Re: Re: Malware sharing? People are full of shit [was: Get your computer viruses here!]

[Aviram Jenik <aviram () beyondsecurity com>]

On Thursday, 29 December 2005 00:06, Drsolly wrote:
> This is the "information should be free argument". The reply to that is
> "If you believe that, then please post your credit card and identity
> information on a public site"

I think this is a completely flawed argument.

First, "information wants to be free" doesn't imply FORCING people to share 
information - just ALLOWING them to do so. I don't think Val talked about 
forcing you to share your malware - he just wants to share his.

Second, there's a difference between "information" and "personal information". 
Yes, if you obtained someone's credit card information you should not place 
it online. That has nothing to do with "information" it has to do with the 
right for privacy.

So the question becomes is it "right" or "wrong" to share a certain type of 
information (location of nuclear base plants, the government spending on 
rebuilding Iraq, exploit code that demonstrate a PoC of a vulnerability, 
malware that is found in limited circulation). Most of these cases are not 
'clear cut' and should not be presented that way ("ethically crippled"? 
Common, Nick).

- Aviram
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.