Msg : Prev 12 / 222 Next -11 +18
1999-09-17 15:51:21

To  :

Subj:

RE: preliminary C virus results (object code in infection)


Perhaps I'm ignorant, but giving kiddies the tools to crank out virii 
doesn't seem that threatening, for several reasons of increasing 
importance: 

1) To make a potent virus, you need sacrificial machines, experimentation, 
etc. These resources are not available to "Level 0" virus writers, e.g. 
"script kiddies." I assume that the spooks and industry types are 
way ahead of the curve went it comes to publicly available tools. 
Essentially, kiddies will continue to produce petty, often malfunctioning 
virii. (And often without sanitizing elements that can be traced back to 
them.) 

2) Limited user abilities inherent in Unix protect other users and "root" 
system functions. As long as a virus can't break root, and arbitrary 
programs can't affect critical system files, services, etc. than it's no 
worse than any other user-level unix virus. Maybe now more prolific, but 
no more potent 

3) Cryptographic signing (e.g.MD5), checksums, etc. are already widely 
used to verify the integrity of code and binaries obtained from remote 
locations. Remember the trojaned tcp-wrappers? See: 
http://www.cert.org/advisories/CA-99-01-Trojan-TCP-Wrappers.html 

So if it seems they can make virii as easily as they want, and it won't 
affect my Linux box. 

On Fri, 17 Sep 1999, Arturo Busleiman wrote: 

> > I agree. The worst thing people on this list could do is to give wannabe 
> > hackers simple 
> > way to modify other people's viruses. It is somewhat "security trough 
> > obscurity", but it would be even worse to give wannabees simple tools and 
> > the knowledge they can't understand, but can modify with ease. No wanna 
> see 
> > VCL for Linux, thank you! 
> You have understood my point of view, imagine the future of Linux (or 
> any Unix) in 4 years (OR LESS!) time! Catastrophic 
> 
> 
> 

VX Heavens - collection of viruses,sources and articles.
Хочешь пользоваться клавиатурой - сдвинь мышь, чтобы не мешала
Пользовательского поиска