RE: What to do with a vulerability?

From: Oliver Lavery (oliver.laveryat_private)
Date: Thu Jan 23 2003 - 12:21:50 PST

Next message: Jason Coombs: "RE: What to do with a vulerability?"

Previous message: Jason Coombs: "RE: What to do with a vulerability?"
In reply to: Jason Coombs: "RE: What to do with a vulerability?"
Next in thread: Blue Boar: "Re: What to do with a vulerability?"
Next in thread: Jason Coombs: "RE: What to do with a vulerability?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi guys,

	Blue Boar's suggestion is pretty much how I'm going, after being
brushed off by a few researchers (and CERT), who seem to have given me the
'once you have root you can do anything, so who cares?' line. I think that
that's bullocks in certain cases, like this one, so I think publishing a
non-viral PoC is the way to go. Oddly you don't even realy have to have root
(*ehm* Administrator) to achieve what I'm talking about.

	Jason's point is well taken though. I get the connection with the
DMCA, but would one of you yankees be so kind as to explain how
P.A.T.R.I.O.T applies to this sort of thing? (I'm Canadian myself ...
Fortunately we don't sign away our rights quite as easily).

	Thanks, btw. The discussion my post generated has been most
informative. Sorry I haven't replied to the slew of responses and questions
(many of which didn't hit the list), but I've received rather a surprisingly
large amount of mail about this.

	BB, incidentally, you asked "So you are saying you've got a way to
hide a process running on a Windows machine?". Yeah, that's precisely what
I'm saying ... Hide a process, registry keys, files etc.

Cheers,
~ol



-----Original Message-----
From: Jason Coombs [mailto:jasoncat_private] 
Sent: January 23, 2003 3:04 PM
To: The Blueberry; BlueBoarat_private; oliver.laveryat_private
Cc: vuln-devat_private
Subject: RE: What to do with a vulerability?


When you think explicit thoughts and share them with others in detail you
may be found guilty of violating the DMCA or the Patriot Act.

Viral vs. non-viral is an unimportant distinction -- if you choose to engage
in this business, be sure you can document your good intentions and your
legal forensic procedures because they are your only legal defense against
prosecution.

Persecution, on the other hand, is a given.

Sincerely,

Jason Coombs
jasoncat_private

-----Original Message-----
From: The Blueberry [mailto:acr872kat_private]
Sent: Monday, January 20, 2003 5:00 PM
To: BlueBoarat_private; oliver.laveryat_private
Cc: vuln-devat_private
Subject: Re: What to do with a vulerability?


>If you're wondering if a process hidden in this way can be detected, 
>then release a simple proof-of-concept program, and invite the list 
>readers to come up with a countermeasure.  *****Your code needn't be 
>viral or designed to spread in any way.*****

Please explain yourself a bit more because a non-viral code is easily turned
into a viral one...

~TB

_________________________________________________________________
Add photos to your e-mail with MSN 8. Get 2 months FREE*.
http://join.msn.com/?page=features/featuredemail

Next message: Jason Coombs: "RE: What to do with a vulerability?"
Previous message: Jason Coombs: "RE: What to do with a vulerability?"
In reply to: Jason Coombs: "RE: What to do with a vulerability?"
Next in thread: Blue Boar: "Re: What to do with a vulerability?"
Next in thread: Jason Coombs: "RE: What to do with a vulerability?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jan 23 2003 - 14:56:13 PST