Re: Re: The end is nigh: first true MMS mobile worm in the wild

[Nick FitzGerald <nick () virus-l demon co uk>]

Feher Tamas wrote:

> There are two alternative definitons for a computer worm:
>
> A., A malicious piece of code that replicates between
> systems by creating new objects on the system to be
> infected, as opposed to embedding itself in already existing
> objects (a virus does this).
>
> B., A worm is something that spreads between infected
> systems over the network, either directly (e.g. SQL-worm) or
> by way of a higher protocol (e. g. SMTP e-mail worm). In
> contrast a virus spreads between objects, via physical data
> storage media when jumping from one machine to another.

Stop re-writing history how you think it is.

I know of at least one more set of definitions for "computer worm" that 
neither requires networks nor multiple systems, so your claim that the 
above are _the_ definitions is clearly wrong.

I also know quite a number of significant, technical folk (many of the  
core, "old school" AV researchers) who broadly agree with your outline 
in definition B but draw the line somewhere before "Email worms", 
considering them to be viruses.

The important thing to take from this is that there is not an agreed, 
or even vaguely agreed technical definition of worm, so if you want to 
be precise or technically accurate you will avoid using the term 
altogether, or use it sparingly and then, typically, in scare quotes.


-- 
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3267092

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/