Full Disclosure mailing list archives
Re: Sobig.F...what took so long
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Sat, 23 Aug 2003 11:00:58 +1200
"Robert Ahnemann" <rahnemann () affinity-mortgage com> wrote:
So its 4 days after the virus was found, and they just discover that its got a list of 20 machines that it will pull from to create a massive DDoS across the net? What took them so long to find it?
No. Reading the more detailed descriptions posted by some antivirus developers back on Tuesday and Wednesday you would have seen that it was well-known that this was coming. Now, four days later, some companies have elected to draw some media attention by announcing "We have discovered [blah, blah, blah]". Of course, if you trust these companies then the fact their claim strongly implies they have just discovered this feature of the virus suggests something about the quality of their research. If you think that this element of their recent press releases is "just over enthusiastic marketing" then that tells you something else about these companies and their priorities... Several companies just got on with the job, coordinated behind the scenes, pooled resources and information and tried to get suitable authorities involved so the right actions would be taken at appropriate times. No (well, little) need for media histrionics, etc, etc. Much as this list is "full-disclosure" I'm sure even the most ardent pundits of that position understand that there can be times that to STFU and not say anything publicly can be highly desirable to getting the best outcome. Not all situations can be "fixed" most appropriately by informing world plus dog (ahead of time) what is in store. (If you don't understand that, get out of the security industry as you are a liability, not an asset.) -- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Sobig.F...what took so long Robert Ahnemann (Aug 22)
- Re: Sobig.F...what took so long Florian Weimer (Aug 22)
- Re: Sobig.F...what took so long James A. Cox (Aug 22)
- Re: Sobig.F...what took so long Nick FitzGerald (Aug 22)