Re: [Full-disclosure] KSpynix ::: the Unix version of KSpyware? (Proof Of Concept)

[bkfsec <bkfsec@xxxxxxxxxxxxxxxx>]

khaalel wrote:

> I writed KSpynix because i didn't find an unix spyware, do you have
> one? 


I wonder, though, is this an ethical act?

Don't get me wrong, I have no problem with Proof of Concept code -- 
however, there's a difference between writing a POC for a buffer 
overflow and writing a trojan horse or a worm.  I think that most people 
would class a spyware application as being malware outright, not a POC. 

Regarding a spyware POC: I don't think that one's really necessary.  
Only an idiot would question whether or not files that the user has 
write access to can be modified by running code.  The answer is pretty 
obvious.

So I really don't see a legitimate use for this package except for 
hijacking portions of a user's system.

I don't begrudge you the right to do what you wish, but I question the 
validity of an ethical argument for this package.

                  -Barry




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/