lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: vordhosbn at gmail.com (vord)
Subject: Why is IRC still around?

ive never seen so many repetitive and knee-jerk reactions to one
[potentially baseless] post in all my years of watching FD [the
obvious exceptions being the OT political nonsense occurring here,
especially as of late] as witnessed during my reading of this thread.

but moving right along ... :D

my take is that Danny merely suggests burning the security candle at
both ends. it is complete nonsense to approve of ANYTHING simply
because it has some, or even a vast lot, of legitimate users/uses.
some things are just not worth defending or perpetuating, and perhaps
IRC is one of them? [this is his question].

and for the record, "they would move to another resource" is not a
coherent argument against his position [his question, rather]
concerning the elimination of a problem-child medium. perhaps the cost
to society via the spread piracy and virii [more importantly the
altter] isnt worth the measly gain IRC affords its legitimate users?
[well?]

it IS incoherent, however, to argue that IRC (1) is the kiddiots means
of choice for controlling his worms because it is the easiest or most
efficient way to do so, while also contending (2) that an IRC sunset
would not cause the immediate dissappearance of substansial
internet-wide problems. making it harder MAKES IT HARDER and must
therefore to some degree reduce the probability of abuse. therefore
the gain afforded to legitimate users by this medium should be
weighted against the direct affect its eradication would have on REAL
problems -- and, clearly, no one here is qualified to make this
judgement, else they would have offered such proof in immediate
response to the original post as opposed to blabbing incessantly about
incredibly obvious bullshit. the only potentially useful point anyone
has made [not that it wasnt obvious] concerns the difficulty in
removing the medium ... but this is irrelavent, of course, since it is
more likely that the security community would suggest [and perhaps
assist in the developement of] a replacement [most importantly] to the
larger IRC networks.

if shooting people is evil, OBVIOUSLY guns are flawed, but only
insofar as people are capable of abusing them, willing to abuse them,
and effective in their attempts at doing so. so to burn the candle at
both ends you have to fight the spread of trojans and virii by fixing
the holes they exploit and providing detection services, while also
continually analyzing and evolving the structure on which it all
rests. ie, the internet at its core... protocols, etc.

im sure the original ford model-T had plenty of legitimate users who
didnt drive drunk or generally cause mayhem ... i dont see it around
anymore though ... hmm, i wonder if that correlates directly to the
increased safety of automobiles ... hmm hmm, indeed. </sardonicism>

the issue is certainly not at all as cut and dry as most of you have
made it out to be.

--vord
#hackphreak/undernet
invulnerable to the accidents of people and books.

On Fri, 19 Nov 2004 22:08:33 -0000, Darren Wolfe
<darren@...cosmicgerbil.com> wrote:
> I have never replied to anything on this list (I read it to keep up to date
> on vulnerabilities, but im not really qualified to contribute anything) but
> this particular message has peaked my interest.
> 
> 1. Agreed, by using flaws in IE they then go on to subvert mirc into
> spamming people.
> 2. They do.
> 3. A tremendous amount :)
> 4. This is only because IRC provides the perfect medium in which to control
> those zombies (a single message from one person is immediately sent to
> everyone in the channel at the same time). If a better medium was available,
> they'd use that.
> 
> IRC is as close to a real time group conversation as you can get that
> doesn't used closed protocols.  It's fast, simple and used by an enormous
> number of people - particuarly those who play online games, and for open
> source projects (#gentoo on freenode regularly has over 900 people in it).
> 
> In answer to your final question - IRC is very useful for quick
> conversations in real time with groups of people. Sure there are other
> things - usenet, web based forums, email based mailing lists, IM networks
> etc but none have that group feeling as much as IRC.
> 
> It's problem is twofold - firstly, mirc (the most popular client) has a
> number of flaws that make it easy to steal peoples "auth passwords". But
> these are not automated! The user must be tricked into typing some commands
> to set the exploit in motion.
> This is also the second problem - a link may be mentioned in a channel and
> people will click on it - from there, if your browser is vulnerable, you can
> be hit by any number of trojans.  There was a winamp trojan going about a
> few months ago (which I reported and is now fixed - go me :D ) which
> involved clicking a link in irc that opened winamp through a file
> association that exploited a security flaw that installed a script for mirc
> that spammed the same link to everyone in the channel.
> 
> Like any other medium, it is a combination of a lack of knowledge by the
> users and exploits/vulnerabilities in software, the only difference, is that
> on IRC it tends to spread quickly because of its real time nature.
> So in conclusion, no, IRC should not be killed off, mirc's scripting
> vulnerabilities should be closed in some way, and vulnerabilities in other
> software should continue to be discovered and fixed.
> 
> 
> 
> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com
> [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Danny
> Sent: 19 November 2004 17:40
> To: Mailing List - Full-Disclosure
> Subject: [Full-Disclosure] Why is IRC still around?
> 
> Well, it sure does help the anti-virus (anti-malware) and security
> consulting business, but besides that... is it not safe to say that:
> 
> 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc?
> 2) A considerable amount of "script kiddies" originate and grow through IRC?
> 3) A wee bit of software piracy occurs?
> 4) That many organized DoS attacks through PC zombies are initiated through
> IRC?
> 5) The anonymity of the whole thing helps to foster all the illegal and
> malicious activity that occurs?
> The list goes on and on...
> 
> Sorry to offend those that use IRC legitimately (LOL - find something else
> to chat with your buddies), but why the hell are we not pushing to sunset
> IRC?
> 
> What would IT be like today without IRC (or the like)? Am I narrow minded to
> say that it would be a much safer place?
> 
> ...D
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ