Re: [Full-Disclosure] Why is IRC still around?

From: Nick FitzGerald (nick_at_virus-l.demon.co.uk)
Date: 11/19/04

  • Next message: GuidoZ: "Re: [Full-Disclosure] Gmail anomaly"
    To: Mailing List - Full-Disclosure <full-disclosure@lists.netsys.com>
    Date: Sat, 20 Nov 2004 09:02:07 +1300
    
    

    Danny wrote:

    > Well, it sure does help the anti-virus (anti-malware) and security
    > consulting business, but besides that... is it not safe to say that:
    >
    > 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc?
    > 2) A considerable amount of "script kiddies" originate and grow through IRC?
    > 3) A wee bit of software piracy occurs?
    > 4) That many organized DoS attacks through PC zombies are initiated through IRC?
    > 5) The anonymity of the whole thing helps to foster all the illegal
    > and malicious activity that occurs?
    > The list goes on and on...
    >
    > Sorry to offend those that use IRC legitimately (LOL - find something
    > else to chat with your buddies), but why the hell are we not pushing
    > to sunset IRC?
    >
    > What would IT be like today without IRC (or the like)? Am I narrow
    > minded to say that it would be a much safer place?

    I daresay the world would not be much different.

    The early dedicated DDoS systems had their own inter-agent
    communication channels of varying complexity and sophistication. I'm
    sure if something easy and convenient such as IRC were not around for
    the skiddie copycats that came along later to usurp, at least one or
    two of said copycats would probably have managed to scrape together
    just enough talent to roll their own simple, lightweight distributed
    messaging system to use as a communication and coordination channel for
    their bot armies and thus we'd have ended up more or less where we are.

    Likewise, other methods of more or less "anonymous" intercommunication
    between like-minded skiddies would have evolved had IRC not, as the
    nature of the underlying structure of the Internet is essentially
    anonymous communication (recall that this is a completely unintended,
    and perfectly expected, effect of the purpose of the underlying network
    technology -- it was to be used for a physically closed network, where
    the fact a machine was on the network _meant_ that machine was supposed
    to be there _and_ that its location _AND_ the names and whereabouts of
    the ranking officers responsible for the techies running it would be
    readily available).

    Ditto, s/w piracy would have found other largely untraceable online
    outlets such rooted FTP and web servers, compromised SOHO machines with
    fast connections and totally clueless "admins", P2P, etc, etc...

    In short, without IRC I'd expect we'd be pretty much exactly where we
    are anyway (save we would have had one less inane question to answer on
    some mailing list).

    -- 
    Nick FitzGerald
    Computer Virus Consulting Ltd.
    Ph/FAX: +64 3 3529854
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html
    

  • Next message: GuidoZ: "Re: [Full-Disclosure] Gmail anomaly"