BBC 'vague' reporting again!

[Roland Perry]

In article <4935AA69.1000406@gmx.co.uk>, Dave Howe <DaveHowe@gmx.co.uk> 
writes
>Roland Perry wrote:
>> I don't follow the terminology used here. What's "package analysis",
>> for example?
>
>I am not using any special terminology - a package is a group of related
>files which comprise a single installed program or suite,

OK. I just hadn't heard that expression used for such a long time.

>and I mean that, on encountering a package the attack software is not 
>familiar with, it will report back names and version numbers to some 
>central server and download a tailored attack module (if available) 
>and/or upload the binaries to the central server so that such a module 
>can be written.

That reminds me of a Government Crypto forum I spoke at, in around 2000, 
where I made the point that if people intercepted emails they might 
discover they were 'encrypted' in Wordperfect, Locoscript, or a 
multitude of other proprietary formats.

In the context of these email trojans, perhaps I'm unnecessarily 
pessimistic (looked at from the snooper's point of view). A few years 
ago I did a small study of IMAP clients (never did find one that worked 
well enough) and was quite surprised how many there were to choose from.
-- 
Roland Perry