funsec mailing list archives
Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!]
From: Drsolly <drsollyp () drsolly com>
Date: Fri, 30 Dec 2005 19:24:46 +0000 (GMT)
i halfway agree with this. since the community undergoes constant churn in the membership of "trusted", there's a scaling limit induced by the churn that feels like it's not much higher than the scaling limit induced by "have to do everything manually and deal with transitivity instabilities in the trust web". in other words, the manual/transitive scaling problem isn't the bottleneck simply because something else is already the bottleneck. however, the manual/transitive scaling problems are really much more costly than what you said. "soon found out" is hardly guaranteed -- i've known of moles or double-agents in various security communities but was forbidden to "out" them due to ongoing law enforcement actions. probably i only knew the tip of that iceberg. a lot of sensitive material got leaked to people i knew were evil, and it's my basic assumption that they shared it further. i'd say that like any malevolent parasite, these people try pretty hard to keep their true nature and impact hidden. i'm SURE there's more of this kind of thing going on than i know. i'm also sure that "N degrees of separation", for very moderate values of N like "2" or "3", can introduce enough uncertainty as to how much vetting is really done or how much evil-tolerance is really present, that i've pretty much settled on a sharing rule similar to gadi's -- i only share with folks who i know will respect my sharing rules, which are usually "it ends here."
So I guess you won't be sharing with anyone who runs an open, unvetted VX system.
so it's not unscalable for the reasons given, it's unscalable anyway, and i'm very interested in a better system. heinlein's treatment of this issue in "the moon is a harsh mistress" was most instructive. do we need a cell structure the way revolutions do? if so that's interesting. are we part of a revolution?
There is a dilemma here. We want to share stuff with people who will make a good and beneficial use fo it, and we don't want to share stuff with people who will act maliciously. There's two extreme solutions to this, "don't share with anyone" and "share with everyone". I think most people (other than blackhats) agree that neither of these are good solutions. So, you have to share with *some* people, and that means sharing with people who you trust. Different people might have different algorithms for deciding who to trust, but all people have some way they use. I think Paul is saying here, that the "transitive trusting" model is too lax for his approval, and I can understand that. But remember, we're trying to change the methods of someone who isn't even using something as open as that. Maybe I was right the first time around, and Val Smith is beyond redemption. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!], (continued)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 28)
- where are all the researchers here? speak up! [WAS: Malware sharing? People are full of shit] Gadi Evron (Dec 29)
- Re: where are all the researchers here? speak up! [WAS: Malware sharing? People are full of shit] Dude VanWinkle (Dec 29)
- RE: where are all the researchers here? speak up! [WAS:Malware sharing? People are full of shit] Randy Abrams (Dec 29)
- Re[2]: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Pierre Vandevenne (Dec 28)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 29)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 29)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Paul Vixie (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Paul Vixie (Dec 30)
- heinlein, a fascist? HOW DARE YOU??!! [WAS: Malware sharing? People are full of shit] Gadi Evron (Dec 30)
- Re: heinlein, a fascist? HOW DARE YOU??!! Rob, grandpa of Ryan, Trevor, Devon & Hannah (Dec 30)
- Re: heinlein, a fascist? HOW DARE YOU??!! Paul Vixie (Dec 30)
- Re: heinlein, a fascist? HOW DARE YOU??!! [WAS: Malware sharing? People are full of shit] Pierre Vandevenne (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] val smith (Dec 28)
- RE: Re: Malware sharing? People are full of shit [was:Getyour computer viruses here!] Randy Abrams (Dec 28)
- Re: Re: Malware sharing? People are full of shit [was:Getyour computer viruses here!] Gadi Evron (Dec 29)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] val smith (Dec 28)