lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: steven_fruchter at hotmail.com (Steven Fruchter)
Subject: DCOM/RPC story (Analogy)

That is completely moronic to act as if he did not do anything but just
hex edit the code and change the name for example on the .exe .  He also
like a moron had the infected drones contact his website (which he is
registered to) so that he can see who has been infected to control them.
This means that he had more than just wanting to change the name of an
.exe for example, it shows his intent.  Yes you are right about the
7,000 being exploited anyways, and yes this kid definitely should not
get such harsh treatment, but the sad fact is, he probably will get all
of punishment from what someone else did, he is just a lame kid who
should not of took someone else's code to try and be cool first of all,
and now he is paying the price for trying to be cool.  I have had some
many people come up to me and tell me they caught the guy that released
the blaster worm and than I have to yell at them and say, "NO they
didn't!  They just caught some kid who made a lame variant using the
original worm."  Regardless of what he did or didn't do, he will
probably get the blame of the entire thing, guess this will make worm
writers a little more scared and they will start to watch their steps a
little more carefully now and not have the damn drones contact their own
website which is registered to their name.
 
-SF

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Kristian
Hermansen
Sent: Sunday, August 31, 2003 10:53 AM
To: full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] DCOM/RPC story (Analogy)



I also agree with you.  The kid is guilty of nothing more than
"Unethical use of a hex editor".  And here's my MAIN FUCKING POINT SO
LISTEN UP ALL OF YOU:
 
 
THE 7000 COMPUTERS THAT HE SUPPOSEDLY INFECTED WOULD HAVE BEEN INFECTED
BY THE "ORIGINAL" WORM HAD THEY NOT BEEN COMPROMISED BY HIS VARIANT
FIRST.  SO WHAT'S THE FUCKING CRIME?  READ BELOW...
 
 
The analogy is this:  A scientist drops a monkey infected with the Ebola
virus into a large tank containing 20,000 other monkeys.  Some monkeys
have been given a shot to protect them from infection, so as the virus
spreads they do not become a carrier.  The outbreak starts at the far
west end of the container and is working its way to the east side,
infecting every monkey exponentially as they all pass it on to their
neighbors.  One of the smarter monkeys gets infected and realizes what
is happening.  For some strange reason this monkey knows that drinking a
certain liquid (on the floor of the container) will slightly alter the
properties of the virus he has become infected with immediately.  He
stirs up the other end of the container by hurling a pile of his own
feces.  Now, the outbreak has not reached that end of the tank yet (but
most definitely will in time) and the outbreak is now spreading from the
west and east ends toward the center.  After the outbreak has reached
its infection maximum and looking at all of the dead monkeys on the tank
floor, the uninfected monkeys start asking questions as to what the hell
happened to their brothers and sisters.  Weeks go by and no one has an
answer.  Finally, one monkey overhears a conversation about how one guy
threw his shit all the way across the tank.  That's the guy we need to
punish they concluded.  They apprehend the monkey on his death bed for
throwing his own shit and causing the outbreak at the east end of the
tank, which supposedly killed 7000 monkeys.  They continued looking for
the original infectioner, but the scientist was never discovered.  Some
of the monkeys started to blame God for allowing this infection to be
possible.  "Why the hell does God want to torture us?  We are but mere
mortals!", exclaimed one monkey.  "God works in funny ways...", sighed
another monkey.
 
 
Kris Hermansen
ceo@...technology.com
 
 
On Sat, Aug 30, 2003 at 10:39:53AM -1000, Jason Coombs wrote:

> if he made the modifications and gave the modified worm to other
people but
> didn't cause it to infect anyone else's computers, then what crime is
he
> guilty of exactly? criminal misuse of a hex editor?

it could certainly be argued that the "damage" caused by this copy of
the
program is no greater than it would have been if his home computer had 
simply been infected and passed it on in the usual way. in fact, maybe
he is even the pioneer of a new art form where people, out of respect
for
the rights of the autonmous agent, refuse to remove these programs from
their
computers and use hex editors to tattoo their message onto the worms'
backs.
i can see web sites with worm poetry -- the random juxtaposition of 
sentences that trace a particular worm geneaology as it passes across
the
mesh, perhaps even paper-bound volumes.

other than neglecting to install a program with a genocidal attitude
towards certain processes, what exactly did this guy do wrong?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030831/7967f6e0/attachment.html

Powered by blists - more mailing lists