lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: steve.wray at paradise.net.nz (Steve Wray) Subject: MyDoom download info > [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of > Paul Schmehl > > --On Saturday, January 31, 2004 12:25 PM -0500 > Valdis.Kletnieks@...edu > wrote: > > > On Sat, 31 Jan 2004 12:03:37 +1300, Steve Wray > > <steve.wray@...adise.net.nz> said: > > > > What worries me is we haven't seen *either* an actual damaging virus > > (imagine if the last 2 lines of Mydoom were "sleep(4hours); > > exec("format c:);") or a "sleeper" virus. > > This doesn't worry me much at all. Since virus writing has > been taken over by the scammers, spammers, criminals and thieves, the last Paul, your quoting is a bit off there (makes it look as if I wrote that), but to address the points, as one person wrote, its difficult to spread fast when you are trying to be stealthy; I would argue that if one is stealthy enough, one doesn't need to spread fast since one is trying to evade detection rather than evading elimination. If a virus could spread slowly but stealthily, it could be all over the planet and activated before any antivirus vendor became aware of its presence and came out with a fix; it wouldn't matter much if it took a year of quiet spreading. Sometimes (and here I go sounding paranoid again) it seems that the viruses and worms we see are nothing but a smokescreen; they are SO VERY obvious. so-called 'script kiddies' and the old school vxers wanted a quick hit of adrenalin. Organised crime syndicates are a lot more patient.
Powered by blists - more mailing lists