lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <6863.65.88.218.154.1193973673.squirrel@slashmail.org>
Date: Thu, 1 Nov 2007 23:21:13 -0400 (EDT)
From: "Steven Adair" <steven@...urityzone.org>
To: "Paul Schmehl" <pauls@...allas.edu>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: mac trojan in-the-wild

> --On November 1, 2007 10:14:50 PM -0400 Jay Sulzberger <jays@...ix.com>
> wrote:
>>
>> On Thu, 1 Nov 2007, Paul Schmehl <pauls@...allas.edu> wrote:
>>
>>> --On November 1, 2007 6:31:39 PM -0400 "Adam St. Onge"
>>> <adamst.onge@...il.com> wrote:
>>>
>>>> So if i put a picture of a naked girl on a website and said to see
>>>> more
>>>> you must open a terminal and enter "rm -rf".
>>>>
>>>>
>>>> Would we consider this a trojan...or just stupidity?
>>>>
>>> I would consider it stupidity to think that that is comparable to a
>>> trojan.
>>>
>>> Paul Schmehl (pauls@...allas.edu)
>>
>> I think, under the standard Unix system of permissions, this is a
>> Trojan.  Under the standard Unix system of permissions, every
>> application running in my home directory can issue an
>> 'rm -rf /home/me' and, without proper near in time backup, cause
>> me much annoyance.  The defect lies in the system of permissions.
>> There exist systems of rolling off-machine backups and minimum
>> privilege permissions systems, but they are not yet standard.
>>
> Perhaps you don't understand what a trojan is.  Its purpose is to take
> control of a machine to use it for purposes other than those to which its
> owner would put it and without the owners knowledge or permission.
> Destroying the machine is contrary to the design and purpose of a trojan.
>

Not really.  Remember that the term trojan, as it applies to a computer
program, comes from the large horse from the trojan war.  The point of the
program as it that it appears to have a use/functionality other than what
its real purpose is.  You let your guard down thinking its something else.
 It will generally also remain stealthy to a degree but what it does is up
to the designer.  Install an IRC back door, echo funky text to your
win.ini, or rm your whole file system... well that's up to the _trojan_.




> Paul Schmehl (pauls@...allas.edu)
> Senior Information Security Analyst
> The University of Texas at Dallas
> http://www.utdallas.edu/ir/security/
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ