On Mon, 8 Apr 2002, Bill Stewart wrote: > Do you mean "How hard would it be to crack into Brilliant Digital's > servers before some other SKR1P7 K1DD13Z take it over"? Or do you mean > "Is that easier than cracking into Microsoft or Adobe or M0Zilla or > some other quasi-reputable company's distribution system?"?
Last time I looked NIMDA and Code Red was still making the rounds. A single-vulnerability worm can get you 100 kNodes overnight, an updateable library of exploits and stealthy crossplatform code should keep you in business indefinitely. > Actually using it to upload PGPNet would probably be pretty hard - > it's no longer just Phil's ~200KB of badly-written MSDOS code, it's > now 5-10MB of bloatware (:-), and you can't distribute a few million > copies of a few megabytes to unsuspecting users without somebody > noticing. Just checking the clock and only uploading big stuff when it's night according to the clock and the user hasn't been typing anything in the last 10 minutes should do the trick. Especially, if the infected nodes mimick Akamai. > Also, leaving aside the "opportunistic encryption" issues, which > depend on having working secure inverse DNS for the FreeS/WAN flavor, > you can't depend on tunnels working through firewalls or NAT or other > arbitrary connections out there, so a lot of recipients wouldn't It would be enough to just get the freely accessible nodes infected. NATted and firewalled nodes could be then your second concern. > really get to have it working for them, but it might break quite > visibly - especially for people who already have VPNs, and therefore > usually have corporate IT support or corporate security departments > who'll notice it. Port 80 is still open typically, and you can use naked nodes as relays. > Better to just build a nice small ipsec client into a flashy MP3 > player :-)
