Re: McAfee really DOES write new Malware! Wholey Moley!

[Rich Kulawiec <rsk () gsp org>]

On Tue, Sep 29, 2009 at 11:08:01AM -0400, Blanchard_Michael () emc com wrote:
> How can any antivirus vendor condone such activity, let alone teach
> a course in it????  What has the world come to?  Don't they remember
> the whole outcry against the University of Calgary when they wanted to
> teach a course that involved creation of new viruses?

Yes, that was most unfortunate and shortsighted -- the outcry, I mean.

It's foolish to pretend that "we", FSVO "we" meaning "the good guys",
are the only ones with the ability to understand malware and abuse
and intrusion et.al., and to teach those skills.  Other people have
the same or better level of understanding, and are increasing their
expertise on a daily basis by applying their skills and developing
new ones.

They're also teaching others, directly or indirectly.

So it would be rather conceited of us to presume that if we don't teach
anybody, that nobody's being taught.  This kind of studied ignorance
has consequences: in one of my areas of expertise (anti-spam research),
I very often find that people constructing defenses have little,
if any, knowledge of contemporary attack methods and thus wind up
deploying pre-defeated mechanisms, sometimes at considerable expense.

To confront the enemy, it's necessary to know the enemy -- and
the enemy's strategies and tactics.  Refusing to learn these
guarantees defeat.

---Rsk
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.