|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-Disclosure] sco.com Press Release
Valdis.Kletnieks
vt.edu
Date: Mon Feb 02 2004 - 11:29:33 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, 02 Feb 2004 11:57:14 EST, Lennart Damm <lennart.dammexcite.com> said:
> The MyDoom author should be an asset to any security company fighting this
> kind of attacks. Or maybe he already is. I would not hesitate employing him to
> do the analysis and synthesis of the obvious 3G vulnerabilities built into
> UMTS, etc. Approaching 1 billion cell phone users there will be a new risk
> landscape - much more demanding than the current one.
This would be true if MyDoom showed any really creative innovation, like
abusing a as-yet-generally-unknown 0day, or some novel approach to finding
ways into a system.
If I was looking for holes, I'd pass on the MyDoom author and find out
what Lie Die Yu was doing - the kind of thinking that went into the
"Sis Step IE Remote Compromise Cache Attack" is what you want on your side.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFAHoj8cC3lWbTT17ARAkFlAJ437+jyHUaZt7jmDcwXSrl3/e0iQQCfb1yL
wLuowEWuINpfxJyhDlc0JGE=
=+Rq6
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]