| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu)
Subject: MyDoom download info
On Sat, 31 Jan 2004 12:03:37 +1300, Steve Wray <steve.wray@...adise.net.nz> said:
> I've often thought that none of the viruses so far encountered on the
> net are actually serious.
>
> What worries me are the viruses that have been around for a while
> and which have, so far, not been detected; these are the serious
> viruses (I'm assuming that they exist). Viruses that *don't* send
> vast amounts of email and hence get detected; viruses that *don't*
> run under a debugger, that *don't* give themselves away.
What worries me is we haven't seen *either* an actual damaging virus
(imagine if the last 2 lines of Mydoom were "sleep(4hours); exec("format c:);")
or a "sleeper" virus. At least we can console ourselves with the thought
that a stealthy sleeper virus would almost by necessity have a very low
burn rate, and thus take a long time to compromise a significant number
of systems (if somebody has a way they'd like to share to spread quickly
while remaining stealthy, feel free to comment ;)
I wish I knew which one to be more worried about the lack of.. ;)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040131/0fb76fe0/attachment.bin
Powered by blists - more mailing lists