lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sun May 15 06:06:18 2005
From: requiem at praetor.org (Jeremy Bishop)
Subject: RE: Bening Worms (Cosmin Stejerean)

On Saturday 14 May 2005 20:34, purplebag wrote:
> This thread is hogwash. There are clearly zealots that think anything
> with a worm or virus label on it is unacceptable, based on
> "experience" and there are also free thinkers that do not limit the
> scope of exploration to the work that has been done before them.

It does seem that the reaction comes a bit quickly.  Once bitten, twice 
shy, and all that.  That said, it seems at least a few others have 
pointed out that this problem is not the appropriate domain for a worm.

Worms generally infect machines on a stochastic basis. That means you'll 
be able to make statements like "there is an xx% probability that an 
unpatched machine on our network has been 'vaccinated' after n units of 
time".

If it's /your/ network, you should know what's attached to it.  If you 
can't figure that out, you have bigger problems.  If you do know what's 
attached to it, you can deal with each machine directly instead of 
playing with probabilities.

<snip>

> Excellent choice of words as I have seen no wise teaching from the
> ancients in this thread. I think you would have been better served to
> use that experience to educate instead of attack. Wisdom is something
> people might attribute as a result.

The 'wise teaching' seems to be that there is invariably a bug or 
incorrect assumption that turns the worm from "benign" to "bening".   I 
can find /that/ teaching with just a cursory scan over the thread.

-- 
Nothing is intrinsically good or evil,
but its manner of usage may make it so.
                   -- St. Thomas Aquinas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050514/f45b4861/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ