Full Disclosure mailing list archives
Re: Sasser author
From: Tobias Weisserth <tobias () weisserth de>
Date: Thu, 13 May 2004 22:40:50 +0200
Dear van Helsing (spooky ;-)), On Thu, 2004-05-13 at 19:48, van Helsing wrote:
On Thu, 13 May 2004 07:55:01 -0700 (PDT) Andrew Morris <husky_cat () yahoo com> wrote:This must be a joke. Who, with a strait face, can believe that exploiting a buffer overflow is just the act of an inocent person using "Microsofts Features". If this is not a joke then the author must be a black hat. The comments alone indicate he/she is an MS bigot. Not that I believe MS is virtuous or the best, but exploiting a bug in any OS and then claiming that it is just a normal use of an OS's feature set is ridiculous. If anyone used the trojaned sendmail its no ones fault, just a feature right?!Maybe I'm a "blackhat" too...
Maybe indeed. We'll see, won't we?
But you're to differ STRONGLY between datamanipulation and exploiting a buffer overflow.
You're joking, right? Exploiting a buffer overflow won't be possible without manipulating data and may it be only within the system's memory. Any exploitation of a bug whatsoever won't be possible without manipulating data. This is what "exploit" means. By overwriting memory stacks and executing code that wasn't supposed to run you have already manipulated data. There isn't anything else necessary to become a "blackhat". You're a criminal already then.
In case 1 we modify something (e.g. sendmailexample). In case 2 we JUST USE the Software itselfs.
There is a German law against that as well. This is already a federal felony in Germany.
Nobody can't arrest you for the misstakes other do...
No, but you CAN be arrested for crimes you committed. And believe me, you'll BE prosecuted if you get arrested :-)
If the sasser-autor will be judged then NOT for exploiting the software.
He will be judged for breaking the German law in several cases if the prosecution is able to prove that he wrote and spread the virus.
When you're car is open and I take your Wallet it is NOT a theft.
Of course this is theft. At least by legal standards in Germany. I don't know from what banana republic you are from.
It is a pilfer without angreement.
That's just another expression for theft :-) Open a German law book and convince yourself.
That's a difference for the law! ;)
No, not at all. Leaving you door open doesn't make the crime of taking what is not yours less a theft. The same goes for computer crimes.
So if you exploit something you can't be judged for datamanipulation...
As soon as your virus changes the content of any part of the system's memory, be it the RAM or any other medium you have already manipulated data and are guilty of the corresponding crime. It's as easy as that. In order to run on the victim's computer the virus has manipulate the content of the system memory. And if I'm not mistaken it manipulates the file system when it saves itself to the hard disk so that it's still there after the next reboot. Sasser MASSIVELY manipulates data.
So we can say that exploiting something isn't a crime couse you can't be judged for the misstakes other guys make.
This is idiotic. My point stands. Prosecute the author and his partners in crime who helped him spread the thing. If there is enough solid evidence usable for the courts lock them away as long as possible according to current laws. Maybe when they get their rear-ends penetrated by other inmates in jail they'll rethink messing around with other people's systems. I hope for them they won't drop the soap in the shower... Tobias W. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Sasser author Earl Keyser (May 13)
- Re: Sasser author Andrew Morris (May 13)
- Re: Sasser author van Helsing (May 13)
- Re: Sasser author Tobias Weisserth (May 13)
- RE: Sasser author Nils Ketelsen (May 14)
- RE: Sasser author Tobias Weisserth (May 14)
- Re: Sasser author Paolo Mattiangeli (May 14)
- Re: Sasser author van Helsing (May 13)
- Re: Sasser author Andrew Morris (May 13)
- RE: Sasser author Larry Seltzer (May 13)
- Re: Sasser author morning_wood (May 13)
- Re: Sasser author Rodrigo Barbosa (May 13)
- Re: Sasser author Oliver Kellermann (May 13)