Bracing against the wind  

Wednesday, May 12, 2004

Viruses: Damned If You Do

You'd better run antivirus software, or you could get arrested and have your daughter taken away from you. At least, that's the lesson that was learned by Julian Green, who was arrested for possession of child pornography, and had his daughter taken into custody. He was released after it was discovered that a trojan horse (a breed of virus) was actually responsible for downloading all the pornography on his machine.

The lesson to be learned here is that our government must not have the power to arrest and convict someone solely on the basis of computer evidence.

On an unrelated note, if a company runs antivirus software that unpacks ZIP/GZ files, it's trivial to DOS their mailserver. ZIP/GZ files contain patterns and length multipliers. It's possible to craft a 1K file that uncompresses to 1000 MB. Mailing variants of highly compressed archive files in a very light mailbomb would be able to cripple even the largest corporate mailservers equipped with antivirus sofware. In testing, AER/sec discovered that this vulnerability exists in most major antivirus utilities. Exploiting the behavior of underlying software to multiply the intensity of an attack is a typical tool used by DOS hackers.

[View/Post Comments] [Digg] [] [Stumble]

Home | Email me when this weblog updates: | View Archive

(C) 2002 Erik Aronesty/DocumentRoot.Com. Right to copy, without attribution, is given freely to anyone for any reason.

Listed on BlogShares | Bloghop: the best pretty good | Blogarama | Technorati | Blogwise