View Poll Results: Is it o.k. to remove malware remotely without informing the infected machines owner?

32. You may not vote on this poll
  • Yes

    11 34.38%
  • No

    21 65.63%
Results 1 to 10 of 16

Threaded View

  1. #1
    Join Date
    Feb 2005

    Question Ethics and computer security

    The highly succesfull bagle worm was capable of being removed remotely.

    From f-secure http://www.f-secure.com/v-descs/bagle.shtml

    "Remote Removal
    F-Secure can confirm that the remote removal method found by Joe Stewart of Lurhq does indeed work.
    Sending a specific byte sequence to port 6777 on the infected computers causes the worm to delete itself from the System Directory and terminate its process. The registry values are not removed but since the file does not exist Windows will ignore those.
    The byte sequence to be sent:
    0x43 0xff 0xff 0xff 0x00 0x00 0x00 0x00 0x04 0x31 0x32 0x00
    Please note that the usage of this method agains someone else's computers might be legally questionable."

    F-Secure notes above that using this method is legally questionable when run against someone elses computer. Putting aside the legality of this method (although anyone who has worked in "cyber" law please comment) I am curious if the community thinks the method is morally acceptable.
    Last edited by stevel; October 25th, 2006 at 09:33 PM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

By using this site, you agree to the Privacy Policy