Full Disclosure mailing list archives

Re: sco.com Press Release

From: Valdis.Kletnieks () vt edu
Date: Mon, 02 Feb 2004 12:29:33 -0500

On Mon, 02 Feb 2004 11:57:14 EST, Lennart Damm <lennart.damm () excite com>  said:

The MyDoom author should be an asset to any security company fighting this
kind of attacks. Or maybe he already is. I would not hesitate employing him to
do  the analysis and synthesis of the obvious 3G vulnerabilities built into
UMTS, etc. Approaching 1 billion cell phone users there will be a new risk
landscape  - much more demanding than the current one.


This would be true if MyDoom showed any really creative innovation, like
abusing a as-yet-generally-unknown 0day, or some novel approach to finding
ways into a system.

If I was looking for holes, I'd pass on the MyDoom author and find out
what Lie Die Yu was doing - the kind of thinking that went into the
"Sis Step IE Remote Compromise Cache Attack" is what you want on your side.

Attachment: _bin
Description:

Current thread:

Re: sco.com Press Release Lennart Damm (Feb 02)
- Re: sco.com Press Release Valdis . Kletnieks (Feb 02)
  - Re: sco.com Press Release Nick FitzGerald (Feb 03)
- <Possible follow-ups>
- RE: sco.com Press Release Burnes, James (Feb 03)
- RE: sco.com Press Release madsaxon (Feb 03)
  - RE: sco.com Press Release Brandon Fetch (Feb 03)
    - Re: sco.com Press Release Jeremiah Cornelius (Feb 03)
- RE: sco.com Press Release Stian Holm (Feb 06)