Re: Opinions on the following articles?

From: Barry Margolin (barry.margolin_at_level3.com)
Date: 06/27/03

Next message: Barry Margolin: "Re: Opinions on the following articles?"
Previous message: Barry Margolin: "Re: Language independant public key"
In reply to:(deleted message) S: "Re: Opinions on the following articles?"
Next in thread: James Grant: "Re: Opinions on the following articles?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 27 Jun 2003 16:32:14 GMT

In article <bGVnaW9uNTk=.86bb0be645d387e6bb7f72b1b63dee9e@1056571102.cotse.net>,
S <sleeping@sunset.net> wrote:
>Here is where he lost me:
>
>"...it provides no real additional security over turning off the services
>that you don't use. (Maybe it'll block trojans from phoning home, but A) if
>you've run a trojan your system is completely compromised..."
>
>Programed threats that phone home do so because it is necessary for the
>accomplishment of whatever the threat was written for; whether that would be
>contacting someone so he could remotely control your machine for vandalism,
>theft of your credit data, or to turn your machine into a Zombie to attack
>others. While he is correct in assuming that you have real problems if your
>box is infected with a trojan, he apparently sees no difference between a
>trojan CONTAINED and a trojan that is allowed to COMPLETE it's mission.

It depends on how critical that completion is. Suppose it wipes your disk
and then phones home to let its master know that it's done. Even if it
can't phone home, the damage has been done.

-- 
Barry Margolin, barry.margolin@level3.com
Level(3), Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.

Next message: Barry Margolin: "Re: Opinions on the following articles?"
Previous message: Barry Margolin: "Re: Language independant public key"
In reply to:(deleted message) S: "Re: Opinions on the following articles?"
Next in thread: James Grant: "Re: Opinions on the following articles?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: ZoneAlarm not blocking AVG auto update
... varies from computer to computer) every time you boot up. ... It is enough time for a trojan to phone home and download an update or other malicious code. ...
(alt.computer.security)
Re: Electronic Publication
... >> I use Zonelabs firewall, ... >> installation, but if I override and allow the trojan to be installed, I ... >> have to override again to allow the trojan to phone home. ...
(rec.arts.sf.composition)
Re: WinXP Stop 8086
... Quaoar wrote: ... Yes MS gives itself the right to phone home, just like a common criminal hacker's trojan. ... After the spam hit the fan I checked out the windowsxp.help-and-support NG and there's a ton of info, all tragic, concerning WGA. ...
(alt.sys.pc-clone.dell)