Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Why is IRC still around?
From: vord <vordhosbn () gmail com>
Date: Sun, 21 Nov 2004 12:06:46 -0600

vord <vordhosbn () gmail com> wrote:
if shooting people is evil, OBVIOUSLY guns are flawed, but only
insofar as people are capable of abusing them, willing to abuse them,
and effective in their attempts at doing so. so to burn the candle at
both ends you have to fight the spread of trojans and virii by fixing
the holes they exploit and providing detection services, while also
continually analyzing and evolving the structure on which it all
rests. ie, the internet at its core... protocols, etc.

On Sat, 20 Nov 2004 18:59:54 -0700, james edwards
<hackerwacker () cybermesa com> wrote:

But, just like IRC, a gun has legit uses. I am alive today because
I was in a situation where it was kill or be killed (I surprized so folks
robbing my house). So,  OBVIOUSLY, guns are not flawed. Your argument,
on the other had, is.


what? ...

from the perspective of someone with initiative to solve security
problems it should not matter whether or not a legitimate use for
something exists, or whether or not the number of legitimate uses for
something out number the illegitimate. all that matters is whether or
not abuse can occur. the possibility for abuse and certainly the
actuality of abuse are what constitute flaws in a something. both guns
and IRC, by all reasonable measures, are abused and therefore flawed
as well. further, whether these things have any more or any fewer
flaws than anything else is also irrelevant. IRC is abused, it is
flawed, it should be fixed or trashed, and only continually used while
a better alternative is in development.

the irony here is that IRC contributes a great deal to the
malware/virii/trojan/scriptkid problem, which seems to be a rather
large concern on this list and elsewhere, yet very little to nothing
is being done about these problems in relation to IRC specifically --
not by server admins, not by developers, and not by security
professionals -- to my knowledge. and as stated previously, "they
would move to another medium" is an incoherent defense for inaction.
please accept and understand precisely why IRC is the medium of choice
for this kind of activity: because it is easiest to abuse; and if you
don't accept this ... how else do you account for the disproportionate
amount of it taking place on IRC versus all other mediums mentioned in
this thread? anyone?

[flame] and btw james, everyone knows that people have flaws -- there
probably isn't anything more obvious than this fact; but considering
your argument above, i suggest you leave those problems to the
psychologists and start doing your job. [/flame]

invulnerable to the accidents of people and books.
http://www.eleat.org [NSFW]
http://vord.rsc.cx [NSFW]

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]