RE: [iwar] RE: China virus

From: Rob Rosenberger (junkmail@barnowl.com)
Date: 2001-04-05 14:16:50 

Return-Path: <sentto-279987-1095-986505403-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Thu, 05 Apr 2001 14:17:07 -0700 (PDT)
Received: (qmail 10800 invoked by uid 510); 5 Apr 2001 21:17:11 -0000
Received: from mw.egroups.com (208.50.144.94) by 204.181.12.215 with SMTP; 5 Apr 2001 21:17:11 -0000
X-eGroups-Return: sentto-279987-1095-986505403-fc=all.net@returns.onelist.com
Received: from [10.1.4.53] by mw.egroups.com with NNFMP; 05 Apr 2001 21:16:43 -0000
X-Sender: junkmail@barnowl.com
X-Apparently-To: iwar@yahoogroups.com
Received: (EGP: mail-7_1_1); 5 Apr 2001 21:16:41 -0000
Received: (qmail 5717 invoked from network); 5 Apr 2001 21:16:31 -0000
Received: from unknown (10.1.10.142) by l7.egroups.com with QMQP; 5 Apr 2001 21:16:31 -0000
Received: from unknown (HELO barnowl.com) (206.72.12.109) by mta3 with SMTP; 5 Apr 2001 22:17:35 -0000
Received: from office01 (unknown [10.1.1.136]) by barnowl.com (Postfix) with SMTP id B8F69ED63 for <iwar@yahoogroups.com>; Thu,  5 Apr 2001 16:13:31 -0500 (CDT)
To: <iwar@yahoogroups.com>
Message-ID: <NDBBJBDJCGCKGDILPNNECECMGAAA.junkmail@barnowl.com>
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
Importance: Normal
In-Reply-To: <200104041108.EAA26280@all.net>
From: "Rob Rosenberger" <junkmail@barnowl.com>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Thu, 5 Apr 2001 16:16:50 -0500
Reply-To: iwar@yahoogroups.com
Subject: RE: [iwar] RE: China virus
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Oh, I wanted to blow the story wide open at first.  I detest the Chinese
regime.  We off'd the Rosenbergs for this kind of stuff, you know.

And I certainly wanted to revel in the irony.  AV firms spit on people who
distribute virus collections for profit, only to get caught distributing
virus collections for profit -- promised by a low-tech communist regime
known for rampant software piracy.  Man, I wallow like a pig in the
industry's sty.

Except I couldn't nail it to an ethical violation.  I detest the Chinese
regime, but the whole thing fits the pattern of a pure marketing decision.
China's demand for viruses, vendors' willingness to comply, CARO's desire to
glue the AV cartel back together, and the individuals who made it all happen
... everything boiled down to The Almighty Dollar.

I thought about blowing the story open (a) for the scoop and (b) to expose
the irony.  Yet if I did so, the cartel would line up as one and declare me
the common enemy.

On the other hand, if it festered long enough, I knew it would eventually
wind up in the press *anyway*.  Richard Clarke, General Eberhart,
Congressman Weldon, they all fear the cyber-Chinese.  You can imagine the
smile on my face when Clarke said (and I quote) "oh shit!" upon learning of
it.  He'd only just come away from his first White House shindig with the
antivirus industry, where he begged them for new ideas to protect the U.S.
from Chinese viruses.

I again thought about blowing the story open (a) for the scoop and (b) to
make Clarke squirm.  Yet again, if I did so, the cartel would line up as one
and declare me the common enemy.  On the other hand, if it continued to
fester, I knew it would eventually wind up in the press *anyway*.  Once the
politicians know about it, it's just a matter of time...

My silence showed the AV cartel how little I cared about their debacle from
an ethical standpoint.  And, of course, when it *did* blow up in the
cartel's face, I could use my own silence to debunk the "omigod here comes
the infowar" crowd.  (Um, no offense.)

Speaking of the "omigod here comes the infowar" crowd...  Here's my take on
the timeline of events:

   * 199? ???: individual AV firms start giving viruses to Chinese
   * 1999 May: U.S. blows up Chinese embassy by mistake
   * 1999 Jun: China declares cyber-war on U.S., nukes the Internet
               with AV-supplied superviruses
   * 1999 Sep: AV firms combine and start giving viruses to Chinese
               as a cartel rather than as individuals
   * 2000 Dec: White House invites AV cartel to discuss ways to stop
               China from nuking the Internet
   * 2001 Jan: White House learns AV cartel gives viruses to Chinese
   * 2001 Mar: Wall Street Journal exposes AV cartel for giving
               viruses to Chinese
   * 2001 Apr: China declares cyber-war on U.S. over EP-3, nukes
               the Internet with AV-supplied superviruses

Well, okay, "1999 Jun" didn't happen.  "2001 Apr" hasn't yet happened, but
it MIGHT!  God, I feel like I miss the Internet already.  Everyone update
your Chinese antivirus software.

I never expected this story to blow open in the Wall Street Journal.  And
I'll tell you this: I didn't rat out the industry.  Someone has bigger balls
than mine...

Rob

-----Original Message-----
From:
sentto-279987-1092-986382505-junkmail=barnowl.com@returns.onelist.com
[mailto:sentto-279987-1092-986382505-junkmail=barnowl.com@returns.onelis
t.com]On Behalf Of Fred Cohen
Sent: Wednesday, 4 April 2001 6:08 AM
To: iwar@yahoogroups.com
Subject: Re: [iwar] RE: China virus


Where have you been Rob? You haven't posted articles on this for the
last year? But seriously... what specific issue are you referring to
in your point?

FC
Per the message sent by Rob Rosenberger:

> Where have you been, Fred?  This has been going on since 1999 and I
learned
> about it months ago.  Didn't you see the WSJ expose on Friday?  Look for
my
> previous iwar email...

> Rob

--
Fred Cohen at Sandia National Laboratories at tel:925-294-2087
fax:925-294-1225
  Fred Cohen & Associates: http://all.net - fc@all.net -
tel/fax:925-454-0171
      Fred Cohen - Practitioner in Residence - The University of New Haven
   This communication is confidential to the parties it is intended to
serve.
	PGP keys: https://all.net/pgpkeys.html - Have a great day!!!


------------------
http://all.net/

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/



------------------------ Yahoo! Groups Sponsor ---------------------~-~>
Secure your servers with 128-bit SSL encryption!
Grab your copy of VeriSign's FREE Guide,
"Securing Your Web site for Business." Get it now!
http://us.click.yahoo.com/KVNB7A/e.WCAA/bT0EAA/kzAVlB/TM
---------------------------------------------------------------------_->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/

This archive was generated by hypermail 2.1.2 : 2001-06-30 21:44:06 PDT