Full Disclosure mailing list archives
Re: sco.com Press Release
From: Valdis.Kletnieks () vt edu
Date: Mon, 02 Feb 2004 12:29:33 -0500
On Mon, 02 Feb 2004 11:57:14 EST, Lennart Damm <lennart.damm () excite com> said:
The MyDoom author should be an asset to any security company fighting this kind of attacks. Or maybe he already is. I would not hesitate employing him to do the analysis and synthesis of the obvious 3G vulnerabilities built into UMTS, etc. Approaching 1 billion cell phone users there will be a new risk landscape - much more demanding than the current one.
This would be true if MyDoom showed any really creative innovation, like abusing a as-yet-generally-unknown 0day, or some novel approach to finding ways into a system. If I was looking for holes, I'd pass on the MyDoom author and find out what Lie Die Yu was doing - the kind of thinking that went into the "Sis Step IE Remote Compromise Cache Attack" is what you want on your side.
Attachment:
_bin
Description:
Current thread:
- Re: sco.com Press Release Lennart Damm (Feb 02)
- Re: sco.com Press Release Valdis . Kletnieks (Feb 02)
- Re: sco.com Press Release Nick FitzGerald (Feb 03)
- <Possible follow-ups>
- RE: sco.com Press Release Burnes, James (Feb 03)
- RE: sco.com Press Release madsaxon (Feb 03)
- RE: sco.com Press Release Brandon Fetch (Feb 03)
- Re: sco.com Press Release Jeremiah Cornelius (Feb 03)
- RE: sco.com Press Release Brandon Fetch (Feb 03)
- RE: sco.com Press Release Stian Holm (Feb 06)
- Re: sco.com Press Release Valdis . Kletnieks (Feb 02)