Re: [Full-Disclosure] win2kup2date.exe ?
From: Nick FitzGerald (nick_at_virus-l.demon.co.uk)
To: email@example.com Date: Fri, 03 Sep 2004 11:19:41 +1200
Über GuidoZ wrote:
> ... If you want to email me a copy of it, I'll
> rip it apart and see what can be seen.
And world plus dog should entrust you with such material because???
> P.S. Send it to [...] - it's my "catch all" for
> virus/unknown files. Just be sure to ZIP it up or else the web host
> won't let it through. Otherwise I have disabled all checks/scan.
> Downloads directly to a secured Linux box.
That's all very nice, but alone, far from the makings of someone to
entrust arbitrary, suspected malware samples to.
I'm also rather suspicious of your promotion of Virus Total. Hispasec,
as far as I can tell (Spanish being something I have to have translated
via online services), has no antivirus or similar product of its own,
yet it has set up, and some folk seem to be promoting, what is
effectively a sample collection mechanism. I've also heard vague
rumblings that Hispasec/Virus Total does not have suitable licenses for
at least some of the scanners used in its service (and strongly suspect
that several of the AV vendors whose products are currently used would
not allow their products to be licensed for use in a service of the
kind Virus Total offers anyway because it paints a rather disturbing
trust picture -- "You can trust me because I can run a virus
Full-Disclosure - We believe in it.