funsec mailing list archives
Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!]
From: Gadi Evron <ge () linuxbox org>
Date: Sat, 31 Dec 2005 04:06:26 +0200
Nick FitzGerald wrote:
Gadi Evron to Dr Solly:Because the Bad Guy who didn't get it anyway, now can get it.Assume for a minute what I know to be true.. the Bad Guy HAS IT period. How would that change your view?The strongest objections to what Val is proposing are _NOT_ sample accessability but open accessability to competent, detailed analysis of advanced (by the "lesser" malware authors' standards) techniques.As I wrote somewhere else in this thread earlier today, _technically_ sample accessibility is probably not really a "problem' at all because it already happens a great deal and trivial "hexeditor hacks" are dealt with pretty well by modern scanners. (In the big picture I'm still not comfortable ignoring the ethical issues there, but purely from the "how would our current processes handle this specific aspect of such a service?" perspective, the answer is "they'd probably not notice".)Anyway, even if you're right (which I seriously doubt), you are simply removing one of the weaker objections and making no impact at all on the stronger objections.
I spoke of _sample_ sharing, not analysis sharing. That's for another time. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!], (continued)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 29)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 29)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Drsolly (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Paul Schmehl (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Nick FitzGerald (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 30)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Nick FitzGerald (Dec 31)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Gadi Evron (Dec 31)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Nick FitzGerald (Dec 31)
- Re: Re: Malware sharing? People are full of shit [was: Getyour computer viruses here!] Nick FitzGerald (Dec 30)
- summary of the "sharing samples" thread from my view-point Gadi Evron (Dec 30)
- Re: summary of the "sharing samples" thread from my view-point Nick FitzGerald (Dec 31)
- Re: Re: summary of the "sharing samples" thread from my view-point Drsolly (Dec 31)
- Re: Re: summary of the "sharing samples" thread from my view-point dudevanwinkle () gmail com (Dec 31)
- Re: Re: summary of the "sharing samples" thread from my view-point Drsolly (Dec 31)
- Re: Re: summary of the "sharing samples" thread from my view-point Gadi Evron (Dec 31)