funsec mailing list archives
Re: Re: Malware sharing? People are full of shit [was: Get your computer viruses here!]
From: Gadi Evron <ge () linuxbox org>
Date: Wed, 28 Dec 2005 14:48:41 -0600 (CST)
On Wed, 28 Dec 2005, Drsolly wrote:
Here is how I changed my mind 180 degrees. Sharing samples is a very problematic issue. It should be done with care. Also, it should be done by the rules of the one sharing. Period. Further, it should be done in a white-hat baby-ass clean manner.Yes. But, as far as I can tell, the way this web site works, is anyone can upload stuff and anyone can download stuff.
Let us first agree that a resource for security researchers to grab malware samples is necessary? Then let us agree most Bad Guys won't bother with it as they have better surces?
Is that "done with care"? Is that a "white-hat baby-ass clean manner"?Still.. I don't know this guy and there are WAYS of doing it and ways of being a blackhat. He has a head-start as for most AV-ers he already is a blackhat.Why is that?
Because.
Drsolly - you know what's out there, there are no longer practical reasons to keep MOST samples hidden. The moral grounds collapsed 2 years ago or so and traditions and marketing/status-fear keep it from changing. If you re-examine this issue as not black and white and accept it is an issue not to be addressed in ABSOLUTE MORALITY such as nuclear weapons, I believe you will see it my way, or close.As you know, I don't have any commercial interest in this field, and as a linux user, I don't really have much of a victim-interest either. But it still seems wrong to me (and probably illegal in some jurisdictions) to set up an anyone-uploads, anyone-downloads web site. I know it's illegal in the UK, for example.
It seems wrong because it hass been for over 20 years. There are many
places where it is illegal. Many others whereit isn't.
It used to be illegal to do a lot of things. Old and irrelevant laws by
force of history keep showing up for as long as time keeps moving forward.
Gadi.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Current thread:
- Get your computer viruses here! Richard M. Smith (Dec 27)
- Re: Get your computer viruses here! Drsolly (Dec 27)
- Re: Get your computer viruses here! Blue Boar (Dec 27)
- Malware sharing? People are full of shit [was: Get your computer viruses here!] Gadi Evron (Dec 27)
- Re: Malware sharing? People are full of shit [was: Get your computer viruses here!] Drsolly (Dec 27)
- Re: Re: Malware sharing? People are full of shit [was: Get your computer viruses here!] Gadi Evron (Dec 28)
- Re: Re: Malware sharing? People are full of shit [was: Get your computer viruses here!] Drsolly (Dec 28)
- Re: Re: Malware sharing? People are full of shit [was: Get your computer viruses here!] val smith (Dec 28)
- Re: Re: Malware sharing? People are full of shit [was: Get your computer viruses here!] Drsolly (Dec 28)
- Re: Re: Malware sharing? People are full of shit [was: Get your computer viruses here!] Joe Jaroch (Tera Innovations, Inc.) (Dec 28)
- Re: Re: Malware sharing? People are full of shit [was: Get your computer viruses here!] Nick FitzGerald (Dec 28)
- Re: Re: Malware sharing? People are full of shit [was: Get your computer viruses here!] val smith (Dec 28)
- Re: Get your computer viruses here! Blue Boar (Dec 27)
- Re: Re: Malware sharing? People are full of shit [was: Get your computer viruses here!] Blue Boar (Dec 28)
- RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Randy Abrams (Dec 28)
- Re: Re: Malware sharing? People are full of shit [was: Get your computer viruses here!] Nick FitzGerald (Dec 29)
- Re: Re: Malware sharing? People are full of shit [was: Get your computer viruses here!] Dude VanWinkle (Dec 29)
- Re: Get your computer viruses here! Drsolly (Dec 27)