Full Disclosure mailing list archives
Re: Scandal: IT Security firm hires the author of Sasser worm
From: Ali Campbell <fdisclosure () alicampbell org uk>
Date: Mon, 20 Sep 2004 20:04:12 +0100
Bart.Lansing () kohls com wrote:
Face it, people who can break security are valuable to those trying to create it.
I would agree with you if this guy had discovered the LSASS vulnerability himself. But if I remember correctly, it was discovered by those clever people at eeye. Now I don't consider myself to be the ultimate coder - the minutae of the Linux do_brk exploit, for example, went way over my head - but I reckon I could have written Sasser given the details of the vulnerability. Writing a worm for a known exploit isn't rocket science.
So yes, I think this is a slap in the face to decent, law abiding programmers everywhere, particularly those who don't have a job.
Ali _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Scandal: IT Security firm hires the author of Sasser worm, (continued)
- RE: Scandal: IT Security firm hires the author of Sasser worm Michael Simpson (Sep 20)
- Re: Scandal: IT Security firm hires the author of Sasser worm Samir Kelekar (Sep 20)
- RE: Scandal: IT Security firm hires the author of Sasser worm Fred Newtz (Sep 20)
- RE: Scandal: IT Security firm hires the author of Sasser worm Paul Schmehl (Sep 20)
- Re: Scandal: IT Security firm hires the author of Sasser worm Jack Repenning (Sep 20)
- Re: Scandal: IT Security firm hires the author of Sasser worm ASB (Sep 20)
- Re: Scandal: IT Security firm hires the author of Sasser worm Jim Race (Sep 21)
- RE: Scandal: IT Security firm hires the author of Sasser worm Todd Towles (Sep 20)
- Re: Scandal: IT Security firm hires the author of Sasser worm KF_lists (Sep 20)
- RE: Scandal: IT Security firm hires the author of Sasser worm Bart . Lansing (Sep 20)
- Re: Scandal: IT Security firm hires the author of Sasser worm Ali Campbell (Sep 20)
- RE: Scandal: IT Security firm hires the author of Sasser worm Harlan Carvey (Sep 20)
- RE: Scandal: IT Security firm hires the author of Sasser worm Larry Seltzer (Sep 20)
- Re: Scandal: IT Security firm hires the author of Sasser worm Barry Fitzgerald (Sep 21)
- RE: Scandal: IT Security firm hires the author of Sasser worm Larry Seltzer (Sep 21)
- RE: Scandal: IT Security firm hires the author of Sasser worm Henrik Persson (Sep 21)
- RE: Scandal: IT Security firm hires the author of Sasser worm ktabic (Sep 21)
- RE: Scandal: IT Security firm hires the author of Sasser worm Harlan Carvey (Sep 21)
- RE: Scandal: IT Security firm hires the author of Sasser worm ktabic (Sep 21)
- RE: Scandal: IT Security firm hires the author of Sasser worm jamie fisher (Sep 21)
- Re: Scandal: IT Security firm hires the author of Sasser worm ph0enix (Sep 21)