[svlug] Advisory CA-2003-0401: /dev/null Vulnerability (fwd)

[Ian Kluft]

Earlier I forwarded this article...
>From: lsloof at cirt.us (Dr. Lirpa Sloof)
>Newsgroups: alt.security,comp.security.unix,comp.os.linux.security
>Subject: CIRT Advisory CA-2003-0401: /dev/null Vulnerability
>Date: 01 Apr 2003 08:21:28 GMT
>Organization: Computer Incident Response Team (CIRT)
>Lines: 189
>Message-ID: <advisory-ca-2003-0401 at announce.cirt.us>
>
>
>CIRT Advisory CA-2003-0401 /dev/null Vulnerability
>Computer Incident Response Team
>[...]

OK, time to take responsibility for this one...
   http://www.kluft.com/~ikluft/humor/devnull.html

This was obviously an April Fools joke.  Well, maybe not as obvious as
I intended.  It was supposed to have the look of a CERT Advisory for just
long enough to hook you.  But some people got hooked and very concerned
(i.e. they fell for it) even though CERT was deliberately misspelled CIRT,
and other stuff.  It was from some (fictitious) person named "Lirpa Sloof"
who always seems to post April Fools jokes because that's what the name
spells backwards. :-)   But still, you can only read so far before you know
it's a joke.

It was fun.  Feel free to share it with your friends.  Generally once
everyone realized it was a joke, they got good laughs out of it, which
is what April Fools jokes are supposed to do.

I did a test run of the advisory by a friend at work (who's a software
testing manager) where I could watch the reaction.  As expected, he read
through the boilerplate at the beginning and was taking it seriously.
(He knows to watch for "Lirpa Sloof" but I guess "Dr. Lirpa Sloof"
apparently got past his pattern recognition.)  Then he started to hit
"page down" a few times to scan it and said, "Wait a minute!  I saw the
word 'weasel' in there somewhere!"  Then he knew.  It is April Fool's Day,
after all.  :-)