Firewall Wizards mailing list archives
Re: Y2K trojans, and outsourcing...
From: "Henry" <hsieff () orthodon com>
Date: Mon, 19 Jul 1999 02:13:14 -0500
-----Original Message----- From: Shappard, Richard, A (Rich) <rashappard () att com> To: firewall-wizards () nfr net <firewall-wizards () nfr net> Date: Sunday, July 18, 1999 3:19 PM Subject: RE: Y2K trojans, and outsourcing...
The only Trojans that the reporters at NBC know anything about come in foil packages. If you rely on the lamestream media for your technology news you're in deep trouble. Did they happen to provide any references to this rumor?
Saw the bit they did; essentially its a problem of insufficient background checks for the code crunchers who have been brought in. No exploits have been found so far, but they had a few fairly respectable professionals (including someone from l0pht) talking about how they SHOULD'VE been more careful. I would have to agree, although I think as usual the media is jumping on the glamourous hacker chic bandwagon on this one. The $1 billion figure was a complete "guestimate", and as I said, no one's actually discovered a trojan or a backdoor. However, I know of a few companies where consultants have been hired without the sort of background checks you would normally give for people who get to directly handle code. If a company has a decent security policy in place to begin with, it really shouldn't be a problem. -- Henry Sieff Network Administrator Orthodontic Centers of America (504) 834-4392 ext. 135
Rich Shappard Client Technical Associate Global Client Support Center AT&T Solutions -----Original Message----- From: R. DuFresne [mailto:dufresne () sysinfo com] Sent: Friday, July 16, 1999 7:01 PM To: firewall-wizards () nfr net Subject: Y2K trojans, and outsourcing... The national news for NBC ran an interesting topic tonight; Estimating that some company/industry faces a loss potential of a billion or more at least, due to a backdooring trojan inserted by one or more consultants brought in to fix the Y2K problem... Thanks, Ron DuFresne -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior consultant: darkstar.sysinfo.com http://darkstar.sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too!
Current thread:
- Y2K trojans, and outsourcing... R. DuFresne (Jul 16)
- <Possible follow-ups>
- RE: Y2K trojans, and outsourcing... Shappard, Richard, A (Rich) (Jul 18)
- Re: Y2K trojans, and outsourcing... Patrick Oonk (Jul 19)
- RE: Y2K trojans, and outsourcing... Cohen Liota (Jul 20)
- Re: Y2K trojans, and outsourcing... Henry (Jul 19)
- Re: Y2K trojans, and outsourcing... R. DuFresne (Jul 19)
- RE: Y2K trojans, and outsourcing... sean . kelly (Jul 19)
- Re: Y2K trojans, and outsourcing... Joseph S D Yao (Jul 20)
- RE: Y2K trojans, and outsourcing... Bill Stout (Jul 19)
- RE: Y2K trojans, and outsourcing... Henry Sieff (Jul 19)
- RE: Y2K trojans, and outsourcing... Alan Lustiger (Jul 19)
- RE: Y2K trojans, and outsourcing... Marcus J. Ranum (Jul 19)
- Re: Y2K trojans, and outsourcing... Steven M. Bellovin (Jul 20)
- RE: Y2K trojans, and outsourcing... Bill_Royds (Jul 20)
- Re: Y2K trojans, and outsourcing... Ryan Russell (Jul 21)