Hey all, Well a very interesting discussion indeed, but I don't want to fill up vuln-dev'ers mailboxes with polical debate, thx to BB for letting us thrash it out for a bit longer. I shall try and be brief. I agree, I think I was too hasty to say "lets let this loose becuase it's cool" LOL, defintly not a good enough reason, however AVV in my book definetly has a future and much thought needs to be given to any release. 1. I very much respect Der HexXer and Markus Kern for their effort and talent for coding, somebody was bound to have releaseed something like this to the public and I am very fortunate to have the opprotunity to read thier code and thank them. IF the law were to go after them I am exessivly dissapointed, software like this is like a tool as far as i'm concerned, if somebody throws a hammer through my window do I chase the person who threw it, or chase the manufacturer of the hammer ? (I feel sorry for Dmitry Sklyarov, down with DMCA and cyber-treaty.) This does not have malicious intenet and is a great solution to a pain in the ass problem which is still filling up my logs and as Ron DuFresne points out contacting admins is sometimes as useless as the tits on a bull. 2. I do not like the idea of M$ or Symantec doing something like this.. not sure why, just gut intinct does not trust large corps, especially if the worm is closed source. I admit a worm like this (any worm) is dangerous and may have unforseen affects, though I must say I like passive infection as it does not consume exessive bandwidth. I am curious to see the impact of the relase in the wild of code green. Here is my outline for the release of AVV (Anti Virus Virri). 1. There must be a certain amount of time for a malicious worm to be out in the wild to allow those with a clue to patch their boxes, I suggest 1-2 months depending on the severity of the worm/virus. 2. AVV MUST be open source. 3. AVV MUST use passive/retalitory infection. 4. The code should be a community effort. 5. AVV MUST have an expiry date (suggest 3 months from release). 6. Due to laws in place obviously the worm should be released in a country that does not have hacking laws. .MetsyS.
This archive was generated by hypermail 2b30 : Thu Sep 06 2001 - 15:42:04 PDT