lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4b7129bd050514203433c9a845@mail.gmail.com>
Date: Sun May 15 04:34:45 2005
From: purplebag at gmail.com (purplebag)
Subject: RE: Bening Worms (Cosmin Stejerean)

This thread is hogwash. There are clearly zealots that think anything
with a worm or virus label on it is unacceptable, based on
"experience" and there are also free thinkers that do not limit the
scope of exploration to the work that has been done before them.

Nick FitzGerald wrote:
> Stejerean, Cosmin wrote:
> 
> 
>>I think you are going a little overboard with this kind of response. The guy
> 
> 
> Nope.
> 
> The guy is clearly a chopper.
> 
> Ten minutes "research" with Google would have shown him that "benign" 
> worms aren't, and only a very narrow fringe of mostly highly marginal 
> IT folk think that the idea is worth more than immediately flushing 
> down the toilet.  Further, among those who do think it might be a good 
> idea or one worth studying, that support falls off very quickly with 
> actual, relevant academic or work experience.

Would you extend that to researchers in the medical industry? Aren't
viruses used every day in medicine to prevent and protect the host
from more hostile attack? Have you ever received the flu shot?

Of course, you will have some overblown opinion on this as well.
Suffice it to say that simply because you believe, based on your
"experience", that is it not possible or good is simply a testament to
your closed minded nature.

> 
> His floating such a stupid, time-worn, discredited notion, which he so 
> easily could have found to be such, in this list is much more closely 
> akin to trolling than "research".
> 
> 
>>had a couple of questions about "benign worms." If you are going to provide
>>some useful feedback then go ahead and do it. If you are going to write an
>>insulting email you should probably think twice about it.
> 
> 
> Thanks for the advice.
> 
> I've filed it where my experience tells me it should be filed...

Excellent choice of words as I have seen no wise teaching from the
ancients in this thread. I think you would have been better served to
use that experience to educate instead of attack. Wisdom is something
people might attribute as a result.

> 
> <<big snip>>
> 
>>If I recall properly Stanford also used similar techniques to get rid of MS
>>Blast on their networks especially from laptop machines that were infected.
>>They had no administrative control over those machines yet the machines
>>posed a threat and the threat had to be eliminated.
> 
> 
> Assuming this is a correct recollection of whatever...
> 
> Run that past us again -- Stanford had machines on their network that 
> posed a risk to the rest of their network BUT the Stanford IT folk had 
> no administrative rights to those machines?  They couldn't configure 
> their network infrastructure so it didn't offer an IP to these 
> "anonymous" threats or at least configure it so it wouldn't route their 
> traffic?  

Quite possibly so. 

> If there really was a "need" to allow such anonymous machines 
> to come and go from their network, why had they not configured their 
> network so it only allowed such "anonymous" machines very limited 
> access (such as putting them in a separate sub-net so they screwed with 
> each other but not with "Stanford real", and that, perhaps, only had 
> very limited off-site access through their firewalls)?  Sounds like 
> Stanford runs (ran?) a _really_ screwed-up network...

Believe it or not there actually are politics, resource problems, and
legacy issues involved.

> 
> Worse though, you seem to imply that it was alright for Stanford to 
> take action against those machines by exploiting a vulnerability on 
> them to "fix" the threat posed to Stanford's network.  

Why does viral technology need to exploit any vulnerability to be a
worm or a virus? What about simple tag along and mail and click happy
users...

I am not advocating the use of viral code as a cure all but there is
clearly opportunity for it to do good as well as bad things. Like it
or not people do do this, have done this, and will probably continue
to do this. You have an opportunity to clearly state an opinion on why
they shouldn't and instead you go on the attack as if you are the last
word on the matter. Take the opportunity to further your cause instead
of alienate yourself from the people that are thinking about doing it.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ