lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
From: b.griffin at cqu.edu.au (Brad Griffin)
Subject: MyDoom.b samples taken down 

 Hi all

Over the past weekend I've seen discussion about the stupidity of
posting direct links to live virus code, the spam value of 'your
computer is infected and we found it!' messages by poorly designed
notification software in a/v applications and a running commentary on
how long SCO is and will be down for. Seeing as the group is now a
free-form multi-topic group, I propose we start discussing the
difference between Microsoft Office and Open Office so we can fully
disclose our feelings about same...or we could drag ourselves back to
full disclosure and move on from what our opinions are in regards to
SCO/MYDOOM/(place your least favourite av company here).

...but, for my devalued two cents:

1: posting live code is not very clever, especially considering live
virus code is usually available from other dubious sources anyway (and
the flak you receive for posting links/code isn't worth it).

2: notification e-mail from anti-virus software is just a 'feature' that
served a purpose (arguably) a few years ago. Now that the average worm
uses spoofing, the notification features should be removed. We don't
need more UE flooding inboxes.

3: SCO is down and will be until it is back up. Get over it gang, we all
knew it would happen, why bother with a minute by minute account...
"SCO is down..."
"Yep, SCO is down..."
"Uh-hu, still down..."
"mmmm, SCO is down..."
"Dang, SCO is *still* down..."

Please flame me off-list, full-disclosure doesn't mean you have to post
your every thought to the public list.

Cheers,
Brad



> -----Original Message-----
> From: Valdis.Kletnieks@...edu [mailto:Valdis.Kletnieks@...edu] 
> Sent: Monday, February 02, 2004 11:34 AM
> To: Paul Schmehl
> Cc: full-disclosure@...ts.netsys.com
> Subject: Re: [Full-Disclosure] MyDoom.b samples taken down 
> 
> On Sun, 01 Feb 2004 19:17:01 CST, Paul Schmehl 
> <pauls@...allas.edu>  said:
> 
> > Then how do you explain F-Prot's recent article condemning other AV 
> > companies for doing the "spamvertising" you complain about?  The AV 
> > industry is not mono-lithic and there are many internal 
> disagreements 
> > that the public are never privy to.
> 
> One company finally breaks ranks two or three *years* after 
> it's recognized that it's a problem.
> 
> Please name the other top-10 A/V companies that followed 
> F-Prot's lead in fixing this issue in their products.
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ