RE: Get your computer viruses here!

["Randy Abrams" <abrams () eset com>]

> -----Original Message-----
> From: funsec-bounces () linuxbox org 
> [mailto:funsec-bounces () linuxbox org] On Behalf Of val smith
> Sent: Wednesday, December 28, 2005 1:04 PM
> To: Jason Geffner
> Cc: funsec () linuxbox org
> Subject: Re: [funsec] Get your computer viruses here!
>
> That could be. 
>
> Maybe nothing good has ever come out of malware except for 
> some good researchers / analysts. Definitly requires more  
> research on my part. 

Hmmm, might be a good thing to research first, rather than after the fact.
Kind of like testing the ice before you skate on it...

> The idea of software protections came of of copyright needs 
> sure, however one could argue that advances in that field do 
> sometimes come from malcode authors.

Go for it. What advances are we talking about? Then, are the advances worth
it? Does the alleged good that came out of it justify the creation of the
malware? 

> I guess I'm not sure of the intentions of the authors of such things as
morphine, 
> burneye, etc. 
>
> And to Randy re biological viruses, no I was making the 
> argument that sometimes good things can come out of something 
> considered to ONLY be bad.

But to carry the argument that sometimes good things can come out of things
only considered bad to the point of justifying dangerous, irresponsible
actions is ridiculous. The argument is not relevant unless you are arguing
that we do bad things to enable the good to come from them... are you? Well,
maybe... This project appears to embody at least a little bit of that
argument to some degree. 

> Also you'll noticed i put "new" in 
> quotes. I know its not really a new idea although maybe 
> someone could enlighten me as to a previous project that 
> tried to profice a shared analsys experience that wasn't 
> limited to "vetted" researchers.

What does the intent matter here? There have been dozens and dozens of
boards with open access to malware. A few high profile events have decreased
the number of easy to find collections on the web, but they are still there.
A misinformed person who made a profoundly flawed presentation at the VB 05
conference in Dublin printed a link to a site with samples. None of those
sites were limited to vetted researchers. The "idea" of expecting that only
good guys will use an open exchange if that is the intent may be "new", but
profoundly naïve. If anyone actually believed that would work it would have
been done a very long time ago. That's why there is vetting.

> I guess I don't feel like I 
> can make the decision as to who is vetted and who isnt. If I 
> did then perhaps I would be "playing God" in my kingdom as a 
> previous poster suggested.

I guess that all depends upon intent. Is the intent to wield power or to
make a reasonable attempt at ensuring benign use of resources. Contrary to
your statement above, yes you can attempt responsibility. You might not
always make the right decision about a person, but you can try to limit
negative consequences, even if that means twisting Pierre's "god" statement
for a silly excuse not to. 

Cheers,

Randy


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.