| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: khermansen at ht-technology.com (Kristian Hermansen) Subject: DCOM/RPC story (Analogy) I also agree with you. The kid is guilty of nothing more than "Unethical use of a hex editor". And here's my MAIN FUCKING POINT SO LISTEN UP ALL OF YOU: THE 7000 COMPUTERS THAT HE SUPPOSEDLY INFECTED WOULD HAVE BEEN INFECTED BY THE "ORIGINAL" WORM HAD THEY NOT BEEN COMPROMISED BY HIS VARIANT FIRST. SO WHAT'S THE FUCKING CRIME? READ BELOW... The analogy is this: A scientist drops a monkey infected with the Ebola virus into a large tank containing 20,000 other monkeys. Some monkeys have been given a shot to protect them from infection, so as the virus spreads they do not become a carrier. The outbreak starts at the far west end of the container and is working its way to the east side, infecting every monkey exponentially as they all pass it on to their neighbors. One of the smarter monkeys gets infected and realizes what is happening. For some strange reason this monkey knows that drinking a certain liquid (on the floor of the container) will slightly alter the properties of the virus he has become infected with immediately. He stirs up the other end of the container by hurling a pile of his own feces. Now, the outbreak has not reached that end of the tank yet (but most definitely will in time) and the outbreak is now spreading from the west and east ends toward the center. After the outbreak has reached its infection maximum and looking at all of the dead monkeys on the tank floor, the uninfected monkeys start asking questions as to what the hell happened to their brothers and sisters. Weeks go by and no one has an answer. Finally, one monkey overhears a conversation about how one guy threw his shit all the way across the tank. That's the guy we need to punish they concluded. They apprehend the monkey on his death bed for throwing his own shit and causing the outbreak at the east end of the tank, which supposedly killed 7000 monkeys. They continued looking for the original infectioner, but the scientist was never discovered. Some of the monkeys started to blame God for allowing this infection to be possible. "Why the hell does God want to torture us? We are but mere mortals!", exclaimed one monkey. "God works in funny ways...", sighed another monkey. Kris Hermansen ceo@...technology.com On Sat, Aug 30, 2003 at 10:39:53AM -1000, Jason Coombs wrote: > if he made the modifications and gave the modified worm to other people but > didn't cause it to infect anyone else's computers, then what crime is he > guilty of exactly? criminal misuse of a hex editor? it could certainly be argued that the "damage" caused by this copy of the program is no greater than it would have been if his home computer had simply been infected and passed it on in the usual way. in fact, maybe he is even the pioneer of a new art form where people, out of respect for the rights of the autonmous agent, refuse to remove these programs from their computers and use hex editors to tattoo their message onto the worms' backs. i can see web sites with worm poetry -- the random juxtaposition of sentences that trace a particular worm geneaology as it passes across the mesh, perhaps even paper-bound volumes. other than neglecting to install a program with a genocidal attitude towards certain processes, what exactly did this guy do wrong? -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030831/c0f8755c/attachment.html
Powered by blists - more mailing lists