funsec mailing list archives

Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!]

From: Drsolly <drsollyp () drsolly com>
Date: Thu, 29 Dec 2005 16:26:33 +0000 (GMT)

Dude -- don't confuse who someone works for with who someone is.  If 
you think AV _companies_ control sample sharing in the AV industry you 
have very little grasp on how things really work.  That's not to say 
that the occasional company does not have very strict policies about 
who gets to decide what is shared with whom, even within the industry, 
but in general the relationships are person to person, for the simple 
reason that people can trust other people (or not) but a person cannot 
trust a "company" and a company, being inanimate, has no such thing as 
a sense of trust.


Absolutely right.

For sure, and I agree that the difference is essentially doctrinal, but 
when it comes to self-replicating malware there is a significant hard-
core in the AV domain that will not budge and that may raise a huge 
problem (in terms of continuing relationships with those in AV) for 
those outside AV that find simplistic schemes such as Val's acceptable.


Again, that's right. Val's "let everyone have everything they want" site
is no different from the VX bulletin board set up in 1989 in Bulgaria, and
will be perceived by many people as placing Val in the list of people who
shouldn't be trusted.

That's OK, no names needed.  Those folk presumably have some degree of 
trust _in you_, at least sufficient to entrust samples of whatever 
based on their evaluation of the risk presented.  If I knew you 
professionally I may well do the same thing too, and if a few of the 
folk I already really trust in such matters said "he's a good guy" I 
would extend my trust in their judgement.


But would you entrust someone with samples, knowing that these will wind 
up on a VX web site? I know a *lot* of people who would not.
 

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!], (continued)
- - - RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Randy Abrams (Dec 28)
    - Re: Re: Malware sharing? People are full of shit [was: Get your computer viruses here!] Aviram Jenik (Dec 29)
    - Re: Re: Malware sharing? People are full of shit [was: Get your computer viruses here!] Drsolly (Dec 29)
    - RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Randy Abrams (Dec 28)
    - RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Randy Abrams (Dec 28)
    - Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Blue Boar (Dec 28)
    - Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 28)
    - Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Nick FitzGerald (Dec 28)
    - Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Blue Boar (Dec 28)
    - Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Nick FitzGerald (Dec 29)
    - Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 29)
    - Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 30)
    - Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] James Kehl (Dec 30)
    - Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 30)
    - Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Nick FitzGerald (Dec 30)
    - Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 30)
    - Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 30)
    - Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 29)
    - RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 28)
    - RE: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Randy Abrams (Dec 28)
    - ClamAV and open anti viruses [was: samples sharing blah] Gadi Evron (Dec 28)

(Thread continues...)