[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <019a01c3d54a$f0b16680$1214dd80@corp.emc.com>
From: exibar at thelair.com (Exibar)
Subject: Show me the Virrii!
The vulnerability is the direct results of poor coding, or overlooked
coding. The people that write, and release, malicious exploits are directly
responsible for causing other people grief. If they spent their time
helping to fix the problem and not write something malicious, well, most of
us would be out of jobs actually.... Hmmmm, I kinda like what I do for a
living.... :-)
I guess it's kinda like the old thief's plea to a judge. "But the door
was unlocked , I just opened it up, walked in and took what I wanted."
That's not a justification for writing malicious code, or turning PoC code
into something malicious intended to infect other files, networks, etc.
My point was just that if the roles of Windows and Linux (just for two
examples, it could be Apple DOS and Atari DOS for all it matters) were
reversed, all we'd hear is how tough it is to patch 30,000 Linux boxes in a
timely fashion. And that it sucks to have to re-compile the kernel every
week due to a new threat. etc etc etc
Exibar
----- Original Message -----
From: <John.Airey@...b.org.uk>
To: <full-disclosure@...ts.netsys.com>
Sent: Wednesday, January 07, 2004 10:47 AM
Subject: RE: [Full-Disclosure] Show me the Virrii!
> > -----Original Message-----
> > From: Exibar [mailto:exibar@...lair.com]
> > Sent: 07 January 2004 15:12
> > To: John.Airey@...b.org.uk; full-disclosure@...ts.netsys.com
> > Subject: Re: [Full-Disclosure] Show me the Virrii!
> >
> >
> > Although I agree with your other points, I have this comment:
> >
> > Why do you ultimately blame Windows/DOS for the virus
> > problem? This is
> > simply not true. Are there not SQL worms? Was it not a SQL
> > worm that was
> > the fastest to spread in history? Are there not many Linux worms and
> > viruses, and more being written each day? Are there not
> > viruses and/or
> > worms that exploit Cisco products? Hell there are even worms
> > that exploit
> > FTP and IRC! I can go on.
> >
> > It is not Windows that is the problem. It is the people
> > that write the
> > damned things that is the problem. Ok, perhaps it's the lack
> > of laws that
> > will make a programmer think twice about becoming a Vx'r.
> >
> > If Linux had the marketshare that Windows does right now,
> > and it just
> > might one day it's hard to compete with free, and the
> > majority of viruses
> > are being written for Linux, would you then blame Linux as
> > the cause of the
> > problem?
> >
> > Saying Windows is to blame for the mess that we're in is
> > like saying the
> > gun is what causes a murder and not the person that pulled
> > the trigger.
> >
> > Exibar
> >
> I hadn't even mentioned worms. In fact, if we take worms into account,
then
> the proposed solution becomes even more difficult to implement. After all,
> if you trust any program, be it httpd or sqlservr.exe to use the
processor,
> a worm can always exploit this.
>
> My original point about viruses (not worms or trojans) still stands. The
> majority exist because Windows will execute a huge number of files just
> because of its filename.
>
> Going back to worms, the SQL slammer worm caused damage far out of
> proportion to its installed base. It's a matter of public record that
> Microsoft hadn't even patched its own servers against it. How does that
> compare to the rapid patching of Apache servers? (Actually, I've said it
> before on this list that Microsoft did not have proper firewalling in
place,
> so I won't go back over that one).
>
> Your answer to a hypothetical question about Linux having a similar market
> share does not make sense. First, it's conjecture and second, Linux (and
all
> other UNIX based systems) do have reasonably sensible privileges (compared
> to Windows 98 which is still being used by many many organisations).
>
> Note that I said "mostly responsible". I don't blame Microsoft for all
worms
> and viruses, but Bill Gates is directly responsible for a flawed (with
> hindsight) design decision. Now if we did all switch to Linux/BSD
whatever,
> that flaw would go away.
>
> In fairness, he isn't the only person to make mistakes in design. Until a
> few years ago, nearly everyone had "open mail relays". In fact, if you
don't
> have an open relay, you are breaking RFC 822. Of course, this particular
> requirement should now be ignored (It may be obsoleted already. I haven't
> looked for ages).
>
> Can you please bottom post? I use evil Outlook (I have no choice), but
even
> I remember to bottom post to mailing lists.
>
> Thank you.
>
> -
> John Airey, BSc (Jt Hons), CNA, RHCE
> Internet systems support officer, ITCSD, Royal National Institute of the
> Blind,
> Bakewell Road, Peterborough PE2 6XU,
> Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 John.Airey@...b.org.uk
>
> Even if you win the rat race, that will still only make you a rat.
>
> -
> DISCLAIMER:
>
> NOTICE: The information contained in this email and any attachments is
> confidential and may be privileged. If you are not the intended
> recipient you should not use, disclose, distribute or copy any of the
> content of it or of any attachment; you are requested to notify the
> sender immediately of your receipt of the email and then to delete it
> and any attachments from your system.
>
> RNIB endeavours to ensure that emails and any attachments generated by
> its staff are free from viruses or other contaminants. However, it
> cannot accept any responsibility for any such which are transmitted.
> We therefore recommend you scan all attachments.
>
> Please note that the statements and views expressed in this email and
> any attachments are those of the author and do not necessarily represent
> those of RNIB.
>
> RNIB Registered Charity Number: 226227
>
> Website: http://www.rnib.org.uk
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
Powered by blists - more mailing lists