Profile picture
Karsten Hahn @struppigel
, 12 tweets, 3 min read Read on Twitter
Some thoughts about maliciousness of joke malware, educational malware and other "gray" areas. (thread)
Malware is any program that does harm to a system or user.
Harm or damage is not limited to things you can count as monetary loss. It can also be sleepless nights, feeling anxious or frightented, having personal data leaked that might or might not be used to harm you later.
Threats harm users. Empty threats also harm users, people don't know whether it is empty.
dailymail.co.uk/news/article-2…
Just because someone is not as capable as you to distinguish between real and empty threats, it doesn't suddenly make it ok to hurt them. Non-tech savvyy people have to be thought of. Children have to be thought of.
helpnetsecurity.com/2015/01/26/pol…
The mere fact that a program has funny pictures, memes and jokes, doesn't make it clean. Nor does improper writing.
There are gray areas, e.g., a remote access tool can be malware or clean depending on how it operates, e.g., whether it has functions to hide from a user, to make abuse more difficult, or to circumvent AV software. Generally you weigh up benefits and drawbacks for the user.
Good example: FlawedAmmyy vs Ammyy Admin
Same code, mostly, but one is malware and one is clean. proofpoint.com/us/threat-insi…
A prank program that has no other use than annoying people, has nothing on the benefit side for the receiving end. That makes the decision easy.
The intent of the author doesn't count when deciding whether a sample is malware or not.
1. We simply don't know the intent in most cases.
2. Your "good intent" still doesn't free you from your responsibility to not harm anyone.
Best example is Morris' worm which was written to "gauge the size of the Internet" and became harmful by mistake. Morris was convicted.
en.wikipedia.org/wiki/Morris_wo…
On the same note: A disclaimer that "proves" your good intentions and tells users not to abuse your code/tool doesn't make your malware suddenly less harmful.
gdatasoftware.com/blog/2016/11/2…
A badly written malware isn't suddenly clean because you can repair the damage easily or circumvent it.
E.g., a screenlocker you can kill via task manager is still malware.
Non tech savyy users aren't able to do that.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Karsten Hahn
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @struppigel see all

Profile picture
Some arbitrary facts about malware detection names and detection rates on VT.
(thread)
(1) Detection names usually include information about platform, malware type, family and variant, sometimes also hints about the technology that was used to detect the malware.
(2) The malware type and family in a detection name are NOT reliable.
Read 18 tweets

Related threads

Profile picture
#Thread: Our chair Omingo Magara articulated The Centre for Multiparty Democracy's memorandum to the Building Bridges to Unity Advisory Taskforce consultative meeting with stakeholders held today at the Kenyatta International Convention Centre. #BuildingBridges
The Building Bridges to a New Kenyan Nation is premised on the fact that Kenya has made progress towards consolidating its democratic landscape, but much remains to be done in addressing underlying challenges that threaten political, social and economic standing of the country.
Our democratization process and stability have been characterized by challenges that are well outlined in the Joint Communique of March 9th 2018 by H.E. the President Uhuru Kenyatta and the former Prime Minister Rt. Hon. Raila Odinga.
#BuildingBridges
Read 51 tweets
Profile picture
#THREAD
Gemalto has apologised for publishing erroneous report on Aadhaar data breach. But why would a world class firm mislead the people of India? What has Gemalto to gain from it? Does Gemalto has stakes in #Aadhaar? Lets see which journalist has the courage to report this.
To understand whats really going on you must first know the background of Gemalto and where it comes from, that would bring things into clear perspective. Then we would address the Aadhaar issue and how the People of India is being mislead by UIDAI.

Neville Pattinson Vice President, Government affairs at Gemalto is board member of Smart Card Alliance a RFID industry group, also serving US Department of Homeland Security's Data Privacy & Integrity Advisory Committee - inchanrge of various Govts biometric programs like Aadhaar
Read 20 tweets
Profile picture
#Thread: Rough translation on Rajini's recent statement on RMM activities.

I'd like to clarify the false rumors stating RMM works are happening without my permission. All activities regarding RMM are happening with my knowledge & permission.

#RajinikanthPoliticalRevolution
Already by last year May month, I said that "I won't allow people near me who have thoughts of getting posts & earning money when I enter politics. So, those people stay away right now."

#RajinikanthPoliticalRevolution #Thread #Rajinikanth
Didn't say it for word-sake. We are entering politics to bring out a new political culture for a good political change. If we've to do politics like others, why should we enter politics?

#RajinikanthPoliticalRevolution #Thread #Rajinikanth
Read 15 tweets
Profile picture
#Thread: Press Conference today regarding TheEastLight's recent events regarding the band's abuse and assault by Producer A and CEO KimChanghwan "B" (leader Lee Seokcheol) and his lawyer at Choyeongrae Hall
(181019)
Lee Seokcheol shares that both he and his brother, Lee Seunghyun have endured being beaten by Producer A

Lee Seokcheol shared that Kim Changhwan, their CEO, was aware of the situation and would watch the two of them be beaten up in the 5th floor studio
Seokcheol shares for the past 4 years, beginning in 2015, he and the members would be clubbed by a baseball bat, the abuse would occur everywhere within the company, studios, practice rooms
Read 37 tweets
Profile picture
#Thread As Kerala is recovering from the devastating floods, a Kasargodu native is heading India's first comprehensive flood monitoring system in Kolkata funded by Asian Development Bank. Follow the thread for more about the project which will be functional from next month.(1/n)
Gopalakrishna Bhatt, A hydro geologist from Badiyaduka is the technical consultant of the project. It has been designed to
provide forecasts as well as real-time updates from sensor
nodes installed in key points throughout the city. Read Here:manoramaonline.com/news/latest-ne… (2/n)
The system includes: weather forecasts; flood models for
various intensities of rainfall; real-time information on
pump status, sump and canal water levels, actual rainfall, inundation levels,; and messaging system to
provide warnings to officials
and citizens. (3/n)
Read 17 tweets
Profile picture
#Thread @benkoku I'm a nurse working with an international school in Ghana. They have smart boards in every classroom which is good for visual learning. This is one of the reason why students who attend these schools become smarter than their colleagues in other schools
They write International exams, go through IG and IB. After IB these kids come out with internationally recognized certificates. I think a system like this is what we should adopt rather than this joke we call double track system #CitiCBS
I personally attend one of the universities in Ghana and I was having difficulties in the sciences. My dad asked me to search Khan academy and type any topic I find difficult. I was astonished the same topic that I sit in class for 2hrs and don't understand,
Read 5 tweets

Trending hashtags

#Hinduness #CommonDataModel #Moscovici #FotosDeFatos #TLDR #Russia #TrumpRussia #FMI #Kochi #nocebo #Sabarimala #MSDyn356 #Ahvaz #Hindu #croissance #UnitedKingdom #October18ReleaseNotes #Microsoft #FoxNews #SmartCities #Resist #ksleg #perquisition #surchauffe #chômage

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!