[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] “We keep wiping it off, and it keeps coming back”
- To: Christian Sciberras <uuf6429@xxxxxxxxx>
- Subject: Re: [Full-disclosure] “We keep wiping it off, and it keeps coming back”
- From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
- Date: Mon, 10 Oct 2011 19:47:47 +0000
Just look at the replies on FD as well – people saying “most likely means
A,B,C” and “probably this or that” where they have absolutely no basis for
making such statements. People “want” this to be the case, and are more than
willing to simply accept any such claim as gospel. I would have to say that
the article did precisely what it was designed to do: generate hits to drive
membership and ads.
Oh, and I was wrong – the source wasn’t “someone close” it was “a source
familiar with the network infection” which could be you or me at this point, or
the copy repair-person. I’m familiar with it. So are you. These
“articles” are attractive because the author can say what they want based on
interpretation of conversations with the “unknown and never-to-be-revealed”
contact. If people can’t back up what they are saying, or when the entire
validity of an article is based on the word of “someone speaking on terms of
anonymity” then there’s really not much value in it.
t
From: Christian Sciberras [mailto:uuf6429@xxxxxxxxx]
Sent: Monday, October 10, 2011 11:23 AM
To: Thor (Hammer of God)
Cc: Michael T; full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] “We keep wiping it off, and it keeps coming back”
Since it very much discredits and puts the AA to shame, isn't it quite
plausible that some department's lawyers fall over this guy's claims?
Maybe the article has been written specifically for people to draw the wrong
conclusion - happens too often - but still...
On Mon, Oct 10, 2011 at 7:36 PM, Thor (Hammer of God)
<thor@xxxxxxxxxxxxxxx<mailto:thor@xxxxxxxxxxxxxxx>> wrote:
Consider the source. It’s “someone close” to the operations, and that only
according to this guy. It could very well be a slot-puller in the casino
across the street… I’m always dubious of the reporting of this type of thing
where the source is some “secret” person, and where there is never any ability
to refute claims.
t
From:
full-disclosure-bounces@xxxxxxxxxxxxxxxxx<mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx>
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx<mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx>]
On Behalf Of Christian Sciberras
Sent: Monday, October 10, 2011 7:05 AM
To: Michael T
Cc: full-disclosure@xxxxxxxxxxxxxxxxx<mailto:full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] “We keep wiping it off, and it keeps coming back”
I'm talking more about their engineers than their network.
If I had my network infected with a virus, I'd immediately deploy some form of
logging/monitoring tool (eg, wireshark).
Honestly, it all sounds like they're employing inexperienced engineers. Which
is again strange, considering the field they're in.
Regarding your bet, see that's already something. Why exactly can't they verify
your bet? It isn't like viruses suddenly became invisible, is it?
I'm just curious to these questions. It's strange to hear someone saying "we
basically have no idea what's going on".
On Mon, Oct 10, 2011 at 3:40 PM, Michael T
<mt2410689@xxxxxxxxx<mailto:mt2410689@xxxxxxxxx>> wrote:
It's a network that's 'detached', or 'segregated', or whatevered from the rest
of the world, so it's 'largely immune to viruses'. That likely means they have:
1. NO logging
2. NO anti-virus
3. NO hardening
The very fact that these systems are on a segregated network means they are
probably more frail, and more susceptible to viruses, than a normal person's
laptop.
Immune to viruses... What a crock of shit. My bet is that it's coming from
the planes.
Mike
On Mon, Oct 10, 2011 at 7:51 AM, Christian Sciberras
<uuf6429@xxxxxxxxx<mailto:uuf6429@xxxxxxxxx>> wrote:
http://www.wired.com/dangerroom/2011/10/virus-hits-drone-fleet/
This is news to me.
Moreover, I'm a bit confused as to how they don't track how it's coming back.
I mean, how is it possible that no one stepped in and analyzed how the virus
acts and where it came from?
It sounds fish if you ask me.
Chris.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/