RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!]

[Gadi Evron <ge () linuxbox org>]

> I'm just not seeing where people intelligent enough to research these things
> are not able to find resources and build a trust relationship.


Randy, that's actually an amazingky good argument.

I still believe that in the world we live in now, nuclear weapons are bad
even if everybody has them. One less is one bit more secure.
However, in the world we live in, everyone knows "drugs are bad". Does
that mean that good uses for "evil drugs" should not be stested.

I can further give a metaphore that will say researchers anthrax is bad,
for if there is no anthrax, having it is a risk b itself

contradiciting analogies can be given for days, and we all pick our
favorite. Fact is it is not very easy for researchers to get data, and
fact is that branding of people outside the inner circle as blackhats if
they don't conform to what suits the inner circle best is wrong.

Further, even if I do agree sharing of samples should be done securely and
in a vetted enviroment, today it is as ridiculous as telling people not to
watch porn.

So, being a moral example is great, but does it do any of us any good
where it is proven things get on when you keep that stand while if yo
changed it, maybe you could influence those you now call blackhats, and
see they may even be... wow, good guys?

Ramblings aside, keep the strong opinion against writing and releasing
malware. Bot freely sharing it *under your own restrictions for your own
convinience) withj whoever needs it for research is absurd. Yes, they can
get them by themselves, but this all "highr echelon" of society pisses me
off.

I am part of as well as run some such echelons and they are sometimes
necessary. When they are there for status and money, they are nothing but
a crime.

Finally, this guy believes in it. He is going to do it. Help him or name
him a blackhat, but helping him might get things "safe" while not killing
his ideas all together.

As an example, if some people in the AV industry HELPED the good people at
ClamAV who had o learn all by themselves without years of traditions,
ideas and knowledge, instead of just critisizing, Clam would have gottemn
where it is today a lot sooner, and even far further than that.

My suggestion to this guy is do his thing, follow his conscience, and let
history prove him right or wrong.

Now he has to prove whether he can pull it off or not.

And Randy, let's see if thousandsof security guys from around the world
can form relationships with "us" and how much time, effort and money it
would take to vet them. Completely useless in oday's envirment.

It is harmful not to share openly. It is harmful not to keep high moral
standards, but in this case, where did they come from?

Why was it initially BAD to share samples? Do these reasons still stand
oday?

        Gadi.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.