[Full-Disclosure] MyDoom.b samples taken down
b.griffin at cqu.edu.au
Mon Feb 2 02:09:43 GMT 2004
Over the past weekend I've seen discussion about the stupidity of
posting direct links to live virus code, the spam value of 'your
computer is infected and we found it!' messages by poorly designed
notification software in a/v applications and a running commentary on
how long SCO is and will be down for. Seeing as the group is now a
free-form multi-topic group, I propose we start discussing the
difference between Microsoft Office and Open Office so we can fully
disclose our feelings about same...or we could drag ourselves back to
full disclosure and move on from what our opinions are in regards to
SCO/MYDOOM/(place your least favourite av company here).
...but, for my devalued two cents:
1: posting live code is not very clever, especially considering live
virus code is usually available from other dubious sources anyway (and
the flak you receive for posting links/code isn't worth it).
2: notification e-mail from anti-virus software is just a 'feature' that
served a purpose (arguably) a few years ago. Now that the average worm
uses spoofing, the notification features should be removed. We don't
need more UE flooding inboxes.
3: SCO is down and will be until it is back up. Get over it gang, we all
knew it would happen, why bother with a minute by minute account...
"SCO is down..."
"Yep, SCO is down..."
"Uh-hu, still down..."
"mmmm, SCO is down..."
"Dang, SCO is *still* down..."
Please flame me off-list, full-disclosure doesn't mean you have to post
your every thought to the public list.
> -----Original Message-----
> From: Valdis.Kletnieks at vt.edu [mailto:Valdis.Kletnieks at vt.edu]
> Sent: Monday, February 02, 2004 11:34 AM
> To: Paul Schmehl
> Cc: full-disclosure at lists.netsys.com
> Subject: Re: [Full-Disclosure] MyDoom.b samples taken down
> On Sun, 01 Feb 2004 19:17:01 CST, Paul Schmehl
> <pauls at utdallas.edu> said:
> > Then how do you explain F-Prot's recent article condemning other AV
> > companies for doing the "spamvertising" you complain about? The AV
> > industry is not mono-lithic and there are many internal
> > that the public are never privy to.
> One company finally breaks ranks two or three *years* after
> it's recognized that it's a problem.
> Please name the other top-10 A/V companies that followed
> F-Prot's lead in fixing this issue in their products.
Full-Disclosure is hosted and sponsored by Secunia.