lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: khermansen at ht-technology.com (Kristian Hermansen)
Subject: DCOM/RPC story (Analogy)

Message<<< guess this will make worm writers a little more scared and they will start to watch their steps a little more carefully now and not have the damn drones contact their own website which is registered to their name.

-SF >>>

The thing is, this kid shouldn't be taking the blame for ALL infections.  And like I stated in my previous post as predicted...John Q. Public thinks that the FBI caught the original virus writer, which all of us smart techie people (not me included) know is absolutely false.  The prosecution may only be charging him with 7000 infections, but the general public (whom don't know what the hell even javascript is) are now mistakenly (due to their own stupidity and the need to create conversation at the "water cooler") accusing him of ALL infections.  Remember this one thing boys and girls: The general public are a bunch of cattle and corporations/mass media/governments are going to move them in any way they want for their own interests, without any questions being asked.  The cattle don't know their purpose in the first place, and as long as you don't really whip them very hard, they will keep on moving in the direction you are leading them.  They have successfully herded the cattle....

Kris Hermansen

  ----- Original Message ----- 
  From: Steven Fruchter 
  To: full-disclosure@...ts.netsys.com 
  Sent: Sunday, August 31, 2003 3:19 PM
  Subject: RE: [Full-Disclosure] DCOM/RPC story (Analogy)


  That is completely moronic to act as if he did not do anything but just hex edit the code and change the name for example on the .exe .  He also like a moron had the infected drones contact his website (which he is registered to) so that he can see who has been infected to control them.  This means that he had more than just wanting to change the name of an .exe for example, it shows his intent.  Yes you are right about the 7,000 being exploited anyways, and yes this kid definitely should not get such harsh treatment, but the sad fact is, he probably will get all of punishment from what someone else did, he is just a lame kid who should not of took someone else's code to try and be cool first of all, and now he is paying the price for trying to be cool.  I have had some many people come up to me and tell me they caught the guy that released the blaster worm and than I have to yell at them and say, "NO they didn't!  They just caught some kid who made a lame variant using the original worm."  Regardless of what he did or didn't do, he will probably get the blame of the entire thing, guess this will make worm writers a little more scared and they will start to watch their steps a little more carefully now and not have the damn drones contact their own website which is registered to their name.

  -SF
    -----Original Message-----
    From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Kristian Hermansen
    Sent: Sunday, August 31, 2003 10:53 AM
    To: full-disclosure@...ts.netsys.com
    Subject: [Full-Disclosure] DCOM/RPC story (Analogy)


    I also agree with you.  The kid is guilty of nothing more than "Unethical use of a hex editor".  And here's my MAIN FUCKING POINT SO LISTEN UP ALL OF YOU:


    THE 7000 COMPUTERS THAT HE SUPPOSEDLY INFECTED WOULD HAVE BEEN INFECTED BY THE "ORIGINAL" WORM HAD THEY NOT BEEN COMPROMISED BY HIS VARIANT FIRST.  SO WHAT'S THE FUCKING CRIME?  READ BELOW...


    The analogy is this:  A scientist drops a monkey infected with the Ebola virus into a large tank containing 20,000 other monkeys.  Some monkeys have been given a shot to protect them from infection, so as the virus spreads they do not become a carrier.  The outbreak starts at the far west end of the container and is working its way to the east side, infecting every monkey exponentially as they all pass it on to their neighbors.  One of the smarter monkeys gets infected and realizes what is happening.  For some strange reason this monkey knows that drinking a certain liquid (on the floor of the container) will slightly alter the properties of the virus he has become infected with immediately.  He stirs up the other end of the container by hurling a pile of his own feces.  Now, the outbreak has not reached that end of the tank yet (but most definitely will in time) and the outbreak is now spreading from the west and east ends toward the center.  After the outbreak has reached its infection maximum and looking at all of the dead monkeys on the tank floor, the uninfected monkeys start asking questions as to what the hell happened to their brothers and sisters.  Weeks go by and no one has an answer.  Finally, one monkey overhears a conversation about how one guy threw his shit all the way across the tank.  That's the guy we need to punish they concluded.  They apprehend the monkey on his death bed for throwing his own shit and causing the outbreak at the east end of the tank, which supposedly killed 7000 monkeys.  They continued looking for the original infectioner, but the scientist was never discovered.  Some of the monkeys started to blame God for allowing this infection to be possible.  "Why the hell does God want to torture us?  We are but mere mortals!", exclaimed one monkey.  "God works in funny ways...", sighed another monkey.


    Kris Hermansen
    ceo@...technology.com


    On Sat, Aug 30, 2003 at 10:39:53AM -1000, Jason Coombs wrote:

    > if he made the modifications and gave the modified worm to other people but
    > didn't cause it to infect anyone else's computers, then what crime is he
    > guilty of exactly? criminal misuse of a hex editor?

    it could certainly be argued that the "damage" caused by this copy of the
    program is no greater than it would have been if his home computer had 
    simply been infected and passed it on in the usual way. in fact, maybe
    he is even the pioneer of a new art form where people, out of respect for
    the rights of the autonmous agent, refuse to remove these programs from their
    computers and use hex editors to tattoo their message onto the worms' backs.
    i can see web sites with worm poetry -- the random juxtaposition of 
    sentences that trace a particular worm geneaology as it passes across the
    mesh, perhaps even paper-bound volumes.

    other than neglecting to install a program with a genocidal attitude
    towards certain processes, what exactly did this guy do wrong?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030831/a4d05597/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ