lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.BSI.4.58.0407302309410.14807@dave.horsfall.org>
From: dave at horsfall.org (Dave Horsfall)
Subject: Cool Web Search

On Fri, 30 Jul 2004, Andrew Clover wrote:

> This is not the case for all variants of CWS. The newer, sneakier
> variants can rebuild themselves if they detect a program like HijackThis
> removing their registry entries.

Not really "new", in the scheme of things.  Over 30 years ago, some bored
prgrammer wrote something for one of the mainframes of the day (ICL?
IBM? Burroughs?) called "Robin Hood and Friar Tuck".

They were two programs that monitored each other, occasionally printing
cheeky messages to the console.  Eventually, the (night-shift) operator
would notice, and delete one of them.  The console dialogue then went
something like this:

FRIAR: HELP ME SIR ROBIN, I AM UNDER ATTACK!
ROBIN: FEAR NOT, BRAVE FRIAR, I SHALL RESCUE YOU!

And so one restarted the other.

The only way to remove this harmless jape (if you didn't know the right
command) was to IPL the box, and it was a brave operator who did that...

-- Dave


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ