Re: Sasser or other nasty worm needed

[Rick <optik () wccnet org>]

On Mon, 27 Nov 2006, Valdis.Kletnieks () vt edu wrote:

> > so when you go to mcdonalds and hand over your $5 for your MCbig meal, do
> > you consider the repercussions of supporting an industry which pays low
> > wages, is under-staffed, and promotes world-hunger by using enough grain
> > to feed a continent, etc...?
>
> WTF does that have to do with the topic?  Unless you want to make the point
> that often, the McDonald's staff fails to use a level of food-preparation
> hygiene that matches the computer-security hygiene requirements to work with
> known malware?

it seemed to me that you were arguing a reason for not distributing the 
binary was "the guy is" (not) "clued enough to run a 'closed lab' without 
screwing up..." making this a 'we shouldn't support this because we 
do not know this person is responsible' approach. so the context of my 
statement relates to consistency of accountability.

> > do *you* know where to find a copy?
> Yes.
> > did you always?
> Yes.

i'm sorry, but i have a hard time believing this.

> > have you always been able to configure a network to talk via EIGRP?
> No, because when I first got on the net, RFC1058 was still 4 years in the
> future. So it wasn't "always" possible, because the option didn't always
> exist.

and once it did there was a point in time in which you learned. you 
learned because you had access to information. somone else provided this 
information.

> > > There are a lot of people who are of the opinion that "if you have to ask
> > > where to find a copy of Sasser, you're not clued enough to be trusted with
> > > a copy".
> >
> > perhaps the next time you need a doctor, the one you find will laugh at
> > you with the same sense of elitism you demonstrate.
>
> Did I say I was one of the lot of people? Did you notice that I was
> replying *in the context of KF's comments* saying "It's cool because it's
> in a closed lab?"

i must've missed that part. i jumped into this because i was once a 
student at university who benefited from this type of 'closed lab learning 
environment.'

you are absolutely correct that something could go wrong, but fear of 
failure ought not keep one from trying. i'm reminded of Roosevelt's 
saying:

""It is not the critic who counts: not the man who points out how the 
strong man stumbles or where the doer of deeds could have done better. The 
credit belongs to the man who is actually in the arena, whose face is 
marred by dust and sweat and blood, who strives valiantly, who errs and 
comes up short again and again, because there is no effort without error 
or shortcoming, but who knows the great enthusiasms, the great devotions, 
who spends himself for a worthy cause; who, at the best, knows, in the 
end, the triumph of high achievement, and who, at the worst, if he fails, 
at least he fails while daring greatly, so that his place shall never be 
with those cold and timid souls who knew neither victory nor defeat."



cheers,

Rick

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/