Wired Slammed For Publishing Slammer Code
Sourse: www.informationweek.com
By George V. Hulme
Date: June 10, 2003
Some security experts say the magazine is giving hackers an assist by publishing the source code for the Internet worm.
Some security experts are criticizing the decision by Wired magazine to publish the complete source code to the SQL Slammer worm in its July issue, which hits newsstands Tuesday, saying it amounts to an algorithm on how to wreak havoc on IT systems worldwide.
The Slammer worm struck the Internet on Jan. 25, infected about 75,000 systems in about 10 minutes, and, according to several researchers, cost an estimated $1 billion in damage and clean-up costs. It was the fastest-spreading worm in Internet history and struck unpatched Microsoft SQL Servers or systems running Microsoft SQL Server Desktop Engine 2000.
Wired didn't immediately return a request to comment.
The magazine's decision to publish the Slammer code isn't the first event to spawn controversy in recent weeks. Last month the University of Calgary announced its plan to teach a malware course next fall that will include having students write their own viruses. Malware is malicious software that's designed specifically to damage or disrupt a system.
Alongside the Slammer source code, the article details how five blocks of code enable the worm to infect at-risk applications, choose the next app to infect, and then move itself onto the next victim. Security experts aren't sure whether the story brings more awareness or potentially increases the pool of probable worm writers.
"There are lots of ways for people to get this Slammer source code, but to add to it and say that it won't do harm is silly. It's to say a single vote doesn't matter in an election," says Pete Lindstrom, research director at Spire Security. "And in order to rid ourselves of this problem, it doesn't help to publish the code and make it accessible to people."
Original article: http://www.informationweek.com/story/showArticle.jhtml?articleID=10300664
^macro[showdigestcomments;^uri[];Wired Slammed For Publishing Slammer Code]