lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu May 11 20:44:12 2006
From: n3td3v at gmail.com (n3td3v)
Subject: MS06-019 - How long before this develops into a
	self propagating email worm

On 5/11/06, Valdis.Kletnieks@...edu <Valdis.Kletnieks@...edu> wrote:
> On Thu, 11 May 2006 19:15:50 BST, n3td3v said:
>
> > "Thereeeeeees zero-day in the wild, you're going to get haaaaaxx3d"
>
> It's more like "We now know about a zero-day that's been on the loose
> for some unknown amount of time, and you may already be hax0red. And if
> you haven't, you probably will be as soon as the script kiddies who are
> even more lame than our security professionals find the zero-day. HAND".

Code alone is not a threat. Its obvious these security companies never
have specific intelligence of worms being planned. All they can base
their threat meters on is a generalization.

Which one is the threat:

"A gun store has opened on the corner, someone might buy a gun and shoot"

or

"I overheard a conversation that johnny average is annoyed at bob and
spoke about revenge, he's really into guns, and a gun store has just
opened on the corner, johnny is mentally unstable, and he's really
good at hitting his targets, he shot someone in the past but no one
told the police."

Regardz,

n3td3v

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ