discuss: Virus-Writing-HOWTO
Subject:
Re: Virus-Writing-HOWTO
From:
David Lloyd ####@####.####
Date:
19 Mar 2002 00:34:51 -0000
Message-Id: <45FDDACC.8AAE3C9A@rebel.net.au>
Hmmmm....
> I made an important update yesterday.
> Basically I raised the ante by defining the document
> to be the mission log of a quest to build the uber-virus.
> Failure could be taken as stronge indication of safety.
>
> One problem I have with that part is my strong pathos
> (ghost-writer someone?). I consider the ratio of
> technical details to John Katz stuff critical to credibility,
> and seem to fail my own standard.
>
> And then of course I will have made me the biggest
> idiot on the net should the strategy backfire for one
> reason or the other.
No, you'll become well known as one of the world's most infamous black
hats until the next one comes along.
Failure is never a strong indication that something is wrong. Disproving
a null hypothesis always allows the chance that you accept its disproof
when you actually shouldn't have. In statistics it's normally an
aberration of chance. In this case, it would more likely be technical
ineptitude (eg, simply because Neanderthal man couldn't make a nuclear
bomb, doesn't mean that nuclear bombs wouldn't some day exist) or lack
of future knowledge.
I guess that I'll just have to live with the fact that not only will we
have script kiddies, we'll have virus kiddies and that the Linux
Documentation Project will have been part of making this happen.
Personally, if I were CEO of one of the Linux companies and saw that the
LDP distributed documentation that gave directions on how to compromise
computer security by using one of the most publicly recognised methods
of compromisng that security (1) then I would withdraw all support for
the LDP and simply direct all requests for Howto's to the LDP's
web-site. I wouldn't want to wear the risk of being accused of
supporting the black hats..
Why is it that computer geeks almost always are absolutely dreadful at
marketing?
You cannot possibly sell any type of "virus ... howto" if someone else's
marketing department points out that it's a recipe book for virus
kiddies.
DSL
(1)
Note I said publicly recognisable. Of course, virtually all security
Howtos will contain formulas for comprimising security. However, if I
walked up to an average, non-IT, non-Linux person and said "Here's my
Trojan HOWTO" they'd probably wonder why I was rebuilding the Trojan
Horse. However, if I said here's my "Virus Howto" I'd lay bets they'd
know exactly what I wanted to make and why...
