|Bracing against the wind|
Wednesday, May 12, 2004
Julian Green, who was arrested for possession of child pornography, and had his daughter taken into custody. He was released after it was discovered that a trojan horse (a breed of virus) was actually responsible for downloading all the pornography on his machine.
The lesson to be learned here is that our government must not have the power to arrest and convict someone solely on the basis of computer evidence.
On an unrelated note, if a company runs antivirus software that unpacks ZIP/GZ files, it's trivial to DOS their mailserver. ZIP/GZ files contain patterns and length multipliers. It's possible to craft a 1K file that uncompresses to 1000 MB. Mailing variants of highly compressed archive files in a very light mailbomb would be able to cripple even the largest corporate mailservers equipped with antivirus sofware. In testing, AER/sec discovered that this vulnerability exists in most major antivirus utilities. Exploiting the behavior of underlying software to multiply the intensity of an attack is a typical tool used by DOS hackers.
[View/Post Comments] [Digg] [Del.icio.us] [Stumble]
| Bloghop: | Blogarama | Technorati | Blogwise