Full Disclosure mailing list archives
RE: Culprit Bio: Perfect Storm Averted or Just Ahead?
From: <Glenn_Everhart () bankone com>
Date: Thu, 29 Jan 2004 15:09:53 -0500
Maybe so, but forth isn't that hard to learn, there are free ones out there, and if a virus kit someone found had a forth interpreter in it, maybe our writer decided to learn. Also, if you want to hide identity, changing the name in all files is the first thing you do, preferably with some tool that will just go and replace all instances of "ivan" with "andy" (for example). What old examples of forth for virii exist? Thought it rings a bell but I don't recall what exactly the example was. -----Original Message----- From: Clairmont, Jan [mailto:JMC13 () mail3 cs state ny us] Sent: Thursday, January 29, 2004 1:04 PM To: 'full-disclosure () lists netsys com' Subject: RE: [Full-disclosure] Culprit Bio: Perfect Storm Averted or Just Ahead? I thought about the CVS as a red-herring but Ego, these guys want to see their name in lights. But again don't track the leads, we have no clues. Believe me at the Forth Conference in 1983, there were only about 50 people. So I would put a 10 dollar bill that the guy was there. Who uses forth to hack bios? If there are a 1000 Forth programmers in the world I would be surprised. They would need communications knowledge, programming, being one myself there are not too many of those. This narrows the gene pool significantly if anyone in the know is searching. I was hacked by some bozo in 1987, and they caught the guy and he got 5 years. AM I sorry he got caught NOOO. Having my system hacked is like soemone coming into my unlocked apartment fouling up the place and leaving. They should be prosecuted and sent away. It is hard enough to get work done in the world without these saboteurs around. Did you ever work days or years on something and have it destroyed by some disgruntled bozo, that is malicious and heinous. I have noooo sympathy. -----Original Message----- From: Frank Knobbe [mailto:frank () knobbe us] Sent: Thursday, January 29, 2004 12:25 PM To: Clairmont, Jan Cc: full-disclosure () lists netsys com Subject: RE: [Full-disclosure] Culprit Bio: Perfect Storm Averted or Just Ahead? On Thu, 2004-01-29 at 09:06, Clairmont, Jan wrote:
There is the CVS tag that mentions Andy. So there is an association with Andy and Forth.
Unless of course Ivan added that intentionally to throw you off course. You just swallowed hook, line, and CVS tag. Regards, Frank _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ********************************************************************** This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you ********************************************************************** _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Culprit Bio: Perfect Storm Averted or Just Ahead? Glenn_Everhart (Jan 29)