funsec mailing list archives
Re: McAfee really DOES write new Malware! Wholey Moley!
From: chris () blask org
Date: Tue, 29 Sep 2009 19:16:00 -0700 (PDT)
--- On Tue, 9/29/09, Rich Kulawiec <rsk () gsp org> wrote:
To confront the enemy, it's necessary to know the enemy -- and the enemy's strategies and tactics. Refusing to learn these guarantees defeat.
I'm with Rich (yes, and very few others) on this one. This is imho an issue best addressed with a balance of openness and paranoia - as Dave suggests in his response, classes should be held in clean labs (no connectivity/removable media) - but we lose more than we gain by not expanding understanding of the mechanics involved with malware. The risk in following this path is directly related to the statistical badness of the people who are exposed to the curriculum. If you believe that a notable percentage of folks would be likely to take the lessons and go write new malware then the risk would be high, if you believe the opposite then the risk would be low. I think those who are seeking this information are finding it already, and those who are not would not misuse it (much like the drug abuse issue). It is also quite possible that a very good argument could be made that teaching programmers how to write malware could be the #1 way to get them to write secure applications. -chris _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- No AV? Shock, horror! Rob, grandpa of Ryan, Trevor, Devon & Hannah (Sep 25)
- Re: No AV? Shock, horror! Valdis . Kletnieks (Sep 25)
- Re: No AV? Shock, horror! Drsolly (Sep 25)
- Re: No AV? Shock, horror! Blanchard_Michael (Sep 28)
- Re: No AV? Shock, horror! Dan Kaminsky (Sep 28)
- Re: No AV? Shock, horror! Blanchard_Michael (Sep 28)
- Re: No AV? Shock, horror! Nick FitzGerald (Sep 28)
- Re: No AV? Shock, horror! Michael Collins (Sep 29)
- McAfee really DOES write new Malware! Wholey Moley! Blanchard_Michael (Sep 29)
- Re: McAfee really DOES write new Malware! Wholey Moley! Rich Kulawiec (Sep 29)
- Re: McAfee really DOES write new Malware! Wholey Moley! chris (Sep 29)
- Re: McAfee really DOES write new Malware! Wholey Moley! Blanchard_Michael (Sep 30)
- Re: McAfee really DOES write new Malware! Wholey Moley! Rich Kulawiec (Sep 30)
- Re: No AV? Shock, horror! Blanchard_Michael (Sep 28)
- Re: No AV? Shock, horror! Dan Kaminsky (Sep 29)
- Re: No AV? Shock, horror! Blanchard_Michael (Sep 29)
- Re: No AV? Shock, horror! Kenneth L. Bechtel, II (Sep 29)
- Re: No AV? Shock, horror! Blanchard_Michael (Sep 29)
- Re: No AV? Shock, horror! Michael Collins (Sep 29)
- Re: No AV? Shock, horror! Dan Kaminsky (Sep 29)
- Re: No AV? Shock, horror! Rich Kulawiec (Sep 30)
- Re: No AV? Shock, horror! Michael Collins (Sep 29)