| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: jnoble at info1team.com (Noble, Jim) Subject: The MSBlast Conspiracy Theory Lawsuits? Read your shrink wrap agreement, you own the liability of the software and any data that you create with it... Nice theory, but it doesn't hold water. That would be the same as saying that since the car you purchased wasn't made to filter sugar out of the gas tank, that an attack on the entire fuel storage in the world be the fault of the car manufacturer. - Arcturus... Network & Security Director CISSP, CCSE+, CNX =================================== CONFIDENTIALITY=================================== This E-mail is confidential. It should not be read, copied, disclosed or used by any person other than the intended recipient. Unauthorized use, disclosure or copying by whatever medium is strictly prohibited and may be unlawful. If you have received this E-mail in error please contact the sender immediately and delete the E-mail from your system. =================================== CONFIDENTIALITY=================================== -----Original Message----- From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Brad Pryce Sent: Friday, August 15, 2003 6:32 AM To: Weezer Hutchins Cc: full-disclosure@...ts.netsys.com Subject: Re: [Full-Disclosure] The MSBlast Conspiracy Theory Possible, but not likely. Brad Pryce Weezer Hutchins wrote: >This was such a benign implementation of the serious DCOM security >risk, that my conspiracy theory is ... Microsoft had this worm released >on purpose in an attempt to get everyone to patch their machines before >a really threatening version was released. > >Imagine, what if ... > > ... this vulnerability was used to remove all the .doc, .xls, .ppt, >etc. files off the drives, including network attached drives? (you know how everyone keeps backups of all their files :) > ... this vulnerability intentionally stole everybody's address books >and transferred them to some anonymous ftp server for later pickup (a spammer's dream)? > ... this vulnerability stole financial and personal data in the same >manner as above, and gets bank account numbers, credit card numbers, >passwords, etc., from Quicken, Microsoft Money and other files (of course, everybody password protects these files)? > ... (insert your own extremely disastrous scenario here) > >Any of these would cause so much harm to Microsoft from the lawsuits >and lost business, that they couldn't afford to let it remain out >there, thus the conspiracy theory arises. > >__________________________________ >Do you Yahoo!? >Yahoo! SiteBuilder - Free, easy-to-use web site design software >http://sitebuilder.yahoo.com >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.netsys.com/full-disclosure-charter.html > > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists