Security Incidents mailing list archives

Re: Dutch Police Arrest Kournikova Author.

From: "Jay D. Dyson" <jdyson () TREACHERY NET>
Date: Wed, 14 Feb 2001 16:45:49 -0800

-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 14 Feb 2001, Jon O. wrote:

The logic behind this escapes me. You write a virus, you get arrested.
You write an exploit, you get credited (as you very well should).

I feel that writing exploits helps keep vendors, developers, etc honest
and possibly even leads to better code. It also stimulates good
programming techniques. Wouldn't it follow that a virus is similar to an
exploit in that it uses an application in a new or unplanned way to
demostrate a weakness. This also often leads to fixing and correction of
weaknesses.

Or, should a virus be seen as someone actually attacking your servers
with an exploit? If someone writes a virus and posts it to a mailing
list in a zipped, dormant state and it gets unzipped and released into
the wild, who is responsible then?


        I think the primary difference lies in the two big D's:
dissemination and deception.  In this case, the author engaged in
deception for the original dissemination.  If he'd released it in
non-executable form on, say, the Vuln-Dev list and tossed out caveats
regarding its use, he'd have been off the hook.

        If reports thus far are correct, he distributed the worm from his
website with no warning or information regarding the actual payload.  So
basically he knew what he was doing was destructive and he went to some
lengths to conceal it.

        Therein lies his culpability.

- -Jay

   (                                                              ______
   ))  .---- "There's always time for a good cup of coffee" ----.  >===<--.
 C|~~| |--------- Jay D. Dyson -- jdyson () treachery net ---------| |   = |-'
  `--' `-There are fates worse than death; most are my hobbies.-' `-----'

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: See http://www.treachery.net/~jdyson/ for current keys.

iQCVAwUBOosYsNCClfiU/BIVAQFn6QQApejJ2N1suE1rRDqXLrTE11Z7NtFKIESc
e8/bMlFbBnrXQ+F1p4kjSPXB1ij8j6Nr6JLqUy9J1/Z60fwb4hTsrdJNX0xJ9oqj
K+RU4F1b3xuUDRZ58TFEo1QbQ22UPF486hNxJ2RtpVsduh6Y6Nfv11oYGurDCqla
VFS2Af6kSiE=
=MCAJ
-----END PGP SIGNATURE-----

Current thread:

Dutch Police Arrest Kournikova Author. Jay D. Dyson (Feb 14)
- Re: Dutch Police Arrest Kournikova Author. Marnix Petrarca (Feb 14)
  - Re: Dutch Police Arrest Kournikova Author. John Oliver (Feb 14)
- <Possible follow-ups>
- Re: Dutch Police Arrest Kournikova Author. Jay D. Dyson (Feb 14)