funsec mailing list archives
Re: DefCon 'Race to Zero'
From: "Paul Ferguson" <fergdawg () netzero net>
Date: Sat, 26 Apr 2008 03:04:17 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -- B Potter <gdead () shmoo com> wrote:
I find the whole situation offensive. We are WAY too polite about
discussing vulnerabilities in public right now. The ppl attacking us aren't ashamed to share information, and we shouldn't be either. Unfortunately, as a community, there's a self-imposed gag order in place that basically says "if you drop 0-day, you are evil"
Just because you don't talk about something, doesn't mean it's not
there... that's been a core tenant of security research for a long time. That's why we have concepts like full-disclosure and that's why many conferences were originally created. More power to the contest organizers for encouraging public discourse about the state of vulnerabilities.
I'm happy to discuss vulnerabilities. In fact, I agree with almost all of your points. This is about creating new malware as a contest to slip by AV scanners. What the does that prove? Nothing, really. If people rely solely on an AV scanner for protection, they are sorely misguided. AV is only a tool. To assume it is anything more than that is disingenuous. Everyone knows that criminals have set up their own private "VirusTotal-like" scanner portals to test whether or not they can slip a new binary down the Botnet C&C pipeline. I call this what it is: "infotainment". It really accomplished nothing more than that. This won't be decided here, or in the court of public opinion, either. When you look at the fact that, in the past week alone, more than ~600,000 websites have compromised to harbor malicious iFrames or JavaScript in this whole process -- to infect unwitting consumers in an ongoing effort to rob them blind -- the problem is much, much larger than trying bypass virus scanners. $.02, - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFIEpuuq1pz9mNUZTMRAh9AAJ4iv4Ngl8hJRI/LDu4FAK2EDqUEiwCg7pDd R9oiEylc6lKQTIp5lye0izI= =P34S -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: DefCon 'Race to Zero', (continued)
- Re: DefCon 'Race to Zero' Paul Ferguson (Apr 25)
- Re: DefCon 'Race to Zero' B Potter (Apr 25)
- Re: DefCon 'Race to Zero' Rich Kulawiec (Apr 26)
- Re: DefCon 'Race to Zero' Joel R. Helgeson (Apr 28)
- Re: DefCon 'Race to Zero' Toralv_Dirro (Apr 28)
- Re: DefCon 'Race to Zero' Nick FitzGerald (Apr 28)
- Re: DefCon 'Race to Zero' Gadi Evron (Apr 28)
- Re: DefCon 'Race to Zero' Blue Boar (Apr 28)
- Re: DefCon 'Race to Zero' Nick FitzGerald (Apr 29)
- Re: DefCon 'Race to Zero' B Potter (Apr 25)
- Re: DefCon 'Race to Zero' Paul Ferguson (Apr 25)
- Re: DefCon 'Race to Zero' 'Rich Kulawiec' (Apr 28)
- Re: DefCon 'Race to Zero' Gadi Evron (Apr 25)
- Re: DefCon 'Race to Zero' Gadi Evron (Apr 25)
- Re: DefCon 'Race to Zero' Charles Miller (Apr 28)
- Re: DefCon 'Race to Zero' Nick FitzGerald (Apr 29)
- Re: DefCon 'Race to Zero' der Mouse (Apr 28)