing: Slashdot reported on Mydooms effect on SCO, but haven't said a word on the worm's lack of effect on its second target, Microsoft.com.

Re:Complain

[Rico_za]

My feedback to the BBC:

I'm not a Linux zealot, I don't even use Linux, but I have been following the SCO vs. Linux story for a while now. The article "Linux cyber-battle turns nasty" is far below the high journalistic standards the BBC have set in the past. It contains nothing but bad conclusions without any basis in fact. The fact of the matter is that most computer security experts think exactly the opposite of what is stated in the article: That the MyDoom virus was written by email spammers testing out virus technology to use in future spamming. It is very convenient for the virus writer that the Linux community is blamed for the virus. Simple research on the internet reveals many sources backing this (http://www.ajc.com/business/content/business/0104 /28worm.html and http://www.chron.com/cs/CDA/ssistory.mpl/business/ 2376200).

Please don't let the high quality of factual reporting by the BBC revert to tabloid sensationalism.

Response to the BBC

[bobstay]

As a linux "devotee" (as your article would have it), I feel your article misrepresents the sentiment of the vast majority of the Linux community on the matter of the MyDoom virus.

While it is true that the Linux community in general despise SCO for their actions, it is not a widely-held opinion that the illegal and destructive actions of the MyDoom author are justified, as your article tries to suggest. Rather, the Linux community would prefer to see SCO challenged and beaten in a court of law, as their tactics are based on intimidation and assertion without evidence to back up their claims.

The fact that one maladjusted virus-author, seeking an outlet for his destructive actions, has picked SCO as a target which he, erroneously, assumes will generate him respect from "geeks" does not imply that the majority support his actions.

Your article, while paying lip-service to the fact that "There's no proof, of course, but it must be one of the theories at the top of any investigator's list", tries to paint the Linux community with a broad brush as unprincipled "hackers", which is, in reality, far from the truth.

You are not doing the BBC's reputation as an unbiased reporter of news any good. I expect better from the BBC.

Re:this is not surprising

[drsmithy]

clearly, the truth is linux advocates are horrified at what this script kiddie has done

They're hiding it well...

Re:Why I'm not surprised...

[fucksl4shd0t]

+4 Funny, okay the joke started to get old then. So Slashdot breaks the story, and people get modded up for joking about wanting the virus on their machine. Now, I know what you're thinking "Oh they just meant that like as irony cos nobody'd really do that." Valid argument, except that's not the case I'm making. Folks, the case I'm making is about impressions. Frankly, the impression from that whole thread is "Yay, SCO will be attacked." Unfounded claim my ass. The active Slashdot Community did all but beg for SCO to point the finger at them.

And that's only half of it. The other half of the comments all said something to the effect of "Whoever wrote that, quit it!" or in some other way pointed the finger right back at open source programmers. Fact is, any real open source programmer would have released the source code as GPL (or some other open license) and provided the source code to users. :) Jokes aside, the thing that irritates me the most whenever something like this happens (check out other attacks on SCOs website, for example) is all the guilt-ridden freaks here on slashdot that come up and say "We shouldn't have done that!". Well, now the BBC is saying the same thing. What makes them any different than the whole lot of you that say it?

I mean, really. Sure, the BBC is supposed to be this big trusted media giant and all, but when you can read the article on the BBC and then go to slashdot's coverage of the same virus and see the BBCs "wild accusations" firmly confirmed by the community itself, what conclusion are you going to reach?

I got modded as troll for attacking Bruce Perens in that same thread for reaching the conclusion that the media would make this conclusion, and he was right. But judging from the look of the posts in that specific article and many other posts in many other articles, I can't say the BBC made an "unfounded" accusation. Quite the contrary, the community took responsibility for it, and whether or not the MyDoom virus came from open source programmers, the community should not have taken responsibility for it. We should be out trying to hang the fucker that did it along with SCO. Because now SCO and we have a common enemy, whoever that person really is.

Re:Fact-gathering is passe

[Platinum Dragon]

There's no proof, of course, but it must be one of the theories at the top of any investigator's list.

And this is from a organization which allegedly deals in "news" ?

You'd think after the Hutton report, the entire editorial hierarchy would be overcorrecting for any possible hint of an unsupported accusation.[0]

Although this article reads like an opinion column, and has the lack of sources and facts tolerated in such pieces, there is no indication that Stephan Evans submitted this column as opinion. This needs to be cleared up, as Evans spends much of the article chalking up the worm to angry Linux users despite the lack of evidence in anyone's possession at the moment. MyDoom may very well be the work of a disgruntled Linux geek, but Evans seems to be attacking the entire community by association.

Re:Mainstream media...

[Anonymous Coward]

The main reason is because the general public doesn't know anything about linux. So now instead of associating linux with the operating system, people would had never heard of linux before will associate it with the worm the may have received. Linux is nothing but a group of hackers who steal code and write viruses to attack anyone who stands up to them.

Why do the media do this? It makes good news. An operating system kernel is hardly something Joe public wants to read about. But an underground society of hackers? Now that's news.

Re:Mainstream media...

[m00nun1t]

How true. Here's a link to another site [slashdot.org] whose editors frequently distort reality to make a story more interesting.

Give BBC some decent feedback!

[Rauchbier]

Everyone here should tell the BBC [bbc.co.uk] that they shall not publish unproven facts in this case.

Re:Why I'm not surprised...

[Anonymous Coward]

And mine....

I'd suggest in future your North American business correspondant gets a little help with IT related stories. Firstly, MyDoom performs a DDoS (Distributed Denial of Service) attack, this does not "represent(s) a new degree of viciousness in internet warfare" the technique has been known for years and details are widely available so it hardly represents "a wickedly ingenious programme". The attack has nothing to do with email, if it did SCO's mail server would be down, not their website. Mr Evans inability to follow basic journalistic principles (fact checking, anyone?) means it's hardly surprising he missed the most damaging aspect of the MyDoom virus, that it leaves infected computers open to use by spammers to send yet more of the crap that fills our inboxes daily. Ally that to the fact that much anti spam work is done by the Open Source community (the people responsible for Linux) and you have a possible alternative explanation of MyDoom. The reporting of IT stories in the mainstream press is generally not good, but this piece is utter garbage, I expect better from the BBC.

Re:Why I'm not surprised...

[zurab]

Unfounded claim my ass. Slashdot has a field day every time there's a juicy update for SCO.

A little bit of reality check here: you are comparing /. comments to a BBC article and expect them to follow the same journalistic integrity? /. is a discussion board; it's NOT journalism, it's NOT news reporting or anything similar. BBC is a respected news source with top-notch journalists that many organizations and people around the world follow and listen to. They have a much higher standard to follow in their news reporting; like checking important obvious publicly available facts before publishing something that stupid.

Now you've got the media turning its guns against you. Well gee. It was worth it to get that +5 Funny, mmm?

Next, maybe BBC should check out *.advocacy.* newsgroups - it could have a lot of guns to turn in a lot of different directions. The BBC article in question qualifies for one of those groups anyway - I just didn't know BBC lowered its bar to the standard (or lack thereof) of online discussion boards.

Re:Complain

[Bigman]

But it never does any harm to flatter a little in order to charm someone you're complaining to - or did your momma never tell you that?

MyDoom is not GPLed!

[cpghost]

If MyDoom was written by Linux zealots, wouldn't it be GPLed? I'd like to see its source code! Any .deb or SRPM out there? Is it on sourceforge? Where's the CVS repo? Can we collectively improve it? Nah...

Re:They got it wrong

[ncr53c8xx]

That's not FSF's position. They believe ALL software published should be Free Software.

Nice straw man. FSF believes in Free software. They don't advocate "liberating" software like some warez d00ds do.

Re:Pretty hilarious...

[pirhana]

>> The BBC write biased pro Linux stories, nobody here attacks them when they do, they applaud them.

This is NOT just a biased story. This is actually equating a community with criminals without any proof or fact to back up. Its far more serious than just being biased in one's opinion. I dont think many slashdotter would applaud when somebody is unjustifiably treated as criminals.

Re:Why I'm not surprised...

[FireFury03]

Except slashdot is not a proper news service - it's just a bunch of people exchanging views and jokes. Nor is slashdot funded with a tax on the public. If I'm paying my licence fee, I don't expect the beeb to be making libelous remarks about me (being a linux developer) being a criminal.

USE THE FEEDBACK FORM, LUKE!!

[sniggly]

If you don't like their reporting, use the feedback form:
http://news.bbc.co.uk/2/hi/help/3281777.stm

"Linux cyber-battle turns nasty"

Is your reporter Stephen Evans aware that MyDoom is a virus that is perpetrated by MS Windows machines? Meaning the virus was written to run ON windows BY a windows programmer...

Could Mr. Evans please next time indicate where on earth he finds the factual evidence to support his amazing theory that mydoom is the "wrath of internet zealots who believe that code should be free to all", or are we now to believe the BBC supports baseless ranting against a group as diverse as those who support open source software? Couldn't it easily have been caused by disgruntled shareholders, maglignant ex employees or al quaeda for that matter?

Thank god you didn't have a luminary such as Mr. Evans sexing up Iraqi WMD stories.

And then we have this...

[csk_1975]

And in this thread...

Re:Complain (Score:5, Funny)
by kinnell (607819) on Thursday February 05, @08:41AM (#8187078)

Keep it civil, folks

Screw that! Someone write a mydoom variant which targets the BBC.
That'll teach them to bad mouth linux zealots.

I don't even want to guess how you see this one.

I don't think you can really justify pathetic journalism because of a few funny jibes on slashdot. SCO is trying to commandeer the work of others. Why shouldn't people make fun of them and hope them harm? Its not like they haven't tried their hardest to piss people off.

If ill informed idiots in the press choose to write articles riddled with errors and specious claims, that is their problem. They'll get their "facts" from somewhere else, at least funny comments on slashdot are entertaining to lots of people - more power to someonehasmyname, Anonymous Coward and Geek of Tech - love your work guys.

Re:Why I'm not surprised...

[Anonymous Coward]

Please mod the parent down. Or is alashdot really going to encourage mailbombing BBC now because they write something we don't like? That's just more proof to them that OS people are into revenge as a policy.

Re:this is not surprising

[Michael Hunt]

I'd be inclined to suggest that attacking www.sco.com and www.microsoft.com is merely a blindside to attract just this kind of troll reporting, whilst keeping the mainstream IT press unaware of the worm's real motivations.

If you were a russian spam 'family,' wouldn't you want your worm-infested zombies to stay uncontrolled for longer due to people not focussing on the real intent of their worm?

Re:Why I'm not surprised...

[Anonymous Coward]

Here is a summary of the post I made about this article on their website....

This article, by Steven Evans, has not one reference of proof/factual evidence to back up the claims made in it. It can be summed up in his own words with "..There's no proof, of course, but it must be one of the theories at the top of any investigator's list".

Exactly. The article offers not one single piece of evidence to back up any of the claims made in this article.

Claims like "There seems little doubt that SCO was targeted - illegally and unacceptably, lest anyone be in any doubt - because it has enraged many people devoted to the Linux operating system.."

and

"So, it seems likely that the perpetrators of the MyDoom virus and its variants are internet vandals with a specific grudge"

Where is Steven Evans proof? The claims made in the article are accusative in implying that anyone with an interest in Linux, have a motive to cause criminal damage.

Given the BBC has just been criticised in the UK for misreporting and sensationalism in its journalism over the WMD dossier claims, I am surprised that an institution that has upheld integrity in its reporting, should allow an article that makes such bold claims, to provide no factual evidence.

Without facts, this article is nothing more than inflamatory and scare-mongering.

Journalists have a responsibility to report the truth. For an organisation like the BBC, truth should be a core value that is ferociously defended and pursued. If it is not, then it does not take much imagination to see where the BBCs reporting will end up - at the level of tabloid sensationalism.

Re:Can't even get the details right

[Lost Race]

It was HTTP GET requests.

Not even! It was the threat of HTTP GET requests -- SCO deleted the DNS for www.sco.com pre-emptively, before the worm even got a chance to attack. Their web page is currently available at sco.com [sco.com] apparently none the worse for the wear.

Could they have withstood the attack transparently by 302-redirecting www.sco.com to sco.com? Maybe yes, maybe no; we'll never know. Not that it matters either way -- with no products and no customers, they have little need for a reliable web site anyway.

My feedback (they must be drowning in this stuff)

[Omni-Cognate]

No doubt you have received a large amount of feedback on this story. I really must add my voice. I do not intend to rant or even complain, merely to correct.

The fundamental premise of this story, that MyDoom's attack on SCO implies that the virus was probably written by linux fanatics, is flawed for a number of reasons.

1. The article itself says there is no proof of this accusation, but this is buried deep down in the text. Most of the article, including the headline, presents the accusation as fact, with the full weight of the BBC's authority behind it. This is NOT fact. It is supposition.
2. MyDoom did not only attack SCO and Microsoft. It installed trojans intended to leave the infected computer open for easy unauthorised use. MyDoom-infected computers can be used to relay spam or log keystrokes in order to steal credit card numbers and other valuable information. If the purpose was simnply to attack SCO this would be entirely unnecessary. This disproves your last line "It is about malice not money". Spamming and credit card fraud are most certainly about money.
3. MyDoom is most likely to have originated in Russia (see http://www.abc.net.au/news/newsitems/s1035350.htm) . Spamming and virus writing has in the past frequently been linked to organised crime in Russia.
4. Attacking SCO's site HURTS linux (as I'll explain in point 4). Spammers have absolutely no reason to love open-source software. Most of the email infrastructure operates on open-source software, and attempts to stop spammers are being spearheaded by open source developers. MyDoom was most likely written by spammers, with the SCO attack intended to conceal the primary purpose (and therefore the real writers) of the virus, which is to spread spam and commit credit card fraud.
5. The battle being fought by the providers of proprietary software against the "open source community" is by and large a propaganda war. It is extremely difficult to compete with open-source on quality, and near impossible to compete on price. A commonly used tactic is therefore to attempt to tarnish the image of its authors. The most common image presented is that of a bunch of marginally competent hackers operating out of their parents' basements. With IBM pouring a billion dollars a year into open source development, and with Novell, HP, Sun, SGI and a host of other major organisations now "betting the company" on it, it is not hard to see that this is false. The people referred to as the "open source community" are the people who write the software that runs more that 60% of websites wordwide, that runs Google and Amazon, that provides the CGI special effects for every modern blockbuster, that is trusted in the datacentres of almost every single major corporation. These are not the kind of people who write viruses. Many of the writers of open source software are among the leading experts in their fields and work in labs owned by major corporations and universities. The largest part of the outrage of the open source community is in response to their unfair portrayal as something akin to the virus-writing, website-defacing "script-kiddies" who make many a linux sysadmin's life difficult and who are universally loathed by the open-source community. Against this backdrop, it would make absolutely no sense to attack SCO's site. It just provides further ammunition for the continuing attempts to blacken the name of open-source development.

If the servers of kernel.org (the linux kernel archives) were attacked by a virus in this fashion, and the BBC were to post an article baldly accusing, say, Microsoft of the misdeed, the BBC would find themselves on the receiving end of a lawsuit so quickly it wouldn't know what had hit it. Fortunately, all you will get from the open-source community is a huge pile of email, ranging from rants to considered responses.

A lot of people do feel very strongly about linux, about open-source software and about the SCO lawsuits. Some of these can come across as fanatical,

mod parent up (informative)

[mirko]

Hi
M. Stephen Evans is selling sensation instead of information.

MyDoom is a cleverly engineered piece of malicious Windows code, which means it's more probably be written by a malicious Windows developer.

Of course, your so-called reporter may also simply be incompetent and wanted the BBC to look even clumsier after a recent report had proved intrinsic disinformation about WMD coming from them.

So, please, either ask a REAL specialist for his opinion (REAL = technically competent and ethically unbiaised) or just ignore facts you cannot even comment.

Were it in my powers, would M. Evans lose his accreditation as a reporter in order to preserve our job credibility.

mirko.
*Reporter* for French computing magazines

Re:Pretty hilarious...

[RoLi]

I see unfounded and baseless claims about Microsoft on /. all the time

I have never seen claims like "Windows is a cancer" or "Windows is illegal" or "Windows threatens our way of life" here.

Re:Why I'm not surprised...

[cozziewozzie]

It's the slant that big media houses put on the stories. That's why you always hear about Muslim terrorists and Islamic extremists, and not about Christian, scientologist, Jewish, or any other type (although they certainly exist).

That's why you hear about Linux communists, Linux hackers (crackers) and Linux virus writers. If they use Microsoft, then it's something else that made them do it. If they use Linux -- why, of course, Linux made them do it.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Pretty hilarious...

[Alioth]

That's because it's Slashdot - note a forward slash then a dot. If it was a Microsoft-biased site it would be \. - Backslashdot.org. Slashdot is shamelessly biased towards *nix style operating systems - the title says it all. If you're expecting fair and balanced reporting on Windows issues, well, there's plenty of other websites you can go to instead.

Re:The page has changed.

[Goldberg's Pants]

So now I guess the BBC have joined the ranks of CNN, Fox etc... Engaging in revisionist "news" reporting... Nasty...

Re:Pretty hilarious...

[Welsh Dwarf]

Bill Thompson takes pot shots at what ever's current, and doesn't hesatate to start a raveing debate on his blog about it afterwoulds if you're so inclined.

And he isn't anymore pro linux than pro windows (actually, on average, quite a bit less). But so far I've only found one of his articles that couldn't be backed up, and he clarified his position alot later on the 'BillBlog' (linked to from his articles).

He's also one of the few BBC journalists who links to his e-mail address from his storys.

So no, Bill hasn't sided with the /. croud, he just say's what he thinks.

Even if it was a Linux developer...

[blorg]

It only takes *one* person out of millions of developers to write a destructive virus.

The article, however, paints a picture of an organised effort by the "open source community", despite the fact that *all* the leaders of said community have come out to condemn the virus, indeed pointing out that it would damage the community through stories such as this. I'll look forward to the articles on how "the entire Muslim world" is at war with the west; how the Republic of Ireland has once again, and with a single mind, bombed London.

I think the story can best be summed up in it's own words: "There's no proof, of course".

Re:They got it wrong

[Znork]

"The point of releasing under the GPL is to require other people using GPLed code as a base to develop and distribute their own work to also GPL *their* code."

Not at all. They can distribute their code under whatever license they want, but they cant distribute my code in proprietary form, nor can they distribute my code together with proprietary code.

There is no legal basis for the GPL to force any form of license onto any other code. It only affects the code under the GPL.

If that means some proprietary developer doesnt want to use the GPL code because they wont be allowed to distribute it in a proprietary form or together with their proprietary code, well, that's their problem, not mine.

Re:USE THE FEEDBACK FORM, LUKE!!

[Khazunga]

And here's mine:

I would expect more from an established news source, such as BBC. In the wake of the David Kelly affair, which has profoundly stained BBC's reputation, here is a perfect example of a story based on pure speculation and hear-say.

There is no suggestion that MyDoom was written by a Linux zealot, much less evidence. For all we know, it could have been SCO doing it, so its case reaches the headlights, and the pump-n-dump scheme fairs better. SCO's case against IBM is a wreck, and will hit a wall very soon on its own.

I hope this letter produces editorial regulation inside BBC against unfounded stories. Don't compete with "The Sun".

Re:Complain

[Ed_Moyse]

Oh come on! The BBC has more journalists than any other news organisation, ONE of whom was at fault here. His editors should have stepped in, and there were certainly managerial failings but even from the articles you quote:

"Hutton's assault upon the whole culture of the BBC and journalism is out of all proportion to their offences," former Daily Telegraph editor Max Hastings said in a commentary. "It ignores the huge, ugly reality, that Tony Blair took Britain to war in Iraq on a fraudulent basis."

The BBC as a whole has very high journalistic standards (in my opinion at least).

Re:Pretty hilarious...

[coastwalker]

I dont know about the new york times, but the BBC has a world wide reputation for unbiased news reporting. The fact that both the Chairman and Chief Executive both resigned because of a couple of unverifiable sentances that turned out to be wrong uttered by Andrew Gilligan tends to suggest that they take this seriously. I can assure you that your jibe will be recognised as the result of small minded childishness by most readers.

Re:USE THE FEEDBACK FORM, LUKE!!

[arivanov]

Well...

All you needed to do is point them to the securityfocus information and the kasperski press releases that clearly state that

1. The virus was posted via well known SPAM network used in counterfeight software peddling. This is also the reason why the infection went through the roof so fast (it got to too many people in too short time).

2. The virus has generally been traced to russian SPAM gangs.

It is nothing to do with linux, sco, msft. It is just business as usual.

Spammers, Spammers, and oh yes, Spammers...

[Spoing]

Last week, after looking at what was comming in for my domain, I suspected that the whole virus was a ruse for spamming. Along with the mydoom virus, a few different viri showed up...1/2 sent to addresses that have only recieved spam in the past. Over the past few days, my spam load has doubled.

While this is not a clear indication that the spammers sent Mydoom and other viri around the same time, it is mighty curious.

Poeple love a good fight

[th3d0ct0r]

Whislt searching google for any material related to Stephen Evans, i could only find a message criticizing some show in which he argued that the EU is killing the poor Record companies of the world for not letting them expant their copyright claims above the actual 50 year period. The conclusion being that this "reporter" is undoubtedly not objective, nor does he seem eager to dig for truth or a balanced representation of facts. About those claiming that slashdot is "begging" for being accused by sco, by posting ironical messages about the MyDoom virus etc..: As an analogy i point out following argument: "No wonder a woman gets raped if she dresses up sexy". To enlighten those who are not capable of benefitting from the use of their brain, there is no excuse for accusing a person or community without any proof. All of the comments and opinions about who wrote the virus are essentially worthless, (the gardener did it!) unless there is hard proof. Just because you are happy the evil mafioso got shot in the head, doesnt mean you aimed and pulled the trigger. It is much more likely some other criminal was the one. If you want logic, it is most likely the spammer who wrote that virus saw a wonderful opportunity to strike 2 targets at once, as Bruce Perens pointed out, criminals hate linux just as much as microsoft and sco, for their effort to kill off their moneymaking spam schemes and credit-card/account theft (spamassassin. there is no pendant to it for microsoft). So what better thing than shoot your enemy, and have another enemy blamed for it? To those pointing out the double standard of slashdot when it comes to attacking microsoft/linux: The enourmous amount of deliberate lies and distortion of facts spreaded by MS along all those years makes it very easy to go down to their level and strike back. Its like someone insulting you repeatedly, and at some point, you just cant hold it back and you curse back. I think that is only human. Of course everyone in the linux community should behave better, but, we use water for cooking too, and although i think most linux users aspire to make the world a better place, we are just as imperfect as Bill Gates.

Re:They got it wrong

[horza]

No, you obviously don't, because if that's all you believed you'd release your code under the BSD licence, or simply into the public domain - both of which would do just as good a job at it.

The point of releasing under the GPL is to require other people using GPLed code as a base to develop and distribute their own work to also GPL *their* code. It has nothing whatsoever to do with "preserving the freedom" of *your* code.

Both of you are correct imho. The GPL is not there to make code free, it's there to protect the intellectual property of the author. It prevents code from being stolen from the author and used commercially without compensating its author.

The original poster was correct in that GPL advocates don't want to make software free, ie force everyone to relinquish their code to the GPL, they use the GPL to make sure their code will always be free to all to use under the condition they are happy with (take it but in return I want you to share your modifications so we all benefit).

drsmithy has a point that the original poster fell into the trap that the dubious BBC article laid in suggesting the GPL is simply only about code being free, which it's not.

Phillip.

Lumping Linux Users Under a Single Heading...

[severoon]

I got the impression from this article that the author (and, I am sad to say, along with most non-Linux users I know), see the open source movement as something that is some kind of splinter group, socialist--or at the very least anti-capitalist--experiment. If the author doesn't honestly think this way, then I can only rationalize such a slanted article by concluding he is pushing some kind of anti-Linux agenda.

As is the case with any group that has no appointed leadership handling PR, Linux users as a group have an image problem. I think we've been doing pretty well combatting this recently by engaging capitalism (and anyone that understands open source knows that it promotes competition without abolishing the idea of profiting on one's work) in a way that Joe Public can understand. IBM's alliance with Linux, for instance, is a great boon because it adds a bit of polished corporate panache. Whenever I speak to anyone about open source, I'm always careful to explain how the current system revolving around a single company (MS) that is constantly engaging in borderline anti-competitive practices is harmful. I'm always careful to make sure I clarify that this is not Microsoft's fault, though, and I think this is important because it's where the fiery Linux promoter often loses the public's ear.

Most times, ardent Linux users do little but spew venom MS's way. Besides causing the listening party to shut off, this is not quite fair because MS engages software simply as a business, and as such their first responsibility is to its employees, investors, and the largest base of customers they can satisfy--where these goals conflict with elegant software, the software suffers. This is the way the system is set up, and they're playing the game according to those rules.

I always find that once I explain that I don't hate MS, and that I'm a reasonable person, people are much more willing to listen to how open source is the next step in terms of evolving the software industry in a very capitalistic way that ultimately will benefit the end user.

People don't think about the overall business model that MS would have us follow: I write a piece of code that gets high market penetration, and because there are standards and interoperability issues, I never have to work again. I essentially have a monopoly over that platform, and I can effectively set prices within reason and live off the revenue stream continuously generated by that one single effort. This is great for the company who doesn't have to do anything beyond that initial product, but it sucks for customers, paying more and more money into a system for no new product (every time they buy a new machine, they need to buy the OS with it). Once I explain to people that open source is about paying people for the value they can provide on a continuing basis, as opposed to paying forever for a one-shot deal, people are much more amenable to the idea of open source and they begin to understand the ideas behind it.

sev

Condoning Criminals Risks Killing Linux

[reallocate]

>>
If you don't want viruses to spread, don't...

Viruses don't appear spontaneously. They are spread, not created, by bad security. Someone has to write them and release them That's where to aim your wrath. Otherwise, you're blaming a shooting victim for not wearing a protective vest.

All the BBC commentary (it isn't a news report) did was to make the rather obvious connection between a DoS attack on SCO and the more rabid zealots in the Linux community. This possibility occurred to everyone about 5 minutes after the story broke. Certainly, threats to DoS SCO are not uncommon here on /.

Association of Linux and viruses in the public eye will spell its end.

I registered my feelings on bbc's feedback page

[Turin]

The text of my letter:

I take issue with the broad association between the linux community and the childish and destructive internet worm myDoom made in the article by Stephen Evans titled "Linux cyber-battle turns nasty".

As a long time linux user and advocate I want to point out that while the worm writer may also turn out to be a linux zealot it is important to note that linux users in general condem the destructive impulse that causes someone to write a virus as much as the next person. What causes someone to become enamored with Linux and open source software in general is at it's core the constructive impulse to admire and improve on something that was built by many hands and works extrordinarily well.

It is true that we are almost all disgusted by the shameless and groundless way that SCO is attempting to profit from the sweat of thousands of volunteer programmers. If you look at what SCO is doing you will see that they are claiming as their own and attempting to charge for code that was written in the worlds most open and transparent development process by thousands of individual developers and users who added a bug report here and a line of code there. The community quite rightly has a collective feeling of ownership for the work that we have donated our time to assemble and are indignant to have an insignificant company attempt to steal from us.

We are offended -- but we don't feel the need to express ourselves through vandalism. I know that I speak for the vast majority when I say that I am confident that once SCO stops bluffing and stalling and finally lays down whatever cards they have it will all prove to be a huge farce. The only ones who will have suffered will be those who were taken in by the SCO's executives pathetic stock-pumping ploy and bought the overvalued stock of a failed tech company with nothing to it's name but a pack of ambitious lawyers.

Re:USE THE FEEDBACK FORM, LUKE!!

[I confirm I'm not a]

And mine:

"There seems little doubt that SCO was targeted - illegally and unacceptably, lest anyone be in any doubt - because it has enraged many people devoted to the Linux operating system."

There is so far *no evidence* to support your assertion. Until this has been properly investigated, your claim merely serves to spread "FUD" (Fear, Uncertainty and Doubt). There is, in fact, *considerable* doubt about whether the attack was launched by a Linux "devotee", not least because SCO took their servers offline prior to the scheduled attack (MyDoom.A). Microsoft (MyDoom.B) did not, and survived unscathed.

Please report facts, not opinions. This is particularly import post-Hutton, when people such as myself fear for the future of the BBC. If you spread FUD like this, you are effectively "crying wolf". Who will believe you when the next whistle-blower steps forward to reveal shady Government practices?

May I suggest you research http://www.groklaw.net prior to any further SCO/Linux stories? I have no relation with Groklaw, however it does seem to carry out adequate research prior to commenting on SCO/Linux.

Feedback onThis is the feedback I sent.

[paiute]

Great comments. Unfortunately, you made at least one error in punctuation and one error in spelling, just from my quick reading. I hate to be pedantic, but in this case and others it is worthwhile. Note to the community: When you write to the media, your audience is journalism/English majors who live in fear of the editor. They will pick out your stray incorrect use of its/it's and the occasional spelling/dyslexic typo, because those will stand out like beacons to them - like a clumsy line of code would stand out to you. So use spellcheck and reread what you have written carefully before hitting submit. In the end, your submission will carry more weight.

Re:USE THE FEEDBACK FORM, LUKE!!

[bonkedproducer]

Here's my little salvo I fired off this morning:

After reading the story "Linux cyber-battle turns nasty" by Stephen Evans today, I was shocked to see yet another respected media outlet so easily duped by reading the headlines, instead of investigating the facts of the story.

As you know the story regards the fastest spreading Internet worm in history, myDoom.a and its variants. A common misconception is that this virus's purpose is to create a distributed denial of service attack (DDoS)against SCO's web servers. While this is partially true, anyone who takes as much as 5 minutes to research the virus, will find that it is a mean, nasty wolf in less mean, less nasty wolf's clothing.

Let's do that little 5 minutes of research for you here Mr. Evans, since you couldn't be bothered to do so. First off, let's visit http://symantec.com. Symantec is the maker of Norton Anti-virus software, and my personal choice in anti-virus protection. I'll save you the clicking on the links and provide you with a direct link to my source here:

http://securityresponse.symantec.com/avcenter/venc /data/w32.mydoom.a@mm.html

Now, let's see exactly what the myDoom virus does. This will take the vast amount of research time and effort of reading three paragraphs and one short sentence before jumping to conclusions.

QUOTE FROM SYMANTEC:
W32.Mydoom.A@mm (also known as W32.Novarg.A) is a mass-mailing worm that arrives as an attachment with the file extension .bat, .cmd, .exe, .pif, .scr, or .zip.

When a computer is infected, the worm sets up a backdoor into the system by opening TCP ports 3127 through 3198, which can potentially allow an attacker to connect to the computer and use it as a proxy to gain access to its network resources.

In addition, the backdoor can download and execute arbitrary files.

There is a 25% chance that a computer infected by the worm will perform a Denial of Service (DoS) on February 1, 2004 starting at 16:09:18 UTC, which is also the same as 08:09:18 PST, based on the machine's local system date/time. If the worm does start the DoS attack, it will not mass mail itself. It also has a trigger date to stop spreading/DoS-attacking on February 12, 2004. While the worm will stop on February 12, 2004, the backdoor component will continue to function after this date. - END QUOTE

Ok, first off, let's see what the real purpose is here, since you seem convinced that the purpose is to attack SCO. One in four infected machines will participate in a DDoS attack on SCO, and those that are infected and set to participate, will in fact cease spreading the virus to other computers (probably in an attempt to appear uninfected as anti-virus programs are updated.) But, that means that 75% of the infected machines will have a whole different purpose to their infection. One, to spread as far and as fast as possible, and Two, to make the machine what is commonly called a "zombie box" for the worm writers true intentions down the road. Both the 75% that do not participate in the DDoS and the 25% that do will be in the same boat after February 12, 2004. They will cease spreading, and attacking, yet will remain active "zombie boxes" for other uses.

Ok, let's give you some background, since obviously you don't, like me, deal with computer security and worms/viruses on a daily basis. The vast majority of computer worms in the past year or so have had the primary purpose not of destroying data, not of being destructive, but in spreading and creating a vast network of "zombie boxes" for the purpose of launching more and more unsolicited commercial e-mail, commonly known as SPAM. For an example, look at the rapidly spreading sobig and its variants.
Ref: http://zdnet.com.com/2100-1105-1020963.html?tag=nl

Something these worms/viruses have had in common is the fact that they

My feedback to the BBC:

[Sanity]

This article's entire premise is that advocates of the Linux operating system are responsible for the MyDoom virus. This allegation, which throughout most of the article is treated as fact, is totally unsubstantiated, on the contrary, it is contradicted by the available evidence.

It is now widely believed among the computer security community that this virus is the work of Russian "spammers" who use this virus to take over people's computers and use them as "spam relays".

The ploy to attack the SCO website was almost certainly an attempt to distract attention from the true purpose of this virus, a ploy your journalist enthusiastically fell for.

Even if this virus was the act of a Linux advocate, their misbehavior should not be used to tarnish an entire community, most of whom deplore the activities of virus writers and spammers. If I recall correctly, one of your presenters, Robert Kilroy, was recently suspended and later resigned from the BBC after making a similar generalization about the Muslim community based on the actions of a few Muslims.

Stephen Evans owes the Open Source community an apology.

Re:This is the feedback I sent.

[uradu]

And I find it pathetic that someone using words like "virii" and "postulates" insists on alternative spellings such as "apparantly" or "proproted" or "demonstratable". Your points are all very good, yet you're severely blunting them with your ignorant spelling. Remember, you're addressing the BBC, to whom BOTH content AND presentation matter equally, not some two-bit internet forum where members try to one-up each other in reforming English spelling. In fact, one could argue that to a stiff-upper-lip British institution like the BBC presentation matters almost more than content. You're merely confirming their stereotypes of and contempt for the geek community.

My feedback to the Beeb

[KMSelf]

Stephen Evans's February 5 filing -- I can't tell if it's intended to be commentary, news, or an original submission to the Beeb's hitherto unknown short-story section -- makes wholly unwarranted and unsubstantiated accusations against the free software and GNU/Linux communities.

Evans's smear is in the same light as tarring all African-Americans on account of the crimes of one, all Muslims on account of the terrorsism of a few, or all Brits on account of their cooking.

It's certainly true that a large element of schadenfreude comes into play when "The SCO Group", a/k/a Caldera Linux Systems, one of the first distributors of a commercial GNU/Linux system, on its last legs as a $10m and falling company, claims $50 thousand million dollars in damages on the basis of a $4 million purchase and an avalanche of contradictory statements and outright lies. Certainly Microsoft, whose software defects have severeley compromised global Internet operations four times in the past year, and remains an illegal, but unpunished, monopoly (with, I'll note, ongoing EC investigations of Microsoft's European activities), is unpopular to many.

Moreover: there's no indication that the MyDoom worm wasn't commissioned by parties with an interest in making either the Utah or Washington state dens of theives appear to be aggreived parties. This certainly wouldn't be the first time an alleged "attack" has appeared at a very opportune time for Caldera/SCO, nor that same has failed to take well-known, accessible steps to avert the potential adverse effects of a known-in-advance distributed denial of service attack, rather than cueing the violins for a heartbreak tearjerk moment.

The BBC owes the GNU/Linux and free software communities an apology, its readers, listeners, and viewers truthful rather than fabricated reporting, and Mr. Evans a severe dressing down.

Karsten M. Self
Maintainer, SCO vs IBM TWiki: http://sco.iwethey.org/ [iwethey.org]

The real issue here

[saforrest]

Look, all flaming aside, it's at least plausible that a Linux user wrote MyDoom. They, perhaps more than anyone else, had motive.

If anything offends me in the article, it's not that. It's the premise contained in these lines:

If anyone's anger has no measure, it is the wrath of internet zealots who believe that code should be free to all (open source).

So, Linux users are zealots, merely for believing that code which was the collaborative work of hundreds of thousands of individuals should not be repossessed by a private corporation which has little historical association with it?

Free software is an ideology, yes. But I don't think a free-software or open-source advocate becomes a 'zealot' until they begin making sweeping generalizations like "commerical software is evil" or "all software should be free". In the SCO case, Linux users are simply defending the status quo, and existing copyright law.

Re:USE THE FEEDBACK FORM, LUKE!!

[weierstrass]

2. The virus has generally been traced to russian SPAM gangs.

Just because they're SPAM gangs, doesn't mean they're not dedicated Linux users.

My "Feedback" to this article

[Theovon]

I would like to respond to your article entitled "Linux cyber-battle turns nasty".

I think the best way to describe that article is "unethical journalism", in part since it has already been determined that the primary goal of the worm is to turn Windows PCs into email gateways for spammers. Analysis of the coding style of the worm suggests that it was written by a professional, not some hacker with a grudge.

But my greatest complaint is that "people who like interoperable standards" are being termed as "internet zealots". Linux users are people who want to get work done. This is an ethic that many of us have: working and being productive. Linux and open source software are major enablers because they are based on open standards which maximise interoperability. And we can do all of this without having our data (that we have worked hard to produce) locked up in proprietary formats that we can't decode.

Now, it is theoretically possible that there are some jerks who use Linux and who might also stoop to tactics as unethical as those used by SCO. But the vast majority of Linux users want to fight SCO in COURT using FACTS.

As I alluded to above, the author of the worm you refer to was clearly not written by a "linux zealot". No hard-core linux zealot would stoop to the level of actually writing software for Windows in order to attack SCO. The coding style of the worm suggests that the author knows a lot more about Windows programming than would be known by the sort of person the article characterizes as an "internet zealot" who uses Linux. Such a person would eschew Windows in all forms. This is a major flaw in the logic of the article and demonstrates ignorance of what this sort of zealotry implies. If one is that much of a zealot then certain things come with the territory. No such person would want to invest the incredible amount of time necessary to learn Windows programming that well just for the sole purpose of writing a VIRUS. That makes no sense.

It is likely that whoever wrote this virus designed it to attack sco.com with the express purpose of making the Linux community look bad in the light of recent events. The executives of SCO probably tracked down someone who was already writing viruses for spammers and paid him a lot of money to add the denial-of-service attack against sco.com. This kind of underhanded tactic has been typical of SCO since the beginning of their campaign against Linux. Lies and deception are their bread and butter.

I think the best attack against SCO is to go on with our lives and continue to be productive, adding value for software users and advancing science.

Re:Why I'm not surprised...

[Christianfreak]

I'll bite the troll

Spare us the Stallman rant please. All computing is built off the work of others and there is plenty of stuff from Linux that comes from BSD or other places.

I use X Windows, it didn't come from GNU. My OS would be a bit incomplete (as a desktop system) without a desktop.

My Window Manager is Blackbox. Stallman didn't write that so I guess i have to give those authors credit as well.

My browser is Mozilla. My OS would be a bit incomplete without a browser as well.

So now by all rights I should call it
Mozilla/Blackbox/XFree/MIT(X11)/GNU/Linux

And that doesn't even get started on the countless other applications that are used or have been contributed.

I'll stick with 'Linux' thanks very much. Stallman's accomplishments would probably be better recognized if he wasn't so quick to try to make sure he's credited with them.

My response to the BBC (short and to the point)

[Anonymous Coward]

In response to:
"Linux cyber-battle turns nasty By Stephen Evans"

This article contains at its core a massive factual error. The origins, author, and intent of the MyDoom virus have yet to be discovered by any law enforcement agency or journalist. This article presents speculation on these points as fact. Blaming this worm on millions of Linux users is like blaming global warming on the BBC. It makes no sense at all. Anyone making this claim without proof should be fired.

My reply to the BBC

[emtboy9]

Like so many others, I too replied to the BBC article that has riled us "internet zealots" up. I wont post that letter here... too many others have so far, and mine would simply be a rehash of things that we have all thought or written at this point...

What I DO want to point out tho, is that that one point I made in my letter was the irony of Evans' story calling the OSS community a bunch of "run-of-the-mill geeks" and "internet zealouts" out for vengeance while that same story is hosted on servers running almost exclusively Linux and Apache.

Heres the netcraft report on news.bbc.co.uk:
http://uptime.netcraft.com/up/graph/?host=news.bbc .co.uk [netcraft.com]

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:mod parent up (informative)

[RagManX]

Outright attacks on the author are likely to be discarded rather than read and considered. For a feedback message to have any value, it needs to be well written and question the facts or claims of the article, not insinuate lack of skills by the author (no matter how likely the insinuation seems). Furthermore, signing as a "Reporter" for another magazine seems questionable, given the apparent lack of thought in your feedback. Please, if you can't write in a way that helps stop anti-Linux FUD, don't respond at all.

RagManX

Re:The page has changed.

[Abcd1234]

Uh, if they say something that's wrong on an immutable medium like the internet, why shouldn't they change it?

Because then they don't have to take responsibility for poor reporting. The correct way to handle this is to 1) post a retraction, 2) correct the article, and 3) indicate, at the end of the article, a list of changes/corrections made since it's initial publication. Without these things in place, it's all too easy for a news organization to simply hide things when they screw up, which, I think we can agree, is a very bad thing (especially in a publically owned organization).

silly trick

[Tenfish]

When I was in grade school I left a note on the teacher's desk that said "Randy is dumb, from Bill". The teacher was so stupid that Bill got paddled for it. (I'm not Bill).

This writer is as stupid as that teacher was. Believing the obvious is easy. Thinking is the hard part.

Re:Pretty hilarious...

[Alan Cox]

Bill Thompson

a) Posts mostly opinion pieces that are visibly so
b) Quotes both sides in arguments and often does so when he obviously agrees with one of them personally in opinion pieces

I'm also sure Redmond raise complaints with the BBC if they feel his articles are inappropriate

Re:This is the feedback I sent.

[hesiod]

Since everyone keeps telling them the same things over & over, I went with a slightly different approach:

I am sure you have received too many emails to count regarding the glaring inaccuracies in the piece "Linux cyber-battle turns nasty," so I will refrain from restating what you already know. The difference is that I realized that Stephen Evans' article is, in fact, an editorial/opinion piece. In the future, it might be a good idea to label opinion pieces as such. I believe that this would reduce the knee-jerk criticisms you get, although it would be ignorant of me to suggest that this would remove them altogether.

Usually, I enjoy reading BBC news and find it to be extremely credible and interesting, but this oversight has left me slightly "peeved." Thank you for your time and all the hard work you do.

Wrong

[spitzak]

It "relies" on the fact that Outlook can be fooled into hiding the extensions on files. The arrived document is disguised to not be an .exe.

I agree that a lot of this is social engineering, and lots of people clicked on it in other email readers or in Outlook with the extensions showing. However the virus purposely included code specifically designed to use a misfeature in Outlook if it could, so saying no Microsoft vulnerability is involved is false. I guess it does not "rely" on the vulnerability, but Microsoft is not blameless here.

Re:Pretty hilarious...

[WIAKywbfatw]

If that were true then I'd expect to hear the BBC refer to Palestinean suicide bombers as martyrs and their victims as infidels, neither of which is the case.

The BBC position is to cover the situation as a whole. Yes, they highlight the suffering caused to innocents by Israeli incursions into Gaza and the West Bank as well as the atrocities on both sides.

But if you think that showing the futility that is life for the average Palestinean is something that the BBC should apologise for then that's quite sad. Perhaps you'd rather they stuck to reporting on cats stuck up trees rather than reporting on human plight in general?

So shall we just forget about the former Yugoslavia? Or Rwanda? Or Zimbabwe? Or Congo? Or Afghanistan? Or Iraq? Yeah, lets just pretend bad things don't happen.

My Feedback

[Lochin Rabbar]

When I got home from work I sent the BBC the following complaint:

At a time when the is reeling from the aftermath of the Hutton report, and needs to demonstrate its journalistic and editorial integrity how does one of the most scurrilous and dishonest reports I have ever had the misfortune to read come to be published on the BBC's website. I refer to Stephen Evans's piece entitled "Linux cyber-battle turns nasty". This one sided and nasty piece of polemic is a far cry from the type of objective comment that should be expected from a BBC correspondent.

Firstly I would object to the way that Mr. Stephens denigrates and stereotypes computer programmers. In his third paragraph he states:

"Deep in the darkness of the psyche, vandals and arsonists no doubt have their reasons - and so, presumably, do the run-of-the-mill geeks who wreak damage on the unsuspecting computer user."

The run of the mill geek is the person who writes the software and maintains the systems upon which computer user depends. It is the run of the mill geek who has to clear up the mess created by the individuals who write and propagate trojans such as MyDoom. If Mr. Evans had the gumption to research his piece he would have known this, all he would have had to do is talk to a few of the technical support staff at the BBC. He would have found that the average geek detests such behaviour, and is heartily sick of dealing with the mess created by it.

While it is true that the creators of such malicious code are geeks is does not follow that the run of the mill geek creates such destruction. Vandals and arsonists are members of the public but they are hardly representative of the average member of the public. Mr. Evans is a journalist but I would hope and expect that the run of the mill journalist shows more integrity than Mr. Evans.

The article goes on to claim that the motive for 'seems clear', I wish that I had Mr. Evans powers of divination. It is certainly possible that MyDoom was created by a misguided proponent of the Free Software movement, but there are two other equally plausible theories. MyDoom also carries a payload that allows it to be used by spammers to use infected machines as gateways for unsolicited bulk email, and has been linked to Russian spammers. It also neatly coincides with SCO's Darl McBride's agenda of demonising the creators and advocates of fee software as a criminal and 'unamerican' threat to the right to profit. An agenda which lazy and biased reports like that Mr. Evans parrot.

Until those responsible for MyDoom are caught their motives can only remain a matter for speculation, and any objective reporter should not favour any one plausible theory over another.

The article goes on to portray open source advocates as zealots and extremists, Mr. Evans is entitled to this viewpoint, but he should not allow it to colour his reporting. Nor should he allow it to stand in the way of his reporting of facts the contempt for SCO is not because of it being a 'big bad company' it is because SCO has demanded money from other companies, and individuals, for property it claims without providing any evidence to back up these claims. It appears to many that SCO's actions amount to little more than an attempt at extortion. There is already a court order in Germany prohibiting SCO from making such demands until such time that they can prove ownership of the code in question.

Mr. Evans finishes his article by raising the specter of individuals blackmailing companies through denial of service attacks. Such blackmail is already part of the internet experience for millions of ordinary computer users. They are subjected to a barrage of pop-ad's for software to block these self same pop-ups (http://news.com.com/2100-1023-975298.html?tag=prn tfr). Unfortunately because these attacks are made by companies on individuals the legal authorities seem to be blind to the criminality of such behaviour. The problem of internet blackmail is a real one and it precede

Re:mod parent up (informative)

[Charlotte]

Several of the experts interviewed at the time said that the weapons had already been found by the previous weapons inspections after Bush War 1 (or is that Bush I War?). They found some new installations in the second rounds of inspections but nothing really major.

Some of the WMD inspectors even quit over this stuff. Perhaps your media neglected to mention these facts, ours did (Belgium).

No one with an ounce of sense actually believed at the time that this information was true. I didn't, no one I spoke to at the time thought there was any merit here.

Perhaps...

[Sargerion]

While some of you had interesting things to say, most of the people who have posted on this thread are simply taking this too seriously. Perhaps Mr. Evens was a bit harsh in his remarks, but after I read the BBC's responce to your emails (of which there were like 70 million, all with the same responce - c'mon guys, do you think they really give a crap?) it seemed to me that they made a valid point. That article was intended for BBC News Business readers, not Slashdot readers, and perhaps this requires a bit of empathy on all our parts. As for those who found it to their liking to ramble on about "how bad journalism has gotten," yes, it has gotten bad, but I must say that the BBC is my most respected large-scale (vs. like CNN or NBC, you know) news source, and they always prove to have a relativly unbiased view on things, and do one hell of a better job at reporting "the news" than any American program/website/whatever has done for about the last 15 years. Be kind, rewind, and make yourself a sandwich. No big deal here if you ask me, which no one did.

Re:They got it wrong

[Znork]

"Which is, uh, basically what I just said. If someone wants to build and distribute a product using GPL code, they also have to GPL their work."

No they dont. They can license their code under a BSD type license or release it as public domain. Only the combined work needs to be distributable under the terms of the GPL, which means the license has to be compatible with the GPL (but not _the_ GPL), to allow distribution of the GPL code itself.

You claimed that the GPL was not meant to make the code stay free, saying people could just as well release it under BSD in that case. The point I'm trying to make is that no, the BSD license is not good enough to protect the freedom of my code.

If someone recieves code that was under BSD license but has been proprietarized, they cannot change that proprietary code. Even if what they wish to change or adjust in the program is part of the BSD portion of the code they cannot change the product they have recieved. The BSD portion of the code is no longer free in that derivative, even if it was in the original. And even if the original remains free, that does not do the recepient of my (proprietarized) code any good, as he still will not be allowed to change my code in the proprietary product.

The GPL preserves the freedom of _my_ code. Any recepient of my code, by any distributor, in any derivative, will be able to change my code.

If you wish to combine my code with your code and license your code under a compatible license, that's ok. I'm only concerned that users should be able to modify _my_ code when they recieve it. If someone wants to release a proprietary version they're free to use your part of the code (which they can separate from mine) if they're allowed by you, as long as they dont distribute my part.

Do you get what I mean?

Ignorant Media

[Anonymous Coward]

I read that news yesterday.
And came to one conclusion.
I will never believe the media - because they tell us what they want us to see.
They change our perceptions.
Might be something so obvious to state, but I never actually felt it after reading such a unfair article as the MyDoom/Linux one.
I was then browsing the site to see if there was an email or something for me to complain.
EVERY time the media talk about Linux (BBC specially) - they talk in a negative tone. Funny though since BBC uses Linux servers throughout.

Wakeup Call

[knautilus316]

Come on, people. If you honestly believe that MyDoom was not written by a disgruntled Linux user, then you are stupid. There have been numerous DDOS attacks against SCO's web site over the last six months...is anyone out there *REALLY* questioning who would hate SCO enough to do such a thing?

Wake up and smell what you're shoveling people. Just because you yourself wouldn't do it does not mean there are not members of our clique who would.

~Knautilus