[linux-elitists] security announcement mad-lib

Matt Bartley mbartley@exair.org
Thu Feb 6 13:45:25 PST 2003


Seen on last week's comp.risks issue. :-)

---------------------------------------------------------------------------
Date: Thu, 30 Jan 2003 10:07:53 -0800
From: Jeremy Epstein <jeremy.epstein@webmethods.com>
Subject: Pete Lindstrom's parametric worm warning

  [From Pete Lindstrom, Spire Security, petelind@spiresecurity.com]

*<Adjective> Computer Worm <verb> Internet*

In the wee hours of <date>, a <adjective> computer worm spread <adverb>
throughout the Internet. Dubbed <silly name> because <ridiculous reason
that doesn't explain anything about how it works>, and also known as
<another random name> and <another random name>, the worm has infected
an estimated <number> systems within <length of time>. Experts are
calling this worm the most <adjective> since <date in the past>.

The worm exploits a hole in <Microsoft product name> that was first
identified <number> months ago by <security company name>. In an attempt
to secure the planet, <same company> released detailed information about
the vulnerability and how to exploit it. They also mentioned how to fix
it, but apparently <noun> listened. Coincidentally, the worm that
exploited this hole was also first identified by <same company>. Even
more coincidentally, they make a product to protect against <noun>.

"Actually, it's not really a <noun>, it's a <noun>," said <Pete
Lindstrom, or some other person seeking publicity>. " A true <noun>
works by <random filler that nobody will read>." 

The worm's payload <verb> every system by <verb ending in -ing> the
<noun>. Comparatively speaking, this is much worse than <another worm>
but not as bad as <another worm>. The computers of <place> were hit the
hardest. Current damage is estimated at <dollar figure more than the GNP
of two-thirds of the world's nations>. " This worm has the potential to
<something or other>," said <Pete Lindstrom, or some other person trying
hard to come up with something interesting to say ;-)>. " It just goes
to show you that <another something or other>."

Though there is no way to protect against this particular bug, experts
recommend trying <longshot one> or <longshot two>, neither of which
matter, since nobody will do it anyway.
---------------------------------------------------------------------------

-- 
"Life's not fair, but the root password helps." -- BOFH



More information about the linux-elitists mailing list