funsec mailing list archives

Re: Get your computer viruses here!

From: Drsolly <drsollyp () drsolly com>
Date: Wed, 28 Dec 2005 18:16:01 +0000 (GMT)

I don't know if he has a legal obligation to try and determine how


Certainly in the UK, and I'd guess in the USA, the law has a concept with 
a name like "criminal negligence", which is applied to a situation where 
you could reasonably have known that your actions could lead to hazards 
for other people, but you didn't take any reasonable precautions.

Here's "aiding and abetting"

http://criminal.findlaw.com/crimes/a-z/aiding_abetting_accessory.html

And here's "criminal negligence"

http://en.wikipedia.org/wiki/Criminal_negligence

I don't know the exact form of words that would be used in the USA for 
this.

Any reasonable person could tell you that Blackhat McNasty will register 
for this site using a false name and throwaway email address, download 
some malware, and use that to damage other people's computers.

If the person running the web site has a legal opinion that he's in the
clear, I'd be interested to see a scan of that document. Could he, 
perhaps, post it on his web site so that everyone can see it?

his code is being used; the moral obligation is of course outside the  
realm of law and thus completely subjective, in the scheme of  
things.  The futility and the moral hazards of trying to suppress the  
dissemination of information are well-documented (remember the  
debates over the _Anarchist's Cookbook_ in print media, and similar  
brouhahas online?); the 'cure' is often worse than the 'disease'.


So, what is your objection (if you have one) to someone running a web site 
with a huge and diverse collection of malicious software, and in giving 
access to this site to anyone who want it?

On Dec 28, 2005, at 7:12 AM, Drsolly wrote:

On Tue, 27 Dec 2005, val smith wrote:

Hi there, thanks for the interest in my site.

(Drsolly I was sad to not recieve any more replies from you, I had  
hoped to
keep dialogue open:( )


You seemed to have already made up your mind, and I wasn't having any
effect by talking to you.

I pretty much agree with what Gadi stated and definitly the  
intention of the
site is white-hat. A simple google search will satisfy most peoples
blackhat/vx needs much better than my site ever could.

If you login and look around you will see a few things:

1.) It requires a login to access samples and the way its  
configured they
cant be downloaded automatically from worms, etc. (if someone  
finds a bug in
this let me know, ill fix it)


But Blackhat McNasty can create a login, and download everything he  
wants.

2.) Accesses are logged (limited usefulness) but its simple for me  
to turn
accounts / IP's off if I see a problem.


But Blackhat McNasty downloading a bunch of malware won't be seen  
by you
as a problem - why should it? You're under the impression that
distributing malware is equivalent to free speech.

3.) You'll see the focus is on analysis, identification and  
signatures
rather than simply a malware distribution site


Blackhat McNasty doesn't care what your focus is, all he wants it to
download the malware that you're kindly providing

4.) I think im providing some useful services out there. I submit  
copies of
my samples/analysis to the A/V companies and others like ISC


Blackhat McNasty doesn't care what other services you provide.

5.) I've begun converstations with other projects to see how we can
collaborate (mwcollect, nepenthes, etc.)


Blackhat McNasty doesn't care who you're getting samples from, but  
other
projects might be concerned about who you're distributing them to.  
I hope
you're telling them your policy on redistributing malware?

6.) I don't develop malware (unless you count exploits as malware  
but I dont
distribute these here)


Blackhat McNasty doesn't care whatty doesn't care who wrote them, he's
just happy that he can get them from you.

The big thing missing here is any attempt to determine whether  
Blackhat
McNasty is likely to use the malware that you provide him with, for
malicious purposes.

Thankfully the country I am in still allows free speech and this  
thing isn't
illegal according to my research and the opinion of lawyers I have  
spoken
with.


Speech is free here too, but that doesn't entitle me to whack  
someone over
the head and call it "speech". Nor does it entitle you to provide a
malicious person with the weapons to cause destruction on other  
people's
computers, unless you live in a country which doesn't have computer  
misuse
laws. You don't mention what country you're in, so I can't say. You  
have a
moral and legal obligation to determine whether Blackhat McNasty is  
likely
to act maliciously with the malware you provide him with. You're not
meeting that obligation.

Gadi its true we dont know each other, however I think we have  
some friends
in common. I'd look forward to buying you a beer in Vegas this  
summer :)

Anyway I look forward to hearing more opinions, input and  
suggestions.
(contributions hopefully?)


I'd be really quite surprised, given your intention to run a malware
exchange open to anyone who wants to use it, if you'll get much in  
the way
of contributions.


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.


----------------------------------------------------------------------
Roland Dobbins <rdobbins () cisco com> // 408.527.6376 voice

      Everything has been said.  But nobody listens.

                    -- Roger Shattuck

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!], (continued)
- - - Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 30)
    - Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] val smith (Dec 30)
    - Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 30)
    - Re: Re: Malware sharing? People are full of shit [was: Get your computer viruses here!] Nick FitzGerald (Dec 28)
    - Re: Re: Malware sharing? People are full of shit [was: Get your computer viruses here!] Gadi Evron (Dec 30)
    - Re: Get your computer viruses here! Drsolly (Dec 27)
  - RE: Get your computer viruses here! Richard M. Smith (Dec 27)
- Get your computer viruses here! val smith (Dec 27)
  - Re: Get your computer viruses here! Drsolly (Dec 28)
    - Re: Get your computer viruses here! Roland Dobbins (Dec 28)
    - Re: Get your computer viruses here! Drsolly (Dec 28)
    - Re: Get your computer viruses here! Roland Dobbins (Dec 28)
    - Re: Get your computer viruses here! val smith (Dec 28)
    - Re: Get your computer viruses here! Blue Boar (Dec 28)
    - Re: Get your computer viruses here! val smith (Dec 28)
    - RE: Get your computer viruses here! Randy Abrams (Dec 28)
    - RE: Get your computer viruses here! Drsolly (Dec 28)
    - Re: Get your computer viruses here! Drsolly (Dec 28)
    - Re[2]: Get your computer viruses here! Pierre Vandevenne (Dec 28)
    - Re: Get your computer viruses here! Nick FitzGerald (Dec 28)
    - Re: Get your computer viruses here! Blue Boar (Dec 28)

(Thread continues...)