RE: write viruses? it's controversy time of the month

[Blanchard_Michael () emc com]

Oops, maybe it was lovebug...one of the viruses/worms around that time
period was said to be accidentally released.  I can't remember, thought it
was Mellisa that was accidentally released, I was incorrect :-(

  irregardless of which virus, writing them is wrong, willfully releasing
them, doublely so.  Accidentally releasing them just proves that the writer
really doesn't know what they're doing and certainly shouldn't have been
playing with them to begin with..... 

  So what about nachi?  The supposed "good worm" to remove Blaster
infections and apply ms03-026 Microsoft patch?  Nachi caused WAY more damage
that I've seen than blaster did.... 

  Mike B


Michael P. Blanchard 
Antivirus / Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE
Office of Information Security & Risk Management 
EMC ² Corporation 
4400 Computer Dr. 
Westboro, MA 01580 


-----Original Message-----
From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On
Behalf Of Richard M. Smith
Sent: Tuesday, August 29, 2006 6:04 PM
To: funsec () linuxbox org
Subject: RE: [funsec] write viruses? it's controversy time of the month

Huh?

Court papers: Smith admits to creating Melissa virus
http://news.com.com/Court+papers+Smith+admits+to+creating+Melissa+virus/2100
-1023_3-230256.html

Smith admitted to writing the "Melissa" macro virus, illegally accessing
America Online for the purpose of posting the virus onto the Internet, and
destroying the personal computer he used to post the virus, Bubb stated. 

The AOL account used to spread VicodinES viruses was skyroket () aol com.
Google Groups still finds some of these virus spreading postings that were
done about a year before Melissa:  

http://tinyurl.com/zs3py

Richard 

-----Original Message-----
From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On
Behalf Of Blanchard_Michael () emc com
Sent: Tuesday, August 29, 2006 5:53 PM
To: Valdis.Kletnieks () vt edu; ge () linuxbox org
Cc: funsec () linuxbox org
Subject: RE: [funsec] write viruses? it's controversy time of the month

What about writing a virus, but never intending for it to get out, but it
gets out?  Um, Melissa anyone?

I'm not gunna touch it any further though, I have a cell phone to throw!
:-)

Michael P. Blanchard 
Antivirus / Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE
Office of Information Security & Risk Management 
EMC ² Corporation 
4400 Computer Dr. 
Westboro, MA 01580 
 

-----Original Message-----
From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On
Behalf Of Valdis.Kletnieks () vt edu
Sent: Tuesday, August 29, 2006 5:28 PM
To: Gadi Evron
Cc: funsec () linuxbox org
Subject: Re: [funsec] write viruses? it's controversy time of the month

On Tue, 29 Aug 2006 16:13:49 CDT, Gadi Evron said:
> http://www.heise-security.co.uk/articles/77440
>
> Okay, so, who wants to shout writing viruses is bad, first?

Releasing viruses is bad.

Keeping a stockpile of viruses under conditions that they may escape
is bad - and it doesn't matter if you wrote them or collected them.
You may have collected a rare virus that hasn't been seen yet by A/V
signature writers - or you may write viruses that intentionally are
detected by current scanners.  So the moral injunction is to not release
undetectable viruses, no matter what source.

Writing a non-released virus?  That's a black box by definition, and
morally neutral.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.