funsec mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!]

From: "Randy Abrams" <abrams () eset com>
Date: Wed, 28 Dec 2005 14:18:55 -0800
 


-----Original Message-----
From: funsec-bounces () linuxbox org 
[mailto:funsec-bounces () linuxbox org] On Behalf Of Gadi Evron
Sent: Wednesday, December 28, 2005 1:24 PM
To: Blue Boar
Cc: funsec () linuxbox org
Subject: Re: [funsec] Re: Malware sharing? People are full of 
shit [was: Getyour computer viruses here!]


In short, I think Val should continue, and we all see what happens.


In other words, he will do it anyway and he may succeed or 
fail miserably. I rather all th epeople who critisize him, 
help him instead to reach a secure enough manner of doing this.


That's exactly the point of recommending vetting. When John Aycock of the
University of Calgary announced his ignorant plan to include virus writing
in his course, we all tried to talk him out of it. The best argument that he
could come up with was something about Mao killing teachers (revolutionary),
but when it was evident that Aycock was not going to listen to reason that's
when I suggested security measures that he did implement. Vetting is a
reasonable security measure here.



Whatever reasons are set against it, it is plain enough that 
there is source code by gigabytes online with some Googling 
or a bit of collecting.


There are lots of people doing irresponsible things, but that is hardly a
reason to join them.


IRC channels of not hard core VX-ers but kiddies who would 
share any sample with you, and even SUPPORT forums online for 
malwre writing.

Security researchers however, often have to beg.

Right or wrong, it's forced on us.


I never feel like asking a security professional for a sample is begging.



I'd rather look at this situation as there being anthrx 
everywhere, and yet a select few universities and research 
institutions refuse to share with researchers outside their box.


I think your lists are a great example of how people who are not necessarily
on the inside can cooperate in a vetted environment.


First let's face the music, save the net, and move back to 
old traditions we all love.


Good idea. We can make a point of not placing malware out where children can
hurt themselves and others with it, even if others do!

Cheers,

Randy

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: