|
Posted by Leythos on August 7, 2006, 11:33 am
If you were Registered and logged in, you could reply and use other advanced thread options
>=20
> Leythos wrote:
> > void@nowhere.lan says...
> > > > They told me by email, that they're scanning intentionally for "Shu=
tdown
> > > > Windows' servers", and that they don't want to stop this.
> > > >
> > > > I set them a target until next Monday to stop doing so. Afterwards =
I'm
> > > > intending to engage a lawyer.
> > > >
> > > > The original text in German reads:
> > > >
> > > > ---------------------------- snip ---------------------------------=
-----
> > > > Die von Ihnen eingesendete Datei wird von AntiVir in Zukunft als
> > > > 'SPR/Tool.KillService' erkannt. Es handelt sich hierbei um keinen
> > > > Fehlalarm.
> > > >
> > > > Bitte beachten Sie, dass Security Privacy Risk f=FCr m=F6glicherwei=
se
> > > > sch=E4dliche Software steht.
> > > >
> > > > Die Datei wird nicht direkt als Virus bezeichnet, sie bietet aber d=
ie
> > > > M=F6glichkeit, sch=E4dliche Prozessabl=E4ufe zu generieren - in die=
sem Fall
> > > > das Beenden von Diensten.
> > > >
> > > > Die Erkennung von SPR (Security Privacy Risk) kann aus der Virensuc=
he
> > > > ausgeschlossen werden.
> > > >
> > > > =DCberpr=FCfte Datei(en):
> > > > http://www.dingens.org/win32sec.exe
> > > > ---------------------------- snap ---------------------------------=
-----
> > >
> > > Finally, some real facts, we know know they are targeting the code th=
at
> > > VB is offering to the public.
> > >
> > > Now, the real question is why offer a program to shutdown services wh=
en
> > > you can just document what services should be disabled
> > >
> > > It would seem to me that anyone getting this code could trick someone
> > > into using it to cause problems on the unsuspecting.
> >
> > For those that don't read German, like me, translated by online free
> > service:
> >
> > ---- translated text ----
> >
> > The file sent in by you is recognized of AntiVir in the future as a
> > 'SPR/Tool.KillService'. It concerns herewith no false alarm. Please
> > you note that Security Privacy Risk stands for possibly injurious
> > software. The file is not designated directly as a virus, it offers
> > however the possibility to generate injurious process flows - in this
> > case the concluding of services. The recognition of SPR (Security
> > Privacy Risk) can be excluded out of the viruses that which is sought.
> >
> > ---- end translation ----
> >
> > So, if I understand this properly, they are classifying it as a
> > "Possible Risk" based on the function it provides.
> >
> > Are all of you VB supporters suggesting that the Code does NOT present
> > any risk in any environment?
> >
> > --
> >
>=20
> I am suggesting that there shouldn't be a double standard. Lots of
> software is a possible risk based on the function it provides.
There is no double standard, vendors know to submit the products to=20
malware detection vendors before it is released or to work with them so=20
that their products are not falsely marked as malware.
Why should one complain if they didn't pre-submit their code for=20
testing/exclusion before releasing it?
> And we know that the sensible thing is not to ban all potentially risky
> software, but to allow ones that we know are not intended to be
> harmful.
How does a vendor determine what is "Intended" based on the number of=20
users that may intend to do anything with a code? It seems to me that=20
you can't be sure what people will do with something once it's released=20
into the public domain, and that's the entire problem.
Discount that this is about VB, what if it was from "John Smith" and=20
released into the public to do the same thing with no mention as to why=20
it was released to public?
> Furthermore, VB's program is not only "not intended to be harmful", and
> itnended to be helpful. it actually prompts the user and makes clear
> what it is doing.
And the intent doesn't mean anything, at least not to malware detection=20
vendors.=20
--=20
spam999free@rrohio.com
remove 999 in order to email me
| 
XML site map