OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Ethical/Theoretical Question
From: Daniel Avila (DAvilaWEBTRENDS.COM)
Date: Thu Jun 01 2000 - 16:48:19 CDT

Hey that would just be pretty slick! IF and only if people trusted the
process. How am I to know that the email virii fix that came to me is
actually going to do what it claims to do?

However, it could just be all kinds of possible to write virii that detect
holes and give info on where to go to fix it. If the hole for that virus is
not detected, then the email could spawn and delete itself from the system.
It would still be a "parasite" but at least the relationship would be more
symbiotic.

-----Original Message-----
From: Jonathan Cook [mailto:JCookFOOTHILLTRANSIT.ORG]
Sent: Thursday, June 01, 2000 1:42 PM
To: FOCUS-MSSECURITYFOCUS.COM
Subject: Ethical/Theoretical Question

I was just discussing VBScript with some people online, and an interesting
question came up.

Namely, should we, the security conscious "geeks" of the world, be designing
"virii" that shore up holes in "normal" user's security? (Things like .vbs,
.js windows scripting associations, password caching, auto-opening EXEs from
IE)

Something that tells you what holes there are in your system and offers to
patch them...

Jonathan