| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Aug 11 10:47:30 2005 From: abaker at gmail.com (ASB) Subject: Re: Help put a stop to incompetent computerforensics Hey Jason, you really have to make up your mind about whether the old definition is archaic and thus obsolete, or if we should be using the original definition from Homer. You can't keep flopping back and forth like you're running for a major political office. A trojan is well-understood (by everyone else) to be software that pretends to have some useful, noble or benign purpose, but carries with it some other malignant function. It is one of the most frequently used vehicles for backdoors, but in and of itself, and Trojan is not necessarily a Backdoor. Just because the mainstream media misuses malware terms such as virus, worm, and trojan doesn't mean we have to sit playing semantics on a 50-post thread -- alternating between "understood" and "original" meanings. Your posts have been even more ironic given the thread title you used, and your original complaint. -ASB FAST, CHEAP, SECURE: Pick Any TWO http://www.ultratech-llc.com/KB/ On 8/10/05, Jason Coombs <jasonc@...ence.org> wrote: > > Chuck Fullerton wrote: > > "A Trojan horse is a program that appears to have some useful or benign > > purpose, but really masks some hidden malicious functionality." > > > > "A Backdoor is a program that allows attackers to bypass normal security > > controls on a system, gaining access on the attacker's own terms." > > Here's an example of a completely flawed explanation of the origin of > the term. The definition given claims that the warriors emerged from the > horse and only those warriors overran the city. Obviously that isn't > what happened in the Iliad, the Trojan Horse was used to get further > access for other warriors. Furthermore, "overran the city" means of > course that the Trojan Horse was used for the purpose of gaining control > of the city, regardless of which warriors accomplished the objective. > > Most (but not all) of you are suggesting that the only thing that > matters is what the definitions say, and that's not the right way to > look at this issue. A program that does something malicious when used is > not a Trojan unless its malicious purpose fits with the story of the > Trojan Horse as it is understood by non-computer people. This is why we > don't call spyware Trojans any longer -- a distinction has been drawn, > and that distinction has overrun the past usage of the term. > > > http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci213221,00.html > > In computers, a Trojan horse is a program in which malicious or harmful > code is contained inside apparently harmless programming or data in such > a way that it can get control and do its chosen form of damage, such as > ruining the file allocation table on your hard disk. In one celebrated > case, a Trojan horse was a program that was supposed to find and destroy > computer viruses. A Trojan horse may be widely redistributed as part of > a computer virus. > > The term comes from Greek mythology about the Trojan War, as told in the > Aeneid by Virgil and mentioned in the Odyssey by Homer. According to > legend, the Greeks presented the citizens of Troy with a large wooden > horse in which they had secretly hidden their warriors. During the > night, the warriors emerged from the wooden horse and overran the city. > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050811/c7fdbc08/attachment.html
Powered by blists - more mailing lists