lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 18 Mar 2009 16:54:35 -0700
From: Matt Olson <weysec@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: The BBC acquired a botnet,
	but was it legal? - 	Update

While I understand your point, how much of our taxes go to criminals?
Governments the world over buy weapons from terrorist organizations to "Save
their soldiers".  In reality the money is then used to pay for better
munitions.  This action will invariably lead to the same sort of backlash.
As a security professional I can now sleep an extra two minutes knowing that
one less acttack vector may have been removed from my radar.

If all of us continue to not act for fear of having our hand slapped, then
nothing will happen.  Take action when the opportunity presents itself and
shut it down.

As for your comments on AV vendors there is a saying that comes from
Despair.com...

If you are not part of the solution, there is money to be made in prolonging
the problem.

It's refreshing to see someone taking the reigns and finally fighting back.

M
On Wed, Mar 18, 2009 at 3:52 PM, <A.L.M.Buxey@...ro.ac.uk> wrote:

> Hi,
> > What makes this unacceptable? Buying a botnet and turning it off. Hurah
> > for them! Unstuff your shirts and get on with your lives.
>
> my TV licence money isnt for paying criminals. What the BBC did
> breaks several laws, Computer Misuse Act being the major one. Its not
> a case of white hat v's black hat, the AV companies etc cant fix the
> worlds computers the easiest way  (probe them and patch vulnerable
> ones before the bad guys get them) because of these same laws.
>
> either the laws need changing, or rewriting etc to account for
> any 'good' behaviour that has no bad or undesirable consequences.
>
> there again, without vulns the AV companies are out of business.
> hmmm.
>
> anyway, the guys involved in this media circus should have the
> book thrown at them as any of us would suffer if we tried the same
> demonstration/prank
>
> alan
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ