lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3F4E06EB.7080608@adelphia.net>
Date: Thu, 28 Aug 2003 09:43:07 -0400
From: William Warren <hescominsoon@...lphia.net>
To: Fabio Gomes de Souza <bugtraq@....com.br>
Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com
Subject: Re: AV "feature" does more DDoS than Sobig


I apologize for the html post..

Fabio Gomes de Souza wrote:

> Hello,
> 
> Anti-virus products are causing more harm than the Sobig Worm.
> 
> Some of my customers are having the following problem:
> 
> B = Customer of my customer (infected)
> C,D,E = Some random company (victims of Sobig)
> A = My customer (victim of AV marketing)
> 
> The Sobig worm infected B.
> 
> In its propagation loop, the worm composes a message, chooses two random 
> items in the Address Book, and puts the first in the "From:" and the 
> second in the "To:" header. Then all virus messages are spoofed.
> 
> The problem is that many e-mail virus scanners send a "You are infected" 
> reply to the address contained in the "From" header. Since the messages 
> are spoofed, the inoccent, uninfected user "A" is flooded by automatic 
> complaints from "C","D","E" regarding the virus that "B" sends.
> 
> Anti-virus companies seem to spend more money on marketing/visibility 
> than on actually protecting their customers. This marketing stupidity is 
> done by adding USELESS features, which spreads false information and 
> delivers false sense of security:
> 
>     - "You're infected" reply (false positive)
>     - "This message is 100% virus-free certified" signature line (false 
> sense of security)
>     - Anti-virus buttons on Internet Explorer toolbar (just to launch 
> the AV)
>     - Splash screens every time you:
>         - boot your computer
>         - send e-mail
>         - check pop3 e-mail
>         - turn your computer off
>     - System tray useless icons (in some AVs, the system tray icon does 
> nothing except for launching the AV program)
>     - Redundant shortcut icons in Desktop, Start Menu root, Quick Launch 
> and Start Menu program folder
> 
> This kind of stupidity from AV companies makes me hate them more every day.
> 

-- 
May God Bless you and everything you touch.

My "foundation" verse:
Isaiah 54:17 No weapon that is formed against thee shall prosper; and 
every tongue that shall rise against thee in judgment thou shalt 
condemn. This is the heritage of the servants of the LORD, and their 
righteousness is of me, saith the LORD.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ