[ale] MS trying to blind side Linux via tcp/ip?

SanMillan, Todd tis3 at cdc.gov
Thu Aug 16 10:08:03 EDT 2001 

   Okay, I disagree with your spin on Gibson's assessment of the danger of
code red, that future growth will eventually prove Gibson correct.  So lets
look at something with a little more history behind it.  In 1992 Gibson
declared that anti-virus scanners were facing end-of-life.  To quote,
"First, scanning for known viruses within executable program code is
fundamentally a dead end."  While I agree that more sophisticated scanning
methods deserve research and certainly have value, the simple fact is that
scanning for known code signatures remains the standard for commercial
anti-virus scanners.   More info is available here
http://vmyths.com/rant.cfm?id=348&page=4
   Second, Gibson's own words don't match your interpretation.  From his web
site http://grc.com/codered/codered.htm  "all hell is going to break loose"
starting Wednesday  August 1st".  While we did see increased infections, the
hounds of hell were kept chained for another week or two, at least.  We will
continue to see Code Red infections, but we will not have to turn off our
computers from the 1st till the 28th of every month.
   As for his not writing just to get media attention, what about the
following quotes, which he  "wrote and forwarded the following advisory to a
number of my friends in the press"? "Oh well, everyone knows I tried hard to
prevent it." and "I think it will CLEARLY BE next week's big news."
(Emphasis in the original).  MANY other's in the security community also
write with "openness and truth" yet they do not garner media attention like
we saw with Code Red (and Y2K).  And the public doesn't see the more sober
follow on discussions.  Most of them see that the "computer geeks" predicted
the Fall Of The Internet(TM) and it didn't happen.  Again.  And that is not
gonna help the next time we need to get the word out.

Todd

-----Original Message-----
From: Mel Burslan [mailto:mel.burslan at s1.com]
To: ale at ale.org
Sent: Thursday, August 16, 2001 9:28 AM
To: ale at ale.org
Cc: Jonathan Rickman
Subject: Re: [ale] MS trying to blind side Linux via tcp/ip?


Well, I was not aware of Steve Gibson's comments about Code Red, but if
anyone thinks that it died or subsided is up for a big surprise in *MY*
opinion. I am sure he was not talking about this particular showing up
of the virus/worm when he said it will grow exponentially. It was a mere
indication that there are more to come in the footsteps of code red. As
anyone who has a half brain and some computing experience can see, code
red is just the base line what can be done by a mere nitwit who can
gather and glue up some scripts available on the net. And another point
about exponential growth : he may be right if you think that the number
of computers are growing and again in my opinion, code red or its
variants will never go away. So over the long span of time, exponential
growth is not too much of a bad mathematical mistake.

I respect Steve Gibson's opinions and have not seen him writing up
something just to get some media attention. Media attention comes from
the openness and truth of what he writes about the possible effects of
what he surfaces. Cringely on the other hand is a media author, and his
work requires him to rely on the hypes to some extent. Otherwise he
would be a boring author, which may not be good for his career goals. So
comparing Steve Gibson to R.(X) Cringely is much like apples to oranges
comparison. Therefore, on contrary to what you have said, enough is not
said...

Regards

Mel Burslan

--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

More information about the Ale mailing list