funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: McAfee really DOES write new Malware! Wholey Moley!

From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Wed, 30 Sep 2009 10:26:27 +1300
Craig Schmugar on behalf of Dave Marcus:


Mike,

Let me address your concerns. We are NOT creating new malware nor
are we showing others how to create malware. We are allowing our
customers to get firsthand experience with existing malware and
malware tools to educate them on what it is that is out in the wild
hunting them and their users. This will be done in a secure
environment with no connectivity. No one will be allowed removable
media or storage devices. All malware and associated toolkits that
we are using are currently detected and protected against. 

Again, we are not teaching coding or teaching people how to write
malware nor would we ever. We are allowing them to interact and
experience malware in a controlled environment to get a better
understanding of what we are protecting them and their users from. 


As I expected (well, at least as I _hoped_).


Please feel free to contact me should you have any other questions
or concerns. 


Well, he did, indirectly, through this list.

But there's a problem.  Above you told us what _you_ think this 
upcoming workshop will be about, what will be done, and how.  The 
_problem_ is that your comments do not address the actual text that 
gave rise to the question/commentary in the first place.  Specifically:

   Join experts from McAfee Avert Labs and have a chance to create a
   Trojan horse, commandeer a botnet, install a rootkit and experience
   first hand how easy it is to modify websites to serve up malware. 

_That_ is not at all much like what you say, above, that this workshop 
will be about, so who is right?

You?

Or the morons in marketing/PR who wrote the website copy?

Of course, we actually know the answer, so why are you acting so 
testicularly-challenged as to not point out that once again McAfee's 
marketing/PR folk have got the wrong end of the story and are promoting 
something quite unlike what they are actually "selling"?

I mean, we all also know that marketing/PR is very adept at such over-
selling, so whey are you acting so coy about pointing out the 
shortcomings of these folk?


Oh, and you've invoked the wrath of St. Neitzel...

   http://sunbeltblog.blogspot.com/2009/09/malware-experience-brought-to-you-by.html



Regards,

Nick FitzGerald


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: