Re: Re: Help put a stop to incompetent computerforensics

[ASB <abaker () gmail com>]

Hey Jason, you really have to make up your mind about whether the old 
definition is archaic and thus obsolete, or if we should be using the 
original definition from Homer. You can't keep flopping back and forth like 
you're running for a major political office.
 A trojan is well-understood (by everyone else) to be software that pretends 
to have some useful, noble or benign purpose, but carries with it some other 
malignant function. It is one of the most frequently used vehicles for 
backdoors, but in and of itself, and Trojan is not necessarily a Backdoor.
 Just because the mainstream media misuses malware terms such as virus, 
worm, and trojan doesn't mean we have to sit playing semantics on a 50-post 
thread -- alternating between "understood" and "original" meanings. Your 
posts have been even more ironic given the thread title you used, and your 
original complaint.
  -ASB
 FAST, CHEAP, SECURE: Pick Any TWO
 http://www.ultratech-llc.com/KB/


 On 8/10/05, Jason Coombs <jasonc () science org> wrote: 
> Chuck Fullerton wrote:
> > "A Trojan horse is a program that appears to have some useful or benign
> > purpose, but really masks some hidden malicious functionality."
> >
> > "A Backdoor is a program that allows attackers to bypass normal security
> > controls on a system, gaining access on the attacker's own terms."
>
> Here's an example of a completely flawed explanation of the origin of
> the term. The definition given claims that the warriors emerged from the
> horse and only those warriors overran the city. Obviously that isn't
> what happened in the Iliad, the Trojan Horse was used to get further
> access for other warriors. Furthermore, "overran the city" means of
> course that the Trojan Horse was used for the purpose of gaining control
> of the city, regardless of which warriors accomplished the objective.
>
> Most (but not all) of you are suggesting that the only thing that
> matters is what the definitions say, and that's not the right way to
> look at this issue. A program that does something malicious when used is
> not a Trojan unless its malicious purpose fits with the story of the
> Trojan Horse as it is understood by non-computer people. This is why we
> don't call spyware Trojans any longer -- a distinction has been drawn,
> and that distinction has overrun the past usage of the term.
>
>
> http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci213221,00.html
>
> In computers, a Trojan horse is a program in which malicious or harmful
> code is contained inside apparently harmless programming or data in such
> a way that it can get control and do its chosen form of damage, such as
> ruining the file allocation table on your hard disk. In one celebrated
> case, a Trojan horse was a program that was supposed to find and destroy
> computer viruses. A Trojan horse may be widely redistributed as part of
> a computer virus.
>
> The term comes from Greek mythology about the Trojan War, as told in the
> Aeneid by Virgil and mentioned in the Odyssey by Homer. According to
> legend, the Greeks presented the citizens of Troy with a large wooden
> horse in which they had secretly hidden their warriors. During the
> night, the warriors emerged from the wooden horse and overran the city.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/