funsec mailing list archives
RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!]
From: Drsolly <drsollyp () drsolly com>
Date: Wed, 28 Dec 2005 23:18:29 +0000 (GMT)
I can further give a metaphore that will say researchers anthrax is bad, for if there is no anthrax, having it is a risk b itself
How about someone sets up a web site for people interested in anthrax, so that people can upload and download samples?
contradiciting analogies can be given for days, and we all pick our favorite. Fact is it is not very easy for researchers to get data, and fact is that branding of people outside the inner circle as blackhats if they don't conform to what suits the inner circle best is wrong. Further, even if I do agree sharing of samples should be done securely and in a vetted enviroment, today it is as ridiculous as telling people not to watch porn.
No, it's as ridiculous as telling people not to rob banks. Sure, some banks will still get robbed, but that doesn't make it right.
So, being a moral example is great, but does it do any of us any good where it is proven things get on when you keep that stand while if yo changed it, maybe you could influence those you now call blackhats, and see they may even be... wow, good guys?
With this web site, I don't see any attempt to determine who is blackhat and who isn't, let alone any attempt to influence the blackhats.
Finally, this guy believes in it. He is going to do it. Help him or name him a blackhat, but helping him might get things "safe" while not killing his ideas all together.
I am helping him. I'm explaining why it's ethically wrong to run an unvetted VX, and about the legal hot water he could find himself in.
As an example, if some people in the AV industry HELPED the good people at ClamAV who had o learn all by themselves without years of traditions, ideas and knowledge, instead of just critisizing, Clam would have gottemn where it is today a lot sooner, and even far further than that.
I don't know about the ClamAV issue. What did they need to learn that they needed help for?
My suggestion to this guy is do his thing, follow his conscience, and let history prove him right or wrong.
You can't just say "let history prove". Because we'll never know how many blackhats got malware from his Virus Exchange and spread it around.
It is harmful not to share openly. It is harmful not to keep high moral standards, but in this case, where did they come from?
The moral standards in this case come from where they always come from - they come from your own understanding of right and wrong.
Why was it initially BAD to share samples? Do these reasons still stand oday?
It was intially bad for a number of reasons. 1) The easiest way to make a "new" virus, is to make a small modification to an old one such that current detectors no longer recognise it. 2) A lot of people, at the time (and maybe even now) were suggesting that the AV people were encouraging the spread of viruses (and maybe even writing new ones). A VX certainly does encourage the spread of viruses. 3) There are computer crime laws that make it illegal to distribute malicious software without the victim's consent. And there's "criminal negligence" laws that make it illegal to distribute something that you *know* can be used to cause harm, without any vetting of the recipient. It is, for example, illegal to sell knives, alcohol or tobacco to children - the vetting in that case is age-based. I don't think that any of those three reasons have changed. So, here's a question for anyone who is involved in maintaining an ftp (or other distribution method) of malware. Would you be willing to publish the access details and allow anyone at all to download from it? If not, why not? _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!], (continued)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Nick FitzGerald (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 29)
- RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 28)
- RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Randy Abrams (Dec 28)
- ClamAV and open anti viruses [was: samples sharing blah] Gadi Evron (Dec 28)
- Re: ClamAV and open anti viruses [was: samples sharing blah] Drsolly (Dec 28)
- Re: ClamAV and open anti viruses [was: samples sharing blah] Gadi Evron (Dec 28)
- Re: ClamAV and open anti viruses [was: samples sharing blah] Drsolly (Dec 28)
- RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 28)
- RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 28)
- RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 28)
- RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 28)
- RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 28)
- RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 28)
- RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 28)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 29)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 29)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 30)