[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] [VirusTotal] Scan result (fwd)
- To: Michel Messerschmidt <lists@xxxxxxxxxxxxxxxxxxxxxxx>
- Subject: Re: [Full-Disclosure] [VirusTotal] Scan result (fwd)
- From: Barry Fitzgerald <bkfsec@xxxxxxxxxxxxxxxx>
- Date: Fri, 03 Sep 2004 09:48:50 -0400
Michel Messerschmidt wrote:
On Fri, Sep 03, 2004 at 10:43:50AM +0530, Aditya Deshmukh wrote:
hey if the binary is infected and does not contain any hardcoded
sencitive info what do u care about the owners of the website ?
Unless for (a purely theretical) example the website would use your
submission to infect others (perhaps with your address as sender) :-)
Although the binary may not contain any sensitive data, it is dangerous
in itself because it is self-replicating and thus hard to control once
it is activated. If your are not very cautious when handling
self-replicating code, you most likely end up sending it out to the
world.
So for the question how to handle possibly dangerous code
it all comes down to "Who do you trust" ?
Or, potentially, use the fact that you're infected with something
against you. Like, say, holding a red flag up saying that you're
backdoored.
I have no evidence to suggest that that's what's going on -- just
bringing it up as something someone can possibly gain from a submission
of this type.
-Barry
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html