lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <42FAA162.7060109@science.org>
Date: Thu Aug 11 01:52:04 2005
From: jasonc at science.org (Jason Coombs)
Subject: Re: Help put a stop to incompetent computer
	forensics

Thierry Zoller wrote:
> JC> Because Trojan horses often have
> JC> these harmful functions, there often arises the misunderstanding that
>     ^^^^^                                           ^^^^^^^^^^^^^^^^
> JC> such functions define a Trojan Horse.
> 
> Please read what you just posted, it directly contradicts what
> that wikipedia author wrote 2 lines above that. That wikipedia
> article can be trashed.

It is not a misunderstanding. The definition of Trojan has very clearly 
been relegated to the malware that forces open a means of unauthorized 
or hidden access or remote control, i.e. a backdoor. I understand your 
point that Trojan had a broader definition in the past, but that is in 
the past. Archaic. The Wikipedia entry is instructive to illustrate that 
there is so often a "misunderstanding" in present usage that the older 
definition is no longer correct.

We won't succeed in attempts to convince millions of people that a 
Trojan Horse is also a gift that contains a nuclear bomb inside that 
will nuke your house after you accept it. That's not a Trojan, that's a 
bomb, even if it is a Greek wooden horse. It just doesn't matter that in 
the past the industry had not yet come to realize that it needed a 
different term for spyware. We have it now, so there's no looking back.

Thanks for helping me understand your viewpoint. I've never met anyone 
who thinks of a Trojan the way that you do, and the common usage even by 
infosec industry professionals clouded my brain so badly that at no time 
did I perceive the classic definitions you and others have cited to 
imply anything other than the context in which the term is used today. 
The bad acts that the Trojan performs, in my mind, must be in connection 
with some attempt to give the Trojan author further, future access to 
systems or to the data they contain.

I'm not saying that you're wrong. I'm saying you have far too much 
experience and expertise, and all that knowledge is causing you to fail 
to see the forest for the trees. Common people's common sense has 
changed the definition of Trojan, pure and simple.

Nobody today would avoid using the term spyware just because the term 
Trojan was the way in which that malware would have been labeled in the 
past. As I said, everyone I know understands what a Trojan is, and their 
understanding is not what you suggest it should be.

Sincerely,

Jason Coombs
jasonc@...ence.org

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ