It's only a matter of time . . .

George Toft plug-discuss@lists.PLUG.phoenix.az.us
Thu, 20 Sep 2001 11:40:25 -0700 

On the one hand, to not anticipate the worst, leads to a lack of
preparation, and the downstream effects can be enormous.  Effective 
anticipation requires discussion and OPEN review.  Security through
obscurity is a fancy term for sticking your head in the sand - you
can't see what's about to bite your behind.

I first envisioned a BIOS writing virus in 1995.  "Yeah right!" was
the response.  CIH/Chernobyl Virus became a reality April 22, 1999.

In the beginning of 2000, I wrote to yahoo, hotmail, mail.com, and 
the qmail list about how to cycle mail traffic in an infinite, 
exponentially growing loop.  Yahoo told me it couldn't be done.  I 
accidentally did it to a QMail server and brought it down, despite 
the developer's assurance it could not happen as QMail has looping 
control.  Apparently, the looping control only takes effect as
long as the mail doesn't leave the server.

And, no, I have not intentionally try to bring down yahoo et. al.,
although I am certain my concept is valid.  Maybe we can discuss 
this in a non-googlable forum?

We, as White Hats, have a responsibility to share our knowledge 
so we can defend against the Black Hats.

George


"John (EBo) David" wrote:
> 
> George Toft wrote:
> >
> > ...
> >
> > Now, let's see how long it takes some miscrant to combine this
> > infection method with a BIOS nuker (CIH Virus), a monitor killer
> > (one that monkeys with the H & V refresh settings), and is written
> > in 100% assembly so it runs under Linux also (W32.Winux).  This
> > will result in something that kills your monitor ($$$), cannot be
> > easily removed by the average person without buying a new MOBO ($$$),
> > and spreads to everything.  With 200,000 people replacing their
> > computers and monitors, it should jumpstart the economy, right?
> >
> > *This* would make nimda look wimpy.
> 
> ummm...  guys.  Let's not dream up worser things here.  If the
> originators of CR, NIMBA, or simililar viri/worms hears about it they
> just might do it.
> 
> Let's not GIVE THEM IDEAS!
> 
>   EBo --
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail.
> 
> PLUG-discuss mailing list  -  PLUG-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss