Re: [VirusTotal] Scan result (fwd)

[Barry Fitzgerald <bkfsec () sdf lonestar org>]

Michel Messerschmidt wrote:

> On Fri, Sep 03, 2004 at 10:43:50AM +0530, Aditya Deshmukh wrote:
>  
>
> > hey if the binary is infected and does not contain any hardcoded 
> > sencitive info what do u care about the owners of the website ? 
> >    
>
> Unless for (a purely theretical) example the website would use your 
> submission to infect others (perhaps with your address as sender) :-) 
> Although the binary may not contain any sensitive data, it is dangerous 
> in itself because it is self-replicating and thus hard to control once 
> it is activated. If your are not very cautious when handling 
> self-replicating code, you most likely end up sending it out to the 
> world.
>
> So for the question how to handle possibly dangerous code 
> it all comes down to "Who do you trust" ?
>
>  
Or, potentially, use the fact that you're infected with something 
against you.  Like, say, holding a red flag up saying that you're 
backdoored.

I have no evidence to suggest that that's what's going on -- just 
bringing it up as something someone can possibly gain from a submission 
of this type.

            -Barry

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html