It is hard to justify leniency for someone whose actions have inconvenienced tens of thousands of people around the world, but that is what is needed in the case of Jeffrey Parson. Parson, who went by the name of T33kid (Teekid, to anyone not fluent in the l33t hax0r dialect that Parson favoured), was arrested on Friday for releasing the Blaster.B worm, which prosecutors say infected 7,000 computers. But the possible 10-year prison sentence, US$250,000 fine and certain internet ban that Parson faces does nothing more than satisfy political demands for retribution while the real author goes free. New viruses or variants are reported every day, and few of their creators are caught. Each infection should serve as a wake-up call to computer users to start taking protection seriously. But it's a call that millions of people continue to ignore. Jailing Parson will simply be a case of shooting the messenger. A brief search online shows Parson is a rather sad individual, unable to commit to any project for longer than it takes to dream up. He tried to start a security site and abandoned it; announced it would be relaunched as a forum, but did not follow through; tried to write an MP3 player and gave up; and as a virus writer, nobody seems to have seen the Kazaa worm he boasted of having written. In short, as a hacker, Parson was a failure. It is only natural that his one moment of infamy should have come on someone else's coattails. Rebellion is a natural urge for most teenagers as they break away from parental control and try to establish their own identity. Being inexperienced at doing anything alone, most will look to peer groups for their recognition, which is probably what T33kid and many thousands like him were doing. Parson, by all accounts, is a discontented teenager, described by people who know him as a likeable loner. Some kids in his situation take guns to school, some paint on walls, he posed as a hacker. It is unfair to blame this sorry, friendless teenager for the spread of a worm that he could never have written in the first place. But it is clear from statements by United States Attorney General John Ashcroft on Friday that the government intends to make an example of this 'cyberhacker'. As they do with every evil hacker, the authorities and the media inflated the threat posed by Parson. Several reports mentioned the top five viruses listed on his website, though none thought to explain that the list was a syndicated advert from anti-virus firm Trend Micro. Most failed to point out that Blaster's real damage had already been done - infecting up to 500,000 computers - by the time Parson's variant was released, or that any child with a text editor could have done the same. As the authors of Sobig and Blaster have shown, creating and disseminating an effective infection takes skill and cunning. Where their authors could program, Parson was a beginner. Where they were creative, Parson copied. Where they went to great lengths to hide their identities, Parson actually put his name and address in the code. And the FBI seems no closer to identifying the true author than they ever will be. There are few virus authors in the world, but there are thousands of teenagers like Parson who will edit and rerelease someone else's code just for the fun of it. If the authorities cannot catch the real villains in the internet's underworld, they should change their approach. A few token heads on the trophy boards will do nothing to stop the virus problem. Instead, they should educate the public and compel companies to behave more responsibly. Holding joint press conferences with Microsoft is not a solution. Many groups can be blamed for this seemingly endless plague. But as in previous cases, users remain the prime culprits. Anti-virus software is not expensive, and while Microsoft should be criticised for releasing software that contains so many security holes, people willingly ignore well-publicised advice. Microsoft had alerted users of Windows XP and 2000 to install a security update. Most anti-virus software does likewise. You ignore those warnings at your own peril. If you connect a computer to the internet, but ignore the warnings, you have no one to blame but yourself when you suffer an infection. Ultimately, the responsibility for the spread of viruses lies not with Microsoft alone, neither should it be blamed on teenagers modifying others' malicious code. The responsibility lies with the user. If you cannot afford anti-virus software, do not use Windows. If you cannot be bothered to keep your software updated, then Microsoft has some advice at www.microsoft.com/ security/incident/blast.asp: 'Locate the telephone cable that runs from your external DSL or cable modem, and unplug that cable.' 'Microsoft has some advice ... locate the telephone cable that runs from your external DSL or cable modem, and unplug that cable'
