funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!]

From: Blue Boar <BlueBoar () thievco com>
Date: Wed, 28 Dec 2005 14:32:29 -0800
Randy Abrams wrote:

Success or failure needs to be compared against the alternative. I haven't
seen the argument that these files can't be shared in a more secure manner
with a 99.9% success rate. If you trade 99.9 for 99 with no good reason,
then it is a failure to realize a better result. Complete failure? No.
I thought the implied benefit was pretty self evident; More people with access means better, quicker, more complete analysis. You don't have to trust the AV companies, wait for them, etc... You don't have to agree that that will happen, but I see that as the motivation.
I've been in the "vetted" category before. And still, I would have to wait for responses, be at a competitive disadvantage (I was asking competitors for samples), have to agree to or negotiate a bunch of sharing rules, couldn't re-publish some of my work, couldn't get a lot of critique of my disassembly, and so on...
One might argue that Val's site is of greater benefit to the non-AV people, and I suspect that is part of the motivation. 

                                                BB
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: