funsec mailing list archives
Re: Re[2]: Get your computer viruses here!
From: val smith <mvalsmith () gmail com>
Date: Wed, 28 Dec 2005 13:48:21 -0700
The numbers of "I am", "I respect", "I cut off if", etc... arguments you are using tend to suggest at least a weak level of close mindedness/egomania. After all, we all do respect people we agree with anyway. Besides, playing God, or King Solomon (as in "I kick off abusers") is fun. That sounds "your" project/kingdom and no amount of arguing will move you away from it. Arguing about it will stir the pot and generate traffic.
All very interesting points. Egomania is not totally out of the question :) You are correct in that I most often respect people I agree with but briefly I will explain where my respect comes from. I respect people who do and publish scientific research such as Halvar and Pedram and HD Moore and others like them. In fact I'm not exactly sure of their position on the issue of publically available malware so its possible they disagree, but I respect their work none the less. I also respect people who have a diversity of opinion, such as you and Drsolly. I respect the fact that there is a disagreement and people are willing to speak they're perspective to me so that I don't get stuck in a world where there can be no other possibility than what I believe. That is a worthless place to live. I sure try to have an open mind. Its not true that no amount of arguing can change my mind, in fact I used to be of the opposite opinion regarding malware. This is why I encourage Drsolly and others of differning opinions to keep a dialogue open with me. If someone presents me with a logical, well defined argument (which is better than I am doing now probably) I will definitly consider it. A futrue posibility for my site that only has analysis and not samples is not totally out of the question. However so far I have not been convinced. Could this be do to egomania and close mindedness? Possibly but I will fight that. As far as playing God what I really meant was if I detected some abuse such as automated worms connecting to my site I would stop it to the best of my abilities which of course are limited because of the nature of what I am doing. You may have missed the subtle sarcasm / humor in my "majority" argument. That isnt so much "everyone else agrees with my, why dont you" argument as a "why am I not hearing from more people who disagree" question. I know those people exist and I want to hear their opinions. I am getting lots of traffic so statistically speaking those people should be there. Anyway, thanks for offerering your perspective, I look forward to hearing from you again. V. On 12/28/05, Pierre Vandevenne <pierre () datarescue com> wrote:
Good Day, vs> Ill say again, you might as well send google the same emails you are sending vs> me since Mr. McNasty (related to mcdonald maybe?) can do the same thing with vs> google. That's a complex argument to tackle. The same applies, in many ways, to the use of reverse engineering for lawful (and probably essential, such as malware analysis) purposes and the unlawful ones (such as obtaining a zero day exploit to f*** up your enemy's server). One can go up as far as one likes. The hex editor. The disassembler. The debugger. The compiler used to write a disassembler/debugger. The editor used in the process... I have spent a lot of time thinking about this, and don't have clear cut answers or nice certainties. When in doubt, I would advise prudence. vs> I'm actually getting lots of contributions and feedback from some of the vs> people I respect most in the security community. The numbers of "I am", "I respect", "I cut off if", etc... arguments you are using tend to suggest at least a weak level of close mindedness/egomania. After all, we all do respect people we agree with anyway. Besides, playing God, or King Solomon (as in "I kick off abusers") is fun. That sounds "your" project/kingdom and no amount of arguing will move you away from it. Arguing about it will stir the pot and generate traffic. vs> is growing in a positive way in spite of its evil possibilities. Ill be vs> honest I've gotten around 50 - 60 thousand hits, and tons of email and yours vs> has been the only negative one so far. Maybe the others who feel as you do vs> have given up already as well? That's the "majority" argument pushed to the extreme. The "majority" isn't always right. If it was, you'd fall off the end of the earth walking past the edge. vs> I guess what you haven't convinced me of yet is how "malware" is any vs> different from any other object in existance which can be used for both good vs> or evil. I could stand on the corner selling rocks which people could use to vs> study or to bash someone over the head with. How is that much different? Ah, that's an easy one. With a rock you, or I, can break one another's skull. Network aware algorithmic things can do incredible amounts of damage to untold numbers of people. With increased power comes increased accountability. Now, I have to agree that the infrastructure is too weak and that the main culprits are either the feature greedy users or the features happy sellers. However, we can't plead ignorance about the possible consequences of our actions. vs> Just to be clear, in no way am I trying to "flame" you. I really do want a vs> diversity of ideas and opinions but I like to keep a bit of humor in any vs> debate. So please keep the thoughts coming, I'm greatly enjoying the vs> discussion. When Dr Solly had a financial interest in this, I confess I believed he was mostly motivated by protecting his own turf. The fact that he is somewhat disconnected today gives, at least in my eyes, more weight to his opinions. As far as I am concerned, a world where everyone hacks and attacks everyone, and where the paranoid in us feels compelled to investigate everything down to the last bit would probably be directly profitable. However, and against my current direct financial interest, I favour a less turbulent cyberspace so that my children and less technically aware internet users can benefit, without risks, from the real IT/networks benefits. Now, I realize that by saying this I sound like a benevolent idiot. Feel free to shoot. -- Best regards, Pierre mailto:pierre () datarescue com
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- RE: Get your computer viruses here!, (continued)
- RE: Get your computer viruses here! Drsolly (Dec 28)
- Re: Get your computer viruses here! Drsolly (Dec 28)
- Re[2]: Get your computer viruses here! Pierre Vandevenne (Dec 28)
- Re: Get your computer viruses here! Nick FitzGerald (Dec 28)
- Re: Get your computer viruses here! Blue Boar (Dec 28)
- Re: Get your computer viruses here! Nick FitzGerald (Dec 29)
- Re: Get your computer viruses here! Drsolly (Dec 29)
- Re: Get your computer viruses here! Blue Boar (Dec 29)
- Re[2]: Get your computer viruses here! Pierre Vandevenne (Dec 28)
- Re[2]: Get your computer viruses here! Drsolly (Dec 28)
- Re: Re[2]: Get your computer viruses here! val smith (Dec 28)
- Re: Get your computer viruses here! Drsolly (Dec 28)
- Re: Get your computer viruses here! Nick FitzGerald (Dec 29)
- Format of embedded graphics Larry Seltzer (Dec 29)
- Re: Format of embedded graphics Gadi Evron (Dec 29)
- Re: Format of embedded graphics nodialtone (Dec 29)
- Re: Format of embedded graphics Gadi Evron (Dec 29)
- Re: Format of embedded graphics Barrie Dempster (Dec 29)
- Re: Format of embedded graphics David Lodge (Dec 29)
- Re: Format of embedded graphics Florian Weimer (Dec 29)
- RE: Format of embedded graphics Larry Seltzer (Dec 29)