lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <035f01c3d6b4$572ba000$3b69533e@hsportatil>
From: bernardo at hispasec.com (Bernardo Quintero)
Subject: 45% of the free files collected via KaZaA contained malware

> Impossible .... At least 90% of the files on KaZaA are media files ... (non
> executable files)
> 
> I know there's a lot of bad .exe's on kazaa ... But 45% just can't be right

Obviously. Anyway I wanted to give Hughes the opportunity to explain the
methodology he has used to arrive to such a disproportionate percentage. As
you say, the majority of files shared and downloaded with KazaA are
multimedia files, like mp3 format, that to this day are not known to host
any kind of malware.

The doubt I have now is whether everything could be attributed to ignorance
about P2P networks and the normal procedures to download applications (the
usual procedure consists of following links -edonkey/emule- that have
already been checked by other users to avoid fakes, viruses, and so on), or
whether there is some kind of desire to put down these networks.

Also, it surprises me the little criteria media have, since the headline
about almost half of all files in P2P networks contain viruses has been
widely reproduced.

Bernardo Quintero
bernardo@...pasec.com


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ