[ Thanks to LinuxNews.pl for this link.
]
“Over year ago, with couple of friends, we started writing a
project, called ‘Samhain’ (days ago, on packetstorm, I noticed cute
program with same name – in fact it’s not the same app, just a
coincidence ;). We wanted to see if it’s difficult to write deadly
harmful Internet worm, probably much more dangerous than Morris’s
worm. First, we agreed theoretical guidelines for such
application:
1: Portability…
2: Invisibility…
3: Independence…
4: Learning…
5: Integrity…
6: Polymorphism…
7: Usability…”
“This text describes our ideas, concepts and implementation
details. It is NOT the terrorist’s handbook, and has not been
written to help other people to write such code on their own. It is
a study of technical possibilities instead. It’s written to show
that very serious potential risk, which we virtually can’t avoid or
stop, isn’t only hypothetical.”
“But we should remember: a working model has been written.
And this model is deadly dangerous engine, which can be certainly
used to something more than e-mail based infection of user-end
workstations… Probably we aren’t the first people who thought
about it and tried to write it, that’s what make us
scared…”