Full Disclosure mailing list archives
Re: How often are IE security holes exploited?
From: gobbbles () hushmail com
Date: Thu, 12 Dec 2002 22:20:06 -0800
-----BEGIN PGP SIGNED MESSAGE----- Richard M. Smith wrote:
Has anyone ever looked into how often security holes in Internet Explorer are actually used in viruses, worms, Trojan horses, and other malware? My sense is that very few of them are actually used in the wild.
If you look at "hacker kit" codes which would do this... The question is, how can they be detected, if they are not detected by any user? How will anti-virus learn of it, if the trojaned exploit code is unknown to them and no user has found it? Or, what if that user browses pedophile newsgroups and mailing lists? Would they be so anxious to report a trojan on their system? And, how would they ever figure out how they got it? Was it spam email number 76876, or maybe website number 565579? And, why wouldn't someone want to be able to say... target all neo-nazi's reading alt.politics.white-power... if they realize they have their whole audience right there in the newsgroup? Or, what about that company that has all of its' employees firewalled? Kind of conveniant way to grab a few of them to make one's way into the system. Also, as you may have noticed, email is rather insecure/private/can be really hard to trace. Especially if you use enough proxies and then feed it through your most paranoid remailer. Lamont Cranston "My names in the book, look it up" -----BEGIN PGP SIGNATURE----- Version: Hush 2.2 (Java) Note: This signature can be verified at https://www.hushtools.com/verify wl0EARECAB0FAj35fJIWHGdvYmJibGVzQGh1c2htYWlsLmNvbQAKCRCLwwkA1HDM9XFz AJ99jvYJa/sSiWyFBtK984qToeYF+gCfduGV4EuSCWum9Pu70x6XV+q7e/0= =LHb9 -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get FREE encrypted email: https://www.hushmail.com/?l=2 Big $$$ to be made with the HushMail Affiliate Program: https://www.hushmail.com/about.php?subloc=affiliate&l=427 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- How often are IE security holes exploited? Richard M. Smith (Dec 12)
- Re: How often are IE security holes exploited? Blue Boar (Dec 12)
- Re: How often are IE security holes exploited? zeno (Dec 12)
- Re: How often are IE security holes exploited? Nick FitzGerald (Dec 12)
- Re: How often are IE security holes exploited? Blue Boar (Dec 13)
- <Possible follow-ups>
- RE: How often are IE security holes exploited? Schmehl, Paul L (Dec 12)
- RE: How often are IE security holes exploited? Richard M. Smith (Dec 12)
- RE: How often are IE security holes exploited? Nick FitzGerald (Dec 13)
- RE: How often are IE security holes exploited? Richard M. Smith (Dec 12)
- Re: How often are IE security holes exploited? gobbbles (Dec 13)
- RE: How often are IE security holes exploited? Schmehl, Paul L (Dec 13)
- Re: How often are IE security holes exploited? Blue Boar (Dec 12)