how-to block ads
|
|
Share Topic
 |
 |
|
|
|
davePremium,MVM
join:2000-05-04
not in ohio
kudos:8
1 edit | reply to Jahntassa
Re: Users will always be the weakest link said by Jahntassa:said by dave:As I understood you, the virus installation kit itself says "Hi, I am a virus". I've never heard of a real-world virus doing that, except to prove "users will install anything". Careful, you never know. The next step is to start sending out unsolicited discs to random people and seeing what happens. But that's different, and has been done more-or-less with the 'USB sticks dropped in parking lot' approach.
My point seems to be not getting across. There's a whole heap of difference between 'disc of unknown provenance' and 'disc handed to every attendee at a security conference hosted by a known person'.
Suppose I *had* installed the disc from jeisenberg  and suppose it had done something bad. I know how to contact the FBI, I'm sure jeisenberg knows I know that, etc. Based on such considerations, including the fact that this hypothetical me would have been able to assess jeisenberg up close prior to install, I declare 'unlikely to be a threat'.
(Of course, I'd *look* at the do-not-install CD before actually running the installer, but that seems self-evident. I always do that, mostly because I want to know how much crap is coming along with the software I want).
said by jeisenberg:Even after they install software they've been warned not to install, they wonder how they could possibly get infected! But if this is still referring to the seminar CD, then it's not a credible warning. You handed out a CD and said "do not install this CD". Obviously, if you really wanted them to not install the CD, you would simply not have distributed the CD in the first place.
So, there are two overt and conflicting messages, which should make it obvious that it's an intellectual game of some kind. | |
 jeisenbergNew Year's Eve
join:2001-07-06
Windsor, ON | said by dave:Suppose I *had* installed the disc from jeisenberg and suppose it had done something bad. I know how to contact the FBI, I'm sure jeisenberg knows I know that, etc. Based on such considerations, including the fact that this hypothetical me would have been able to assess jeisenberg up close prior to install, I declare 'unlikely to be a threat'. The virus was real. It concealed itself on the user's system and did "phone home" to alert me to the identities of the attendees who were foolish enough to run the installation. It persisted on their machine, so that subsequent attempts to reinstall the virus would check for the presence of the virus before continuing the reinstallation. However, it's doubtful that the authorities would have done anything to me. All I would need to do in my own defense would be to give them a copy of the CD and show them that the users were given fair warning that something bad was going to happen if they proceeded, and they consciously chose to proceed (I hadn't previously mentioned that the default choice provided to the users was to abort installation - they needed to specifically choose to continue). In effect, they consented to the installation, knowing full well that a virus was going to be installed. No one was tricked or coerced.
The virus was not designed to propagate, nor was it designed to do any damage to the system. Furthermore, if the user at some future point chose to run a decent registry cleaning tool, the payload would have removed. | |
 AVDRespice, Adspice, ProspicePremium
join:2003-02-06
Onion, NJ
kudos:1 | said by jeisenberg:The virus was not designed to propagate, Then, it is not a virus.
--
standard disclaimers apply. | |
|
