Re: US Customs vs the pirates

["Tomas L. Byrnes" <tomb () byrneit net>]

> -----Original Message-----
> From: Valdis.Kletnieks () vt edu [mailto:Valdis.Kletnieks () vt edu]
> Sent: Tuesday, July 06, 2010 7:56 PM
> To: Tomas L. Byrnes
> Cc: rMslade () shaw ca; funsec () linuxbox org
> Subject: Re: [funsec] US Customs vs the pirates
>
> On Tue, 06 Jul 2010 17:47:10 PDT, "Tomas L. Byrnes" said:
>
> > Everyone here does know that torrents are used to distribute
malware,
> > often in oddball packages, such as movies that download "codecs"
that
> > are Trojans, right?
>
> Everybody also knows that the copyright mafia hired companies to
upload
> intentionally corrupted torrents with the names of popular torrent
> targets, right?
>
> I wonder if some copyright nazi had a brillant(1) idea of
malware-laden
> torrents to make people not do it - and if so, is there an interesting
> class-action lawsuit just waiting to happen there?
 

[Tomas L. Byrnes] 
I've been more concerned with the payloads of the types of torrents
no-one would complain about being infected by (non general interest
sort, the average collector of which is probably not the most
cyber-secure on the planet), which are generally pre-0 day tests of a
given exploit. I'm particularly interested in the call-home
(payload/code download IP address) of those infectors.

I accept your argument, but I have no interest in that particular area
of research, or course of action.

Remember, I'm working on blocking the currently active IP addresses. My
research is always focused on two things: new ways of detecting them,
and how to minimize false positives (usually by getting the aging
function right).

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.