lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20030815045514.43199.qmail@web21104.mail.yahoo.com>
From: weezspam at yahoo.com (Weezer Hutchins)
Subject: The MSBlast Conspiracy Theory

This was such a benign implementation of the serious DCOM security risk, that my conspiracy theory
is ... Microsoft had this worm released on purpose in an attempt to get everyone to patch their
machines before a really threatening version was released.

Imagine, what if ...

   ... this vulnerability was used to remove all the .doc, .xls, .ppt, etc. files off the drives,
including network attached drives? (you know how everyone keeps backups of all their files :)
   ... this vulnerability intentionally stole everybody's address books and transferred them to
some anonymous ftp server for later pickup (a spammer's dream)?
   ... this vulnerability stole financial and personal data in the same manner as above, and gets
bank account numbers, credit card numbers, passwords, etc., from Quicken, Microsoft Money and
other files (of course, everybody password protects these files)?
   ... (insert your own extremely disastrous scenario here)

Any of these would cause so much harm to Microsoft from the lawsuits and lost business, that they
couldn't afford to let it remain out there, thus the conspiracy theory arises.

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ