funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Malware sharing? People are full of shit [was: Get your computer viruses here!]

From: val smith <mvalsmith () gmail com>
Date: Wed, 28 Dec 2005 14:19:46 -0700
The sources are the same as how I get samples.

nepethens, mwcollect, honeypots, google, attaching an unpatched windows
computer directly to the internet, asking around on IRC channels and
probably other methods.

Several of those methods don't even require a login or log IP addreses and
can be automated easilly.

Also RE the legality thing, I don't have any document. I actually spoke in
person with several people. If I felt I needed something in writing I would
get it and post it to the site, however so far this hasn't been necessary.

V.

On 12/28/05, Drsolly <drsollyp () drsolly com> wrote:


On Wed, 28 Dec 2005, Gadi Evron wrote:


On Wed, 28 Dec 2005, Drsolly wrote:

Here is how I changed my mind 180 degrees.

Sharing samples is a very problematic issue. It should be done with
care. Also, it should be done by the rules of the one sharing.

Period.


Further, it should be done in a white-hat baby-ass clean manner.


Yes. But, as far as I can tell, the way this web site works, is anyone

can

upload stuff and anyone can download stuff.



Let us first agree that a resource for security researchers to grab
malware samples is necessary?


Yes. But that isn't what he's setting up.


Then let us agree most Bad Guys won't bother with it as they have better
surces?


I don't agree. What are these sources?


It seems wrong because it hass been for over 20 years. There are many
places where it is illegal. Many others whereit isn't.

It used to be illegal to do a lot of things. Old and irrelevant laws by
force of history keep showing up for as long as time keeps moving

forward.

But there are also laws that were put in place for a good reason, and are
still relevant. Such as, the Computer Misuse Act, 1991, and the
equivalents in various other countries.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: