It's as if Purina was recruiting canine-killer Michael Vick to pedal Puppy Chow.
According to Chinese press reports, Li Jun, freshly sentenced to four years behind bars for his lead role in unleashing the "Panda" virus, has received nearly a dozen job offers - including one paying more than $130,000 from a company that his creation victimized. And get this: The company wants Li to be its technology director.
As might be expected, this outpouring of admiration for Li's skill set - and confidence in his just-staring rehabilitation - is causing head-scratching among the more sober members of the IT security community. From ShanghaiDaily.com:
Jushu Technology Co, which is based in Hangzhou City, Zhejiang Province, said it would like to hire Li Jun, the author of the worm.whboy, or "panda burning joss sticks," to be its technology director as "the company can offer a good platform to show his talents," the Hubei-based Changjiang Times reported today.
Li, a 25-year-old Wuhan native, received the sentence for writing and profiting from the panda worm that infected over a million computers countrywide and caused huge losses, a court in Hubei Province announced yesterday.
What might possess a company to turn to such a "talent" in light of the fellow's record?
Company general manager Dong Zhenguo told the newspaper that the company fell prey to the worm and he personally hates what Li has done.
However, he later learned from media reports that Li, who created the virus over discontent at his failure to land a job, may not be a bad guy and "just went astray," the report said.
And Vick was simply a victim of his cultural upbringing; go ask Whoopi.
There are security experts who recognize the danger of rewarding criminal "accomplishments" of this nature.
"It's important that the IT community does not send out a message that writing viruses or worms is cool, or a fast track into employment," said Graham Cluley, senior technology consultant for Sophos. "Li Jun broke the law and infected innocent people's computers and websites, causing financial damage. To reward his criminal act, infamy and bad behavior with a job offer in the IT industry seems frankly perverse."
To his credit - and I'm using the term as loosely as possible - Li did apologize for what he did and attempted, albeit without much success, to help undo some of the damage by writing a removal tool. A Symantec researcher explained back in March: "This removal tool is not effective against most of the samples we have tested against and isn't fully effective against any of them," wrote Symantec researcher Hon Lau, in a blog posting. "For Li, perhaps he may have learned the hard way that... it is much easier to write a program to cause destruction than it is to repair the damage."
Cluley from Sophos went even further on the removal attempt:
"You would have had to have been crazy to rely upon a tool written by the worm's author to clean-up an infection he created in the first place. Virus writers have proven themselves to be untrustworthy and having a weak sense of morals - otherwise they wouldn't release their malware in the first place."
And, unless you're looking for someone to flip burgers, you'd have to be even crazier to hire the guy who caused all of this trouble.
Welcome regulars and passersby. Here are a few more recent Buzzblog items. And, if you'd like to receive Buzzblog via e-mail newsletter, here's where to sign up.
A defense against Photoshop funny business.
Fresh off video spy scandal, Patriots owners invest in "media discovery."
How much does the computer store owe this PC buyer?
Ameritrade leak looks to have started in late '05, much earlier than reported.Fire, smoke, raw sewage, and, hey, do you smell gas? Yup, Verizon's here again.
The next 5 items that Google might buy from NASA.
'Hello, you have reached my iPhone.'
