lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3ED05416.8090409@brvenik.com>
From: security at brvenik.com (Jason)
Subject: Religion. Was HEADS UP...

This is a religous debate that will never die!

morning_wood wrote:
> then my apologies to the the list, the main body of the text is mostly a rip
> of the exe anyway,..

Security is an evolution, I would not apologize because someone got 
upset about an email with a virus. If anything at all I would apologize 
for not considering your actions more carefully. I imagine you just 
helped evolution a little bit more somewhere. ;-)

[snip]

>>Another option is for the list-serve software to remove all attached
>>executable files from incoming messages it receives before the messages
>>are blasted out to the world.  This is a good policy for any email list,
>>but particularly important for a computer security list.

I disagree completely with this but it is a religous debate isn't it. A 
security list needs the freedom to pass any and all relevant information 
without hinderance otherwise you get bugtraq. The decision about 
relevance is relative in itself and for me to decide.

Stripping attachments offers less security by providing a false sense of 
security IMHO.

>>
>>FWIW, Outlook 2002 automatically discarded the Update880.exe file on my
>>system, so I couldn't even look at it if I wanted to.  A password
>>protected .ZIP file is the generally accepted standard for sending out
>>malware samples.  However, I don't think malware is appropriate for this
>>list.

While a password protected zip archive or a double zipped archive or a 
link to the content over http and ftp is generally more acceptable, 
malware should be expected in everything you do these days. There is no 
other answer!

The double zipped archive could just as easily be a DoS against your 
mail server or the archive itself could exploit a vulnerability in the 
most common decompressors...

To stray further off topic a moment and further add to the noise.

I happen to like reversing virii and have grown to love them for the art 
and beauty they can convey. It is a sad state that today we are mostly 
presented with mass mailing trojans and worms.

I would love to get my hands on a Linux virus that was polymorphic and 
underhanded for the sole purpose of survival. I've yet to have one come 
by in the wild that was truely effective.

Give it ptrace, ioperm, and race condition detection and you have the 
makings of a good old fashioned linux virus that overcomes the root 
barrier. Human error alone ensures its survival.

That is a discussion for focus-virus which is moderated and generally 
useless.

[snip rest]

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ