On Mon, 02 Feb 2004 11:57:14 EST, Lennart Damm <lennart.damm@excite.com> said: > The MyDoom author should be an asset to any security company fighting this > kind of attacks. Or maybe he already is. I would not hesitate employing him to > do the analysis and synthesis of the obvious 3G vulnerabilities built into > UMTS, etc. Approaching 1 billion cell phone users there will be a new risk > landscape - much more demanding than the current one. This would be true if MyDoom showed any really creative innovation, like abusing a as-yet-generally-unknown 0day, or some novel approach to finding ways into a system. If I was looking for holes, I'd pass on the MyDoom author and find out what Lie Die Yu was doing - the kind of thinking that went into the "Sis Step IE Remote Compromise Cache Attack" is what you want on your side.
Attachment:
pgp00013.pgp
Description: PGP signature