[<prev] [next>] [day] [month] [year] [list]
Message-ID: <BF76007EDD30A74795F2CCA49FA01C8C4C2FC1@001sv30021.corp.info1team.com>
From: jnoble at info1team.com (Noble, Jim)
Subject: The MSBlast Conspiracy Theory
Lawsuits?
Read your shrink wrap agreement, you own the liability of the software
and any data that you create with it...
Nice theory, but it doesn't hold water.
That would be the same as saying that since the car you purchased wasn't
made to filter sugar out of the gas tank, that an attack on the entire
fuel storage in the world be the fault of the car manufacturer.
-
Arcturus...
Network & Security Director
CISSP, CCSE+, CNX
===================================
CONFIDENTIALITY===================================
This E-mail is confidential. It should not be read, copied, disclosed or
used
by any person other than the intended recipient. Unauthorized use,
disclosure or
copying by whatever medium is strictly prohibited and may be unlawful.
If you have
received this E-mail in error please contact the sender immediately and
delete
the E-mail from your system.
===================================
CONFIDENTIALITY===================================
-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Brad Pryce
Sent: Friday, August 15, 2003 6:32 AM
To: Weezer Hutchins
Cc: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] The MSBlast Conspiracy Theory
Possible, but not likely.
Brad Pryce
Weezer Hutchins wrote:
>This was such a benign implementation of the serious DCOM security
>risk, that my conspiracy theory is ... Microsoft had this worm released
>on purpose in an attempt to get everyone to patch their machines before
>a really threatening version was released.
>
>Imagine, what if ...
>
> ... this vulnerability was used to remove all the .doc, .xls, .ppt,
>etc. files off the drives, including network attached drives? (you know
how everyone keeps backups of all their files :)
> ... this vulnerability intentionally stole everybody's address books
>and transferred them to some anonymous ftp server for later pickup (a
spammer's dream)?
> ... this vulnerability stole financial and personal data in the same
>manner as above, and gets bank account numbers, credit card numbers,
>passwords, etc., from Quicken, Microsoft Money and other files (of
course, everybody password protects these files)?
> ... (insert your own extremely disastrous scenario here)
>
>Any of these would cause so much harm to Microsoft from the lawsuits
>and lost business, that they couldn't afford to let it remain out
>there, thus the conspiracy theory arises.
>
>__________________________________
>Do you Yahoo!?
>Yahoo! SiteBuilder - Free, easy-to-use web site design software
>http://sitebuilder.yahoo.com
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists