Malware purveyors need a bullet to the fucking head.

[Lynn_Bodoni]

GHO57:

Don’t worry. Once I take over the world, they’re history… or geography. Now, does anyone know where I could hire an all conquering army on the cheap?

All you really need to get your point across is a pound of honey, some ropes, and a nest of fire ants.

[Dallas_Jones]

Lynn_Bodoni:

GHO57:

Don’t worry. Once I take over the world, they’re history… or geography. Now, does anyone know where I could hire an all conquering army on the cheap?

All you really need to get your point across is a pound of honey, some ropes, and a nest of fire ants.

Too tame.

Ordeal of the Boats.

Where the offender was strapped into a small boat, another boat was strapped inverted over the top, making a sort of coffin leaving the person’s head exposed and body confined.

Then the offender is force-fed mead and honey until they get the uncontrollable shits. They lie there in their own filth while the flys and beetles lay larva that consumes them as they lay there alive, with everyone watching.

Takes a few days, but it makes for a hell of a picnic.

I don’t know where I read about this but I’m not making it up.

[Johnny_Angel]

Amblydoper:

Johnny_Angel:

That doesn’t mean the error is maliciously exploitable, but there are people who know how to find out, and they do find out to the tune of sometimes a dozen newly discovered vulnerabilities a day.

Fear_Itself:

Creating a new infection these days is not easy, and requires no small investment of time and technical expertise to accomplish.

These two quotes contradict each other. Which is it guys? Are exploits a dime a dozen, or are they time consuming projects?

Both. Lots of vulnerabilities are being discovered all the time, but they are of varying degrees of exploitability, and finding a sweet spot there takes research. Meanwhile, the White Hats are trying to find any code you put out in the wild and teach their scanners to recognize it by signatures, so you have to either scrap the code or manage to modify it enough to smuggle it past on-access scanners. So, you’re tweaking your code, but you only have so much time before the software vendor twigs to what bug you’re exploiting, so you have to keep researching what you’ll be pwning next. You can save some effort by sticking to the vulnerabilities discovered by the White Hats and responsibly disclosed in co-operation with the vendors who issue a patch with the announcement, though your returns will be smaller because some people actually apply the latest patches, but what’s really juicy is to discover what’s called a zero-day vulnerability that you can exploit in the wild before anybody knows it exists, and that takes loads of research. So now imagine that you’ve decided to get only a fraction of the potential profits from all this work by pwning Macs instead of PCs.

[3waygeek]

I should note that the only two Trojans I’ve ever picked up were off the SDMB, both within the last 3 months, and both on systems with current, well-regarded AV software.

[Guinastasia]

Wouldn’t you need trojans if you’re going to be using fake viagra?

[Fear_Itself]

Guinastasia:

Wouldn’t you need trojans if you’re going to be using fake viagra?

Just fake trojans.