[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Slightly OT: Worms: Exploit Plug-ins and Benevolent Worms
On Tue, Aug 07, 2001, Shlomi Fish wrote about "Re: Slightly OT: Worms: Exploit Plug-ins and Benevolent Worms":
> service. The reason I suggested perl is because:
>
> 1. Perl should not be compiled.
> 2. Perl is available on most systems.
> 3. Most exploits can be written in perl.
> 4. Perl can be better obfuscated than python, for example.
But Perl is not available on 95% of the systems that the current Code Red II
worm "caters" to... Obviously you can download perl into every system you
penetrate, but that extremely slow and error-prone.
> Of course the downside, is that one will be able to use the plug-ins to
> power a malevolent generic worm like that. So, there may be a situation of
> a worm-war in the Internet.
That's why "hubris" (see my previous post) had signed plug-ins, with the
private key needed to sign them never published anywhere.
Of course, signing modules also has its downsides: it can be proved that a
person caught with the private key was the one who wrote the modules.
> Writing such a worm may be an intersting experience. It could be a good
> idea for a Haifux' project assuming it is indeed perfectly legal to do it.
It is probably not. I am not a lawyer, but I'd think that to prove a crime
you need to demonstrate intent and illegal action. In this case you have both:
you *intend* for the worm to "escape" out to the wild (this list's archives
shows that), and if the worm does escape and do damage, you also have the
illegal action.
--
Nadav Har'El | Tuesday, Aug 7 2001, 18 Av 5761
nyh@math.technion.ac.il |-----------------------------------------
Phone: +972-53-245868, ICQ 13349191 |Communism is the equal distribution of
http://nadav.harel.org.il |poverty.
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il