Re: [funsec] So ze Q-bomb wuz a dud? :)

Wed, 01 Apr 2009 16:00:16 -0700 

 hiya Kevin,
    I'm starting to think that....  Why code something so well, the authors 
know encryption, know how to code well, they know how to obfuscate code, code 
up all the P2P stuff.... And then.... SPLAT! Like a JuneBug in July in driving 
through Maine hitting your windshield... There's a hardcoded April 1st payload 
launch, not encrypted, not hidden, just sitting right there easy to find?  I 
don't' buy it....  Who makes that mistake after being so careful?

  April Fools world!  I'm waiting for it ;-)

 then in 2 or 3 weeks, they'll have a bunch of zombies that will never ever be 
patched, due to users that just don't care or know better, for them to 
command...

 Mike B


Michael P. Blanchard 
Senior Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE
Office of Information Security & Risk Management 
EMC ² Corporation 
4400 Computer Dr. 
Westboro, MA 01580 


-----Original Message-----
From: [email protected] [mailto:[email protected]] On 
Behalf Of Kevin McAleavey
Sent: Wednesday, April 01, 2009 5:28 AM
To: funsec
Subject: [funsec] So ze Q-bomb wuz a dud? :)

 Sitting shiva on conficker all evening and night here in the woods of upstate 
New York. So all the analysis which revealed the presence of a date was perhaps 
an April Fool's joke of its own? Given the way the previous versions have 
worked, never did quite understand why they'd hardcode a date in there given 
the sophistication of what I've seen by design so far. But its presence really 
DID get everyone worked up, perhaps one of the more significant April Fool's 
pranks ... and on US.  :(

 I haven't seen much of anything and I'm in my 13th hour of sitting here, 
waiting for what Marvin the Martian once said, "Where's the Kaboom? There was 
supposed to be an earth shattering kaboom!" Did the pig even update itself 
anywhere? Or did we get fooled? Somehow, I expect the latter. Whoever wrote 
this thing is pretty damned good at what they've written so far ...
----------------------------------------------------
Kevin McAleavey, at your service.
BOClean Anti-Malware division
http://www.comodo.com/

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Reply via email to