Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Why is IRC still around?
From: bkfsec <bkfsec () sdf lonestar org>
Date: Mon, 22 Nov 2004 15:21:00 -0500

vord wrote:

and for the record, "they would move to another resource" is not a
coherent argument against his position [his question, rather]
concerning the elimination of a problem-child medium. perhaps the cost
to society via the spread piracy and virii [more importantly the
altter] isnt worth the measly gain IRC affords its legitimate users?
[well?]
This would be correct, if the move to a new medium wasn't 0-sum. However, it is a 0-sum move because IRC bots have already been retrofitted with remote control mechanisms using both IM and P2P technologies. This isn't "hypothetically they'd move to another medium" -- this is "they already HAVE moved to other mediums."


it IS incoherent, however, to argue that IRC (1) is the kiddiots means
of choice for controlling his worms because it is the easiest or most
efficient way to do so, while also contending (2) that an IRC sunset
would not cause the immediate dissappearance of substansial
internet-wide problems. making it harder MAKES IT HARDER and must
therefore to some degree reduce the probability of abuse. therefore
the gain afforded to legitimate users by this medium should be
weighted against the direct affect its eradication would have on REAL
problems -- and, clearly, no one here is qualified to make this
judgement, else they would have offered such proof in immediate
response to the original post as opposed to blabbing incessantly about
incredibly obvious bullshit.
Actually, I was one of the first respondants and I *DID* provide proof of this in mentioning the WASTE P2P protocol and IM methods used for remote control of said IRCbot networks. The existance of these utilities (which are available and somewhat documented) reduces the "makes it harder" portion of the equation to almost nothing. Hell, the gaobot infector implemented these as a secondary backdoor method quite some time ago.

If you don't consider that to be proof of the point, then I suggest that you're a troll and that I shouldn't be here feeding you right now.

the only potentially useful point anyone
has made [not that it wasnt obvious] concerns the difficulty in
removing the medium ... but this is irrelavent, of course, since it is
more likely that the security community would suggest [and perhaps
assist in the developement of] a replacement [most importantly] to the
larger IRC networks.
That's not an irrelivent point - any kiddie with a dedicated PC can setup their own IRC server. Replacing the existance of all of the current IRC servers won't remove the ability for a cracker to easily setup their own. If the proposal is "negate IRC", then that proposal has to have a realistic plan for doing so.

im sure the original ford model-T had plenty of legitimate users who
didnt drive drunk or generally cause mayhem ... i dont see it around
anymore though ... hmm, i wonder if that correlates directly to the
increased safety of automobiles ... hmm hmm, indeed. </sardonicism>
No doubt, but there are people out there who choose to drive classic automobiles and forego their personal; safety in order to do so. How would you suggest stopping that?

Most people don't use IRC. Many do. If that's the point you're trying to prove here, you're right - but the point is effectively moot.

the issue is certainly not at all as cut and dry as most of you have
made it out to be.


Sure it is.  :)

            -Barry


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault