Firewalls: Re: Hacker Profile

Firewalls
(April 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Hacker Profile
From:	Bruce Marshall <brucem @ wichita . fn . net>
Date:	Mon, 22 Apr 1996 11:43:08 -0500 (CDT)
To:	firewalls @ greatcircle . com
In-reply-to:	<9604220918 . AA19491 @ karpov . fws . ilo . dec . com>

On Mon, 22 Apr 1996, Dermot Tynan wrote:

> Bruce Marshall wrote:

> > When you look at the 
> > personality of the 'good' hackers you typically see that they are 
> > inquisitive in nature, enjoy challenges and learning about the 
> > innerworkings of just about anything.

> From what I've gleaned from virus circles, this doesn't always appear
> to be the case.

    Wait a minute..  How did we get from hackers to virus writers?  These 
are typically two different classes of people.

> A lot of the virus 'writers' are simply permuting an
> earlier virus so that it can slip under the net of virus scanners.

    Sadly, this is true.  Most virus writers are more interested in making an
'unscannable' virus rather than creating an original and innovative one.  This
can be as easy as taking an existing virus, PKLiting it and removing the
PKLite header.  

> With the advent of things like VCL and MtE (virus creation tools),
> it is easier for someone without the qualities listed above to create
> something truly destructive and hard to detect.

    VCL and most other virus toolkits are typically VERY easy to detect.  
McAfee, TBAV and the like had their generic signatures added to their 
scan strings very shortly after they were released.

> Not from a traditional
> motivation, but from a motivation that it's cool.  "My virus wrecked
> systems on four continents".  That sort of thing.  We'll probably see
> these people move into Internet circles next.

    Probably?  Where have you been?  These people have been on the 
Internet since before RTM Jr. decided to 'share' his worm with the 
world.  

    As for destructiveness, it unfortunately will always exist.  These 
people have a similiar psychological makeup as the individuals who go 
around shooting out windows with their BB guns.  They have no honor and no
talent.  Eventually, they will either realize what idiots they are and 
grow up or they will continue to be abhored by the rest of society.

> By the way, does anyone
> know if there are any NT viruses (yet!)??

    I believe there are a few.  NT, like other multi-user based operating 
systems make it harder for viruses to survive due to their security based 
file systems.  However, the chance of infection isn't eliminated, just 
reduced.

Bruce Marshall

Follow-Ups:

Re: Hacker Profile
From: Dermot Tynan <dtynan @ fws . ilo . dec . com>
Re: Hacker Profile
From: thompson jeffrey w <jwthomp @ cs . uiuc . edu>

References:

Re: Hacker Profile
From: Dermot Tynan <dtynan @ fws . ilo . dec . com>

Indexed By Date	Previous:	Re: Stopping Fakemail From: peter @ baileynm . com (Peter da Silva)
Indexed By Date	Next:	RE: Stopping Fakemail From: scox @ factset . com (Sean Cox)
Indexed By Thread	Previous:	Re: Hacker Profile From: Dermot Tynan <dtynan @ fws . ilo . dec . com>
Indexed By Thread	Next:	Re: Hacker Profile From: thompson jeffrey w <jwthomp @ cs . uiuc . edu>