funsec mailing list archives
Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!]
From: Drsolly <drsollyp () drsolly com>
Date: Thu, 29 Dec 2005 15:55:02 +0000 (GMT)
On Wed, 28 Dec 2005, Blue Boar wrote:
Nick FitzGerald wrote:And that benefits who most?Anyone who doesn't want to be dependent on someone else for their AV needs. Look, I'll come out and say it. The AV companies have an ivory tower attitude; they think they can decide who deserves to know something and who doesn't. If I don't have a "legitimate" need, if I won't agree to keep secrets, then I'm not deserving.
No. Each individual has a responsibility to decide who they trust and who they don't trust. If someone decides that you're not trustworthy, then that's their decision. You have to make the same decisions.
Those of us who have grown up in a world of full disclosure when dealing with vulnerabilities and exploits are never going to buy into that. That attitude carries over into the malware world. Malware IS different, but it's close enough that we are going to see it the same as any other "dangeous information." I used to work at SecurityFocus, which was at best quasi-AV. We published analysis reports, IDS signatures, instructions for manual detection & removal, etc... I was one of the guys who did a lot of the malware analysis. They are Symantec now, but this was prior to that. I was provided samples by McAfee, Symantec, Kaspersky, Trend, and probably a few others I can't recall. I have also been provided samples since I left, and no longer had even that tenuous grasp on officialdom. These are more recent and more on the sly, so that I don't care to name names. That is based on (I assume) part my reputation, and part the fact that the AV guys aren't always as stringent as they claim to be, when dealing in private. In those cases, the usual restriction I'm given is to share as I please, but to not name sources.
What you're saying here, is that you were considered trustworthy, and you're still considered trustworthy. I'm not seeing the problem here. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!], (continued)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Nick FitzGerald (Dec 28)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Blue Boar (Dec 28)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Nick FitzGerald (Dec 29)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 29)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] James Kehl (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Nick FitzGerald (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 29)
- RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 28)
- RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Randy Abrams (Dec 28)
- ClamAV and open anti viruses [was: samples sharing blah] Gadi Evron (Dec 28)
- Re: ClamAV and open anti viruses [was: samples sharing blah] Drsolly (Dec 28)
- Re: ClamAV and open anti viruses [was: samples sharing blah] Gadi Evron (Dec 28)
- Re: ClamAV and open anti viruses [was: samples sharing blah] Drsolly (Dec 28)
- RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 28)
- RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 28)
- RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 28)
- RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 28)