ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #400 [Re: Disassembled virus?] (1 message, 1256 bytes)
NOTICE: securitydigest.org recognises the rights of all third-party works.
START OF DOCUMENT
From: Theodore Ts'o <[email protected]>
Date: Sat 12:42:47 05/11/1988 EST
Subject: Re: Disassembled virus?
References: [Thread Prev: 229] [Thread Next: 052] [Message Prev: 399] [Message Next: 401]
Date: Sat, 5 Nov 88 09:30:10 EST From: [email protected] (Steven D. Miller) Now that MIT and perhaps others have disassembled the virus objects, could they make them available to others somehow? Are they already available, and did I just miss that piece of mail in the rush? Do people feel that general distribution of the main virus/worm pieces is a bad idea, due to their potentially explosive nature? After re-reading the message which I had originally sent out, it seems that it contained some misleading info about the worm disassembly effort, possibly inadvertantly slighting a lot of people who were working on cracking it. I never wanted to imply that MIT was the only site that had disassembled it. MIT and Berkeley exchanged disassembly results two or three times during that night, and I'm sure several other site had people working on it independently as well. Sigh. Sorry, if anyone was offended; chalk it up to lack of sleep. As for redistribution of the virus, what do people think? Since many people probably have at least partial disassemblies of the worm, surpressing it would probably be a difficult task. My personal feeling is that we should distribute them, since fixes to the security holes have been distributed. On the other hand, if anyone discovers any other holes, they could reuse parts of the virus to build a new one. One thing about this list: it was assembled hastily for an emergency purpose. Great thanks to Gene Spafford for creating it! As an emergency list, however, it has a large number of bad addresses on it (or shutdown mailers :-) At some point, we should retire this list, and re-create the security mailing list. While people may agree or disagree about whether the security list should be ``secure'' (and please let's not rehash all of this again here), we should remember that this list is _not_ secure. Not that this was a problem, since the more information that could be distributed on the virus, the better. But some people may disagree about whether this is appropriate for general security discussions. - Ted Ts'o
END OF DOCUMENT
|ISSN 1742-948X 01 (Online) | 2005/03/01 | Copyright 2002-2008 securitydigest.org. All rights reserved.|