lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <6378AF0419997E4AB0375E3C92E6CE9304C156@tehilamail.tehila.gov.il>
From: yehudi at tehila.gov.il (Yaakov Yehudi)
Subject: win2kup2date.exe ?

It seems to me that the argument that it is wisest not to spread the
virus too widely is yet another argument that _sometimes_ security by
obscurity is a "Good Thing"[tm].

Stir that pot!

YY

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Nick
FitzGerald
Sent: Friday, September 03, 2004 17:16
To: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] win2kup2date.exe ?

James Tucker to Harlan Carvey to me to :

>  > > > > ...  If you want to email me a copy of it, I'll
> > > > > rip it apart and see what can be seen.
> > > >
> > > > And world plus dog should entrust you with such
> > > material because???
> > > ... most viruses, trojans and malware to not store copies of 
> > > stolen data in their executables. Furthermore the file size is 
> > > very small.
> > 
> > Interesting answer, but completely non-sequitor.  Nick asked why 
> > this person should be trusted with a live bit of malware, and your 
> > response is that it's not very big???  What does that have to do 
> > with anything?
> 
> Malware and viruses are VERY readily available in many places accross 
> the internet. Therefore this point should be of no concern.  ...

It feels good when you stop hitting your head aginst the door too, and
there are very many doors readily available for you to hit your head
against.  Now, I don't know James, but I'd say it is a fair bet he
doesn't hit his head against every door he sees just so he can enjoy the
feeling when he stops hitting his head against each specific door.

Look fool -- just because samples of some malware are easily accessible
to you does not mean it is a good idea to encourage others to liberally
spray copies of probably-new-and-undetected-by-many-scanners malware
around willy nilly.  Such encouragement is ethically dubious, at best...

<snip>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ