lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20040903095305.GB7274@onosendai.matrix>
From: lists at michel-messerschmidt.de (Michel Messerschmidt)
Subject: [VirusTotal] Scan result (fwd)

On Fri, Sep 03, 2004 at 10:43:50AM +0530, Aditya Deshmukh wrote:
> hey if the binary is infected and does not contain any hardcoded 
> sencitive info what do u care about the owners of the website ? 

Unless for (a purely theretical) example the website would use your 
submission to infect others (perhaps with your address as sender) :-) 
Although the binary may not contain any sensitive data, it is dangerous 
in itself because it is self-replicating and thus hard to control once 
it is activated. If your are not very cautious when handling 
self-replicating code, you most likely end up sending it out to the 
world.

So for the question how to handle possibly dangerous code 
it all comes down to "Who do you trust" ?

-- 
Michel Messerschmidt           lists@...hel-messerschmidt.de
antiVirusTestCenter, Computer Science, University of Hamburg

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ