funsec mailing list archives

Re: Get your computer viruses here!

From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Fri, 30 Dec 2005 00:17:31 +1300

Blue Boar to me:

Historically 
the AV industry (and others) has continually faced the utter BS 
suggestion that it is responsible for, if not writing, at least 
releasing and distributung, viruses to "drum up business", etc.  This 
has made responsible members of the AV industry _especially_ sensitive 
to any sample sharing that does not have proper safeguards ensuring to 
a very high degree of responsibility that shared samples will not get 
into the hands of those imadequately prepared to handle them equally 
conscientiously.


Indeed.  So... and I ask this in all sincerity and without sarcasm, 
honestly... why should those of us not working for AV companies care 
about that at all?  ("that" being the reputations of the AV companies.)


Ever heard the expression "tarred with the same brush"?

I mean, I understand why that might limit an AV company from giving me a 
sample.  But if I have my own unfettered sample, AV company reputation 
just doesn't enter into it, does it?


We (remember, I'm being presumptuous enough to speak as if for the 
whole AV industry) are part of the security industry.  You, Val, some 
of the wannabes hanging off this site, and _very many_ past and 
existing malware writers, all also claim to be part of the security 
industry (or at least "doing computer security research").  It gets 
further complicated as some AV companies buy other (i.e. non-AV) 
security companies or form various strategic alliances with them, etc, 
etc, and the first "we couldn't care less" security company to buy an 
AV company is in for a rude surprise...

It's not "them and us".  Whether you (or Val or whoever) likes it or 
not, we're all more or less in the same boat here and your actions 
reflect on "us" as ours reflect on you.  "We" would like the cowboy 
part of "your" side of the equation to clean up its act.


Regards,

Nick FitzGerald

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Re: Get your computer viruses here!, (continued)
- - - Re: Get your computer viruses here! Roland Dobbins (Dec 28)
    - Re: Get your computer viruses here! val smith (Dec 28)
    - Re: Get your computer viruses here! Blue Boar (Dec 28)
    - Re: Get your computer viruses here! val smith (Dec 28)
    - RE: Get your computer viruses here! Randy Abrams (Dec 28)
    - RE: Get your computer viruses here! Drsolly (Dec 28)
    - Re: Get your computer viruses here! Drsolly (Dec 28)
    - Re[2]: Get your computer viruses here! Pierre Vandevenne (Dec 28)
    - Re: Get your computer viruses here! Nick FitzGerald (Dec 28)
    - Re: Get your computer viruses here! Blue Boar (Dec 28)
    - Re: Get your computer viruses here! Nick FitzGerald (Dec 29)
    - Re: Get your computer viruses here! Drsolly (Dec 29)
    - Re: Get your computer viruses here! Blue Boar (Dec 29)
    - Re[2]: Get your computer viruses here! Pierre Vandevenne (Dec 28)
    - Re[2]: Get your computer viruses here! Drsolly (Dec 28)
    - Re: Re[2]: Get your computer viruses here! val smith (Dec 28)
    - Re: Get your computer viruses here! Drsolly (Dec 28)
    - Re: Get your computer viruses here! Nick FitzGerald (Dec 29)
    - Format of embedded graphics Larry Seltzer (Dec 29)
    - Re: Format of embedded graphics Gadi Evron (Dec 29)
    - Re: Format of embedded graphics nodialtone (Dec 29)

(Thread continues...)