RE: [OT] Even viruses are now i18n!

• Previous message: Mark Davis: "Re: Common Locale Data Repository Project"
• In reply to: Marco Cimarosti: "RE: [OT] Even viruses are now i18n!"
• Next in thread: Antoine Leca: "Re: [OT] Even viruses are now i18n!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

Quoting Marco Cimarosti <marco.cimarosti@essetre.it>:

> Antoine Leca wrote:
> > The virus cannot have any knowledge of a language code. And
> > much less of the language used by its next victim...
>
> It sends e-mails to addresses stolen from the previous victim's address
> list, so it can analyze the top-level domain of these addresses (".it",
> ".fr", etc.). Although, strictly speaking, these domains normally correspond
> to *country* codes, they are a pretty good hint of the language of the next
> victim.

An extremely good hint given that the goal is to infect as many machines as
possible as quickly as possible, anything that gets more than 50% accuracy
should be considered a successful approach in that context.

If the authorities find the author I doubt the robustness of the
content-language heuristic will be top of the list of things they want to
discuss.

-- 
Jon Hanna
<http://www.hackcraft.net/>
"…it has been truly said that hackers have even more words for
equipment failures than Yiddish has for obnoxious people." - jargon.txt

• Next message: Philippe Verdy: "Re: CLDR and locale designations (was: [OT] Even viruses are now i18n!)"
• Previous message: Mark Davis: "Re: Common Locale Data Repository Project"
• In reply to: Marco Cimarosti: "RE: [OT] Even viruses are now i18n!"
• Next in thread: Antoine Leca: "Re: [OT] Even viruses are now i18n!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2.1.5 : Fri Apr 23 2004 - 11:25:33 EDT