Copy Link
Add to Bookmark
Report

NuKE Issue 07-012

  

================================================================================
NuKE-NuKE-NuKE-NuKE-NuKE-NuKE-NuKE-NuKE-NuKE-NuKE-NuKE-NuKE
uK E-
E- "CARO's Undisclosed Meeting Agenda" Nu
Nu PART 1 KE
KE -N
-N By uK
uK ARiSToTLE E-
E- Nu
E-NuKE-NuKE-NuKE-NuKE-NuKE-NuKE-NuKE-NuKE-NuKE-NuKE-NuKE-Nu

NuKE InfoJournal #7
August 1993


% CARO's Meeting Agenda %

By now, most of us have seen this particular document and have
either accepted it as factual or shrugged it off as a hoax.
Regardless of your viewpoint, there are still a few items of
interest, and their implications, that I wanted to address.
Initially, I wanted to do this wonderful spill on the legal
aspects of cartels and collusion, but since this particular item
cannot be substantiated as being 100% legitimate, I prefer to
avoid any possible legal responses that may be incurred by doing
so. I will therefore attempt to define some of the more relevant
issues and let you be the judge.

The New American Dictionary defines the CARTEL as:
"A monopolistic combination of independent business enterprises."

The same dictionary defines COLLUSION as:
"A secret agreement for a deceitful or fraudulent purpose."

Let's first look at a few statements from this "alleged" agenda.

3. Membership categories - I'd like to formally propose three
categories - weeders, disassemblers, and advisory.
Advisories don't want, or get, the viruses. Disassemblers
have to do CARObase entries. For weeders, see below. It
means we modify Vcircle, and we don't give the password to
the advisories (e.g. Yisrael R. , Ken van Wyck, etc..)


The third motion in this agenda makes reference to the word
"MEMBERSHIP." Although this does yet imply any businesses or
transactions, we can safely assume that CARO is indeed a
structured organization.


4. Consideration of new applicants.
- John Buchanan asked me if he could join. He hasn't
formally applied, though.
- I'd like to suggest Sara Gordon
- Iolo Davidson ( worked at S&S for a few years, has my
collection, author of Virus Guard, does disasms )
- Steve Hill (something might have gone wrong with the vote,
as there is no record of no votes, according to Chris
Fischer)
- Any others

In item 4. we can now assume my claim of CARO being a
"STRUCTURED" organizations correct due to the reference of
"FORMALLY APPLIED."


7. Proposed action against organised virus writing groups -
working group to be formed, I suggest, with 2/3 US members
(Glenn, Joe, Ross?), 1/2 Euros. It's mostly a US problem,
now that ARCV have gone :-).

We should set up a Murky Database (Handles, BBSes, Names,
Addresses.) The objective is to get a police prosecution
against anyone who is committing a crime (but not, of
course, against anyone who is not committing a crime)


In line seven, we may be able to link "BUSINESS" into the picture
if the people mentioned, Glenn, Joe, and Ross, are the same
people as those we know as Glenn Jordan of DATAWATCH (Virex PC),
Joe Wells of SYMANTEC, and Ross Greenburg, author of FLU-SHOT.
If such is the case, then we have representatives of a common
field, uniting efforts for a common cause. There is nothing
illegal here and it is not implied that there is anything illegal
with what they may be doing.


8. Identification and naming - if Frisk isn't there, that'll
have to be deferred. But maybe Vess and I can do some stuff.

In line eight, we have yet another reference to a person who
could quite possibly be Fridrik Skulason, author of F-PROT.


11.4 An undertaking from those who want to participate. The
disadvantages are that you get to do lots of work, and
everyone benefits. Your company might not permit this.
I suggest we call these CARO members the Weeders.
Non-weeders don't get the garbage files (why would you
want them? ), and get the viruses slightly after the
weeders do.


In line eleven, subsection four, we can see a reference made to
the word "COMPANY." This seems to substantiate the claim that
the actual companies are involved with the CARO organization.

We can clearly see that the some members of CARO do work for
companies that may, in the long run, benefit from the efforts of
this organization's findings. I am concerned that CARO might
possibly become a cartel. Membership in CARO is restrictive in
nature, which conceivably keep other companies with software
ideas from joining and sharing the same benefits. Essentially,
this situation could be construed as a barrier to entry under
ideal conditions. If CARO can manage to encompass all of the
"select" companies, then quite possibly CARO may gain a
monopolistic control over the market. Although there
is one organization that presently holds the majority in market
share, the possibility for a combined effort producing a new
technology exists. All of us know that this one person must soon
adopt a new method of detection and eradication or his product
produce will quickly become too cumbersome for any practical
use. You think about all the possibilities!

Moving right along... Let's look at the second definition that I
mentioned earlier in this text. Collusion!

According to the dictionary definition of the word, collusion
does not always have to imply "illegal" activities, only
deceitful or fraudulent. With this in mind, take a look at some
of the following excerpts from the "alleged" CARO agenda.


12. The CARO Virus Collection. I think that it is really
important that there be no such thing. That way, if people
ask for it, or claim they have it, then it's nonsense. Can
we so move - there is no such thing ?


This is self explanatory, but what is all this tripe in the new
set of statements?


5. CARO Base
We need to come to a conclusion. Maybe the weeders (see
below) are excused from CARO basing, on the basis that they
are contributing as weeders ? That also gets Vess off that
hook.


Okay! So there is a CARO base!


6. Virus Tagging
We have a leak somewhere. I'd like to find it, and stop it.
So we need to tag the viruses - that's easier than it
sounds, these days. Lets decide how.


The "BASE" is obviously a "VIRUS" base!


11. Sharing the work on collections. I'd like to propose that
for future collections like Stang's collection, or
Buchanan's where the main problem is sorting the wheat from
the chaff, that we divide the work up. You should be
prepared to:

11.1 Sort out the viruses from the non-viruses (that's the
main workload)
11.2 Isolate the non-viruses (put them in Zip files, marked
Intended, Innocent and Garbage)
11.3 Make a replicant of the viruses into a group of Goat
files (I am willing to donate my little files [ big
deal]) so that we all have N replicant and the
original. And a small descriptive text file of the
basic info, which is (roughly how it infects, roughly
what it infects, is it encrypted, is it stealth, is it
polymorphic). This is preliminary info, which you'll
get as a result of replicating the viruses without
doing any real work. Put this text file, plus the
replicants, in a Zip, and if we all do some of the
collection, many hands make light work. Since the work
is proportional to the number of files I suggest that
we divide it on that basis.

If N people volunteer to be weeders, each one will get
1/N of the files in the collection. This idea only
applies to collections that are large and likely to be
weedful, and I think we should expect more such in
future.

11.4 An undertaking from those who want to participate. The
disadvantages are that you get to do lots of work, and
everyone benefits. Your company might not permit this.
I suggest we call these CARO members the Weeders.
Non-weeders don't get the garbage files (why would you
want them? ), and get the viruses slightly after the
weeders do.

11.5 Someone to act as a central coordinator/ collator/
disseminator. Vess is the obvious candidate, but he
might have too much on already.


Again, we're back to square one! Someone is going to now say
that the CARO Virus Collection doesn't exist, or at least make a
motion to this effect.


12. The CARO Virus Collection. I think that it is really
important that there be no such thing. That way, if people
ask for it, or claim they have it, then it's nonsense. Can
we so move - there is no such thing ?


14. Dinner. Beer. More beer.


...and last but not least, the last line of the "alleged" CARO
agenda. Having read this article time and time again, I am
convinced that they must have done line fourteen for at least
three days prior to ever discussing line one.

You decide for yourself what these people are doing. I only
wanted to take the opportunity to show it to you the way I see...
Of course, I could be wrong, but as I see it, CARO may be able to
monopolize the industry if they control the mass collection and
can manage to restrict it from those whom the may not "approve."
Couple this with legislation in their favor and the general public
will be in for quite a shock. I dare say we would see any "free"
software any longer. Who works for free? How many people can you
count on one hand that are trying to do something for YOU?

Special thanks to Time Lord of Phalcon/SKISM for snatching the agenda
at the New York conference!

ARiSToTLE/NuKE
===============================================================================

← previous
next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Let's discover also

Recent Articles

Recent Comments

Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT