Re: Setting the record straight on "The Return ofKoobface"

[J Roger <securityhocus () gmail com>]

You make valid points. Perhaps n3td3v was actually on to something for once
when he suggested embracing Twitter as a medium for consolidating and
distributing security related news. Not for long term storage etc. but
simple short FYI type messages. Feeds like the Infosec News mailing list
don't work since they only ever publish the big boys like Danchev. FD has
too much SNR issues. etc.

A twitter group with no personal comments, "Hey it was great seeing you @
the con!". Just pure, "Koobface is exploding right now. Is anyone else
paying attention to this? More information @ http://www...";


On Sat, Mar 20, 2010 at 1:14 PM, Mr. Hinky Dink <dink () mrhinkydink com>wrote:

> Absolutely you are correct, but if you check the blog there are further
> references up to last Friday.  It was a tremendous, jaw-dropping flood of
> Kooberz proxies the last two weeks.  And it's still coming.
>
> The point is us Little Guys are paying attention, too.  And sometimes we
> catch this shit before the Big Boys like Dancho and Kaspersky wake up and
> smell the coffee.  Since February I've been wondering Why The Hell I hadn't
> heard anything in the ITsec press on this new resurgence.  Did they hold
> back so Dancho could publish his "Ten Things You Didn't Know About The
> Koobface Gang" article?  Or so Microsoft could gloat over "taking down" the
> Wimpy Waledac botnet?  Is the Good News always published before the Bad
> News
> in the security industry press release cycle?
>
> The fact remains, Koobface marches on and the security industry can't stop
> it.  Period.  I will be among the first to jump up and down and yell "RA!"
> when someone takes it down, but it ain't going to happen soon.  All I can
> do
> is sit back and watch while the Big Boys get their headlines.
>
> BTW, I don't consider myself "bitter".  I'm what you might call "tangy".
>
> Thanks for your support,
>
> Hinky
>
> ----- Original Message -----
> From: J Roger
> To: full-disclosure () lists grok org uk
> Sent: Saturday, March 20, 2010 3:28 PM
> Subject: Re: [Full-disclosure] Setting the record straight on "The Return
> ofKoobface"
>
>
> This reads as "waaa i noticed this first and didn't think much of it but
> now
> that someone else is making a big deal, i want my credit". Maybe you
> reported on it first on your blog, with a single sentence that wasn't even
> the primary focus of the post. Regardless if an up rise in koobface is
> significantly news worthy or not, you apparently failed to draw enough
> attention (or the right attention) to it at the time.
>
> In other words, maybe you did it first, but someone else did it better.
>
> What's more valuable to an enterprise, someone that quickly writes a risk
> assessment that's so sloppy the management with authority to act on the
> findings don't even bother to read it, or someone that takes the time to
> write a report on the same findings that actually speaks to the business
> and
> be able to make positive changes happen.
>
> You talk about being bitter towards the security industry (which IS
> understandable) but maybe it's time to reflect back a little on yourself.
> Maybe it's not ALL the industries fault. Maybe the sources of your
> bitterness have a little something to do with your inability to make enough
> of the right things happen. Sure you're a "Big Time Security Professional",
> but maybe your blog wasn't enough to get the word out. Maybe you felt it
> wasn't even worth getting the word out or sounding any alarms. If that's
> the
> case though, don't go back now and try to take credit.
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/