[Full-Disclosure] [VirusTotal] Scan result (fwd)
joe at joesmith.homeip.net
Fri Sep 3 15:42:15 BST 2004
>>Unless for (a purely theretical) example the website would use your
>>submission to infect others
Right, that is what I'm concern about. I do not know the intension of virustotal.com, and their policy on binaries they received. The parent site (http://www.hispasec.com/) does not offer more information. I believe the intension maybe good but I have some lingering suspicion of *free* service that have you send in binary maybe the elaborate works of vx traders. (cue the conspiracy theories)
Me submitting the virus to someone count as distributing the virus (according to the lawyers). I been warn by lawyers about such things. I should add that the lawyers have no problem if I submit the sample to AV company. Its more of a CYA than anything else.
Michel Messerschmidt wrote:
>On Fri, Sep 03, 2004 at 10:43:50AM +0530, Aditya Deshmukh wrote:
>>hey if the binary is infected and does not contain any hardcoded
>>sencitive info what do u care about the owners of the website ?
>Unless for (a purely theretical) example the website would use your
>submission to infect others (perhaps with your address as sender) :-)
>Although the binary may not contain any sensitive data, it is dangerous
>in itself because it is self-replicating and thus hard to control once
>it is activated. If your are not very cautious when handling
>self-replicating code, you most likely end up sending it out to the
>So for the question how to handle possibly dangerous code
>it all comes down to "Who do you trust" ?
Full-Disclosure is hosted and sponsored by Secunia.