Full Disclosure mailing list archives
Re: Re: Help put a stop to incompetent computer forensics
From: Jason Coombs <jasonc () science org>
Date: Wed, 10 Aug 2005 14:52:50 -1000
Thierry Zoller wrote:
JC> Because Trojan horses often have JC> these harmful functions, there often arises the misunderstanding that ^^^^^ ^^^^^^^^^^^^^^^^ JC> such functions define a Trojan Horse. Please read what you just posted, it directly contradicts what that wikipedia author wrote 2 lines above that. That wikipedia article can be trashed.
It is not a misunderstanding. The definition of Trojan has very clearly been relegated to the malware that forces open a means of unauthorized or hidden access or remote control, i.e. a backdoor. I understand your point that Trojan had a broader definition in the past, but that is in the past. Archaic. The Wikipedia entry is instructive to illustrate that there is so often a "misunderstanding" in present usage that the older definition is no longer correct.
We won't succeed in attempts to convince millions of people that a Trojan Horse is also a gift that contains a nuclear bomb inside that will nuke your house after you accept it. That's not a Trojan, that's a bomb, even if it is a Greek wooden horse. It just doesn't matter that in the past the industry had not yet come to realize that it needed a different term for spyware. We have it now, so there's no looking back.
Thanks for helping me understand your viewpoint. I've never met anyone who thinks of a Trojan the way that you do, and the common usage even by infosec industry professionals clouded my brain so badly that at no time did I perceive the classic definitions you and others have cited to imply anything other than the context in which the term is used today. The bad acts that the Trojan performs, in my mind, must be in connection with some attempt to give the Trojan author further, future access to systems or to the data they contain.
I'm not saying that you're wrong. I'm saying you have far too much experience and expertise, and all that knowledge is causing you to fail to see the forest for the trees. Common people's common sense has changed the definition of Trojan, pure and simple.
Nobody today would avoid using the term spyware just because the term Trojan was the way in which that malware would have been labeled in the past. As I said, everyone I know understands what a Trojan is, and their understanding is not what you suggest it should be.
Sincerely, Jason Coombs jasonc () science org _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Help put a stop to incompetent computer forensics Jason Coombs (Aug 10)
- Re: Re: Help put a stop to incompetent computer forensics Thierry Zoller (Aug 10)
- Re: Re: Help put a stop to incompetent computer forensics Jason Coombs (Aug 10)
- Re: Re: Help put a stop to incompetent computer forensics Thierry Zoller (Aug 10)
- Message not available
- Re: Re: Help put a stop to incompetent computer forensics Jason Coombs (Aug 10)
- Re: Re: Help put a stop to incompetent computer forensics Erik Kamerling (Aug 10)
- Re: Re: Help put a stop to incompetent computer forensics Jason Coombs (Aug 10)
- Re: Re: Help put a stop to incompetent computer forensics Thierry Zoller (Aug 10)
- Re: Re: Help put a stop to incompetent computer forensics Jason Coombs (Aug 10)
- Re: Re: Help put a stop to incompetent computer forensics Technica Forensis (Aug 10)
- Message not available
- Re: Re: Help put a stop to incompetent computer forensics Jason Coombs (Aug 10)
- RE: Re: Help put a stop to incompetent computerforensics Chuck Fullerton (Aug 10)
- Re: Re: Help put a stop to incompetent computer forensics Jason Coombs (Aug 10)
- Re: Re: Help put a stop to incompetent computer forensics Thierry Zoller (Aug 10)
- Re: Re: Help put a stop to incompetent computer forensics J.A. Terranson (Aug 12)
- Re: Re: Help put a stop to incompetent computer forensics Donald J. Ankney (Aug 10)
- RE: Re: Help put a stop to incompetent computerforensics hummer (Aug 10)
- Re: Re: Help put a stop to incompetent computer forensics Jason Coombs (Aug 10)
- RE: Re: Help put a stop to incompetent computerforensics Chuck Fullerton (Aug 10)
- Re: Re: Help put a stop to incompetent computer forensics Nick FitzGerald (Aug 11)
- Re: Re: Help put a stop to incompetent computer forensics Blue Boar (Aug 10)