funsec mailing list archives
RE: Get your computer viruses here!
From: "Randy Abrams" <abrams () eset com>
Date: Wed, 28 Dec 2005 17:38:34 -0800
I gotta go for a while. It's Nick's shift now :)
-----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Nick FitzGerald Sent: Wednesday, December 28, 2005 5:16 PM To: funsec () linuxbox org Subject: Re: [funsec] Get your computer viruses here! val smith (top-posting to Jason Geffner):Maybe nothing good has ever come out of malware except forsome goodresearchers / analysts. Definitly requires more researchon my part. Many/most/all of whom would have ended up doing something similar anyway as its largely a mindset thing...The idea of software protections came of of copyright needs sure, however one could argue that advances in that field dosometimes comefrom malcode authors. ...Which is a "good thing" why? Competent copy-protection system developers would devise their own ever more difficult to crack protections on their own (at least as long as the money made their spending their time on it worthwhile). That's the way things work. That they could rip ideas from essentially public domain, initially malware-specific code is just a bonus to them (though potentially exposes them to patent and other liabilities if they don't do the appropriate due-diligence on the code/idea they're ripping). Suggesting that you making samples available might improve the work of the anti-piracy/DRM/etc folk is hardly going to win plaudits for your project either...And to Randy re biological viruses, no I was making theargument thatsometimes good things can come out of something consideredto ONLY be bad. Yes, a well-understood point, _in the NATURAL realm_. I'd have thought the point here though is that although some "good stuff" has come from, and it seems likely we'll continue to see more such "advances", have you ever seen a free-for-all biological virus "analysis and experimentation" lab? Nope -- because of the risks of allowing the less-than-highly-capable access to such material, it is kept in extremely strictly controlled environments and locations. Computer viruses and other malware are not as dangerous as their bilogical counterparts, but responsible access should still be practiced.Also you'll noticed i put "new" in quotes. I know its notreally a newidea although maybe someone could enlighten me as to a previous project that tried to profice a shared analsys experiencethat wasn't limited to "vetted"researchers. ...Investigate the history of VX in general -- you'll find that many such operations have "justified" themselves on the basis that they are "strictly for educational purposes" and the like. All nonsense of course, just as yours is.... I guess I don't feel like I can make the decision as to who is vetted and who isnt. If I did then perhaps I would be"playing God" inmy kingdom as a previous poster suggested.So it's better that you just let all and sundry in to do whatever they want, benefit however they can and so on? In short, you are admitting that you have no scruples for, faced with what you clearly recognize as a moral dilemma, you decide to solve it by ignoring it. The ethically principled solution to your dilemma -- should I do this reposnibly or not?, the responsible approach means playing God, I don't want to play God -- is, of course, to NOT proceed with the project, but that's not the approach you took, so we know you are not ethically principled. Your bio says you have over ten years compsec experience, yet you display the ethics of a "normal" 10-12 year old. I'm glad I'm not one of your former customers or employers... Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. __________ NOD32 1.1343 (20051228) Information __________ This message was checked by NOD32 antivirus system. http://www.eset.com
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Format of embedded graphics, (continued)
- Re: Format of embedded graphics David Lodge (Dec 29)
- Re: Format of embedded graphics Florian Weimer (Dec 29)
- RE: Format of embedded graphics Larry Seltzer (Dec 29)
- Re: Format of embedded graphics Florian Weimer (Dec 29)
- Re: Get your computer viruses here! Drsolly (Dec 29)
- Re: Get your computer viruses here! Florian Weimer (Dec 28)
- Re: Get your computer viruses here! val smith (Dec 28)
- RE: Get your computer viruses here! Randy Abrams (Dec 28)
- Re: Get your computer viruses here! Nick FitzGerald (Dec 28)
- RE: Get your computer viruses here! Randy Abrams (Dec 28)
- Re: Get your computer viruses here! Drsolly (Dec 28)
- Re: Get your computer viruses here! C (Dec 28)
- Re: Get your computer viruses here! Drsolly (Dec 29)
- RE: Get your computer viruses here! Drsolly (Dec 29)
- Re: Get your computer viruses here! Gadi Evron (Dec 30)
- Re: Get your computer viruses here! Drsolly (Dec 30)
- Re: Get your computer viruses here! C (Dec 30)
- Re: Get your computer viruses here! Drsolly (Dec 30)
- Re: Get your computer viruses here! Nick FitzGerald (Dec 30)