where are all the researchers here? speak up! [WAS: Malware sharing? People are full of shit]

[Gadi Evron <ge () linuxbox org>]

Randy Abrams wrote:
> > Because researchers today find it HARD to get samples, while 
> > bad guys find it easy as pie, and easier every eyar.
> >
> > That is a problem that needs solving. Let;s discuss other 
> > solutions than?
> > :)
>
> I find email, open UNC's, and unfirewalled machines quite effective. It's
> like high speed fishing for steel pellets with a magnet. You sit back, drink
> your beer, and they just come to you :)
>
> I think your lists are a great start on a solution. Just because it doesn't
> move as fast as you would like is not a good reason to give up on it and
> throw caution to the wind. You added a bunch of people in the past couple of
> days, all recommended by others who have met the trust criteria required.
> I'd recommend building upon a pretty good system that you have started.
> Yeah, no doubt that at some point there will be someone who shouldn't have
> been trusted, but your system does due diligence and does not throw samples
> out to the script kiddies.

Point is this is not about my lists, and we really share any samples.

Point is everyone else.

At this point it should be noted that I am indeed in the belief that 
researchers should get this information, and that a public environment 
is needed, but I am now past that and playing devil's advocate as no one 
here would stand up and support this point of view.

        Gadi.

        Gadi.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.