RE: Virus to Virus Idea

From: Vachon, Scott (Scott.Vachon@Paymentech.com)
Date: 08/31/01


Message-ID: <7FA8FEA22737D41192590002A537E7207B6423@SSLMEXCH1>
From: "Vachon, Scott" <Scott.Vachon@Paymentech.com>
To: SECURITY-BASICS@securityfocus.com
Subject: RE: Virus to Virus Idea
Date: Fri, 31 Aug 2001 11:34:14 -0500


>Old idea (aka 'the road to hell') periodically resurrected and
>occasionally equated to the 'mandatory update'; said idea almost
>uniformly phhhbbbt'd each time no matter the good intentions or guise
>under which it travels.
 <snip>
>The whole idea of someone else deciding what kind of software I should
>use is, um, well, an abomination. Give me rules to live by so we can
>nominally get along, sure enough -- but your right to swing your fist
>ends where my nose begins...or at my firewall. :)

 I agree. Of all those who recommend an anti-virus virus, or anti-worm worm,
I don't recall any who recommend a warning display rather than an
unrequested fix. In other words, a worm or virus that checks for a
vulnerability or exploit, and then "annoys" the "attacked" systems with
messages about a found exploit and how to patch it WITHOUT changing the
system. For all those goodly souls who hack under the pretense that it does
good for the community as a whole ( I pass no judgment either way...), I
wonder why none have shifted the paradigm as such, vice causing damage to
the end systems ? Thoughts ?

~S~

Disclaimer: My own two cents...