The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #069 [Re: Disassembled virus?] (1 message, 889 bytes)
NOTICE: recognises the rights of all third-party works.


From: rick@seismo.CSS.GOV (Rick Adams)
To: phage
Date: Sun 00:19:46 06/11/1988 EST
Subject: Re: Disassembled virus?
References: [Thread Prev: 059] [Thread Next: 074] [Message Prev: 068] [Message Next: 070]

Keith, I rarely disagree with you this strongly, but frankly I'm rather
pissed off at you.

I and probably at least a dozen other people on this list are quite capable
of decompiling the virus without your help. I am also quite capable of
writing one from scratch that's a least as good and probably better.
(I, for example, would be damned sure to attack ftpd with you know

The challenge, from my point of view would be to do it so that I
couldn't be traced. Writing the actual virus is childs play by

This "trust me, I know whats good for you" attitude is something I
would expect from IBM or ATT, but not Berkeley.

Why don't you stop the rest of us from wasting their valuable time
duplicating work that you have already done.

We're adults. Really.

The truly comical part is you actually think that keeping the
source to your self makes any difference.

One of the basic tenets of computer security is that security
through obscurity DOES NOT WORK.

Now I'm tempted to submit a paper to the next USENIX conference
that goes into explicit detail about how best to write a
virus for Berkeley UNIX. It would be my way of "flipping you off".