RE: Rootkit For Spyware? Hide your adware from

[James.Cupps () sappi com]

Skill is skill. You are right in that they are two different skill sets but
most of the people that would have the ability to do one are also capable of
the other. 

 

Logically you are right. One does not lead to the other.  It is inaccurate
inductive (specific to general [did I do that right]) reasoning. 

 

That said I am willing to bet that if they are able to actually write a kit
they would be able to eventually track down someone selling them on the web.
If they wanted to put enough time to it that is. 

 

Besides I was just musing. Sorry for the hot air.

James Cupps
Information Security Officer



-----Original Message-----
From: Harlan Carvey [mailto:keydet89 () yahoo com] 
Sent: Thursday, September 23, 2004 10:48 AM
To: Cupps, James
Subject: RE: [Full-disclosure] Rootkit For Spyware? Hide your adware from

 

Fine, but what's the correlation between being able to
write a rootkit, and being able to track someone
across the Internet?

--- James.Cupps () sappi com wrote:

> True, points taken.
>
>
>
> James Cupps
> Information Security Officer
>
>
>
> -----Original Message-----
> From: Harlan Carvey [mailto:keydet89 () yahoo com <mailto:keydet89 () yahoo com>
]
> Sent: Thursday, September 23, 2004 9:38 AM
> To: full-disclosure () lists netsys com
> Cc: Cupps, James; avalon () cairo anu edu au
> Subject: RE: [Full-disclosure] Rootkit For Spyware?
> Hide your adware from
>
>
>
>
>
> > It depends on which kit they based it on. My guess
> > is these guys weren't
> > good enough to do the coding themselves so they
> > stole someone else's code.
>
> That, or they're learning (rootkit coding training
> via
> Blackhat), or they're simply purchasing it (there
> are
> folks who do custom rootkit coding for hire).
>
> > Of course I can' t think of any rootkits under any
> > kind of license so I
> > guess it isn't really stealing. Maybe the kits'
> > authors should track these
> > bozo's down and ask for some compensation. They
> are
> > probably good enough to find them.
>
> I don't see a correlation between coding and
> tracking
> someone down.  Also, as stated, there are some who
> are
> already writing rootkits for pay.
>
> This message may contain information which is
> private, privileged or
> confidential and is intended solely for the use of
> the individual or entity
> named in the message. If you are not the intended
> recipient of this message,
> please notify the sender thereof and destroy /
> delete the message. Neither
> the sender nor Sappi Limited (including its
> subsidiaries and associated
> companies) shall incur any liability resulting
> directly or indirectly from
> accessing any of the attached files which may
> contain a virus or the like.

This message may contain information which is private, privileged or
confidential and is intended solely for the use of the individual or entity
named in the message. If you are not the intended recipient of this message,
please notify the sender thereof and destroy / delete the message. Neither
the sender nor Sappi Limited (including its subsidiaries and associated
companies) shall incur any liability resulting directly or indirectly from
accessing any of the attached files which may contain a virus or the like.