lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <001701c361d8$4418c4d0$250a640a@navi>
From: gml at phrick.net (gml)
Subject: recent RPC/DCOM worm thought

Why build in a backdoor when you can just write crappy code?

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Kerry Steele
Sent: Wednesday, August 13, 2003 3:20 PM
To: Eichert, Diana; full-disclosure@...ts.netsys.com
Subject: RE: [Full-Disclosure] recent RPC/DCOM worm thought

Interesting thought, but I would have to say that it really goes deeper
than that.

If Microsoft were as evil an empire as they are perceived to be, then
wouldn't they already have the backdoor to your system to apply the
patch anyway?  If so then why go throught the pain in the ass to write a
shotty worm and draw bad publicity to the company?

Think about the anti-virus companies and, well, every security software
product out there, that is racing to be the "first" to detect or
remediate X new variant of the worm.  What an opportunity for market
traction and visibility, wouldn't you say?

My USD 0.02.

Cheers,
Kerry

-----Original Message-----
From: Eichert, Diana [mailto:deicher@...dia.gov] 
Sent: Wednesday, August 13, 2003 7:42 AM
To: 'full-disclosure@...ts.netsys.com'
Subject: [Full-Disclosure] recent RPC/DCOM worm thought


I've been thinking about how "poorly" this worm was 
written and how it really wasn't very malicious, just 
very time consuming, forcing people/companies to 
install patches to their systems.

Now here's an alternative thought about it.

What if "someone" purposely wrote this worm to get 
the attention of people to patch their systems, not 
to DOS the mickeysoft upgrade site.  If they really 
wanted to create a DOS against a website they wouldn't 
have postponed it for 4 days.  That's a long time in 
today's world.

I mean if you were mickeysoft and there was a known 
security hole wouldn't it be in you best interest to 
have the first real exploit of it be relatively benign?
It gets everyone's attention and they are forced to 
install the latest security patch.

anyway, my US$.02 worth

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ