Re: Sasser author

[van Helsing <vh () helith net>]

On Thu, 13 May 2004 07:55:01 -0700 (PDT)
Andrew Morris <husky_cat () yahoo com> wrote:

> This must be a joke.
>
> Who, with a strait face, can believe that exploiting a
> buffer overflow is just the act of an inocent person
> using "Microsofts Features".
>
> If this is not a joke then the author must be a black
> hat. The comments alone indicate he/she is an MS
> bigot. 
>
> Not that I believe MS is virtuous or the best, but
> exploiting a bug in any OS and then claiming that it
> is just a normal use of an OS's feature set is
> ridiculous.
>
> If anyone used the trojaned sendmail its no ones
> fault, just a feature right?!

Maybe I'm a "blackhat" too...
But you're to differ STRONGLY between datamanipulation and exploiting a
buffer overflow.

In case 1 we modify something (e.g. sendmailexample).
In case 2 we JUST USE the Software itselfs.
Nobody can't arrest you for the misstakes other do...

If the sasser-autor will be judged then NOT for exploiting the software.
When you're car is open and I take your Wallet it is NOT a theft.
It is a pilfer without angreement.
That's a difference for the law! ;)

So if you exploit something you can't be judged for datamanipulation...
So we can say that exploiting something isn't a crime couse you can't be
judged for the misstakes other guys make.


vh

Attachment: _bin
Description: