Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Setting the record straight on "The Return ofKoobface"
From: "Mr. Hinky Dink" <dink () mrhinkydink com>
Date: Sat, 20 Mar 2010 16:14:18 -0400

Absolutely you are correct, but if you check the blog there are further 
references up to last Friday.  It was a tremendous, jaw-dropping flood of 
Kooberz proxies the last two weeks.  And it's still coming.

The point is us Little Guys are paying attention, too.  And sometimes we 
catch this shit before the Big Boys like Dancho and Kaspersky wake up and 
smell the coffee.  Since February I've been wondering Why The Hell I hadn't 
heard anything in the ITsec press on this new resurgence.  Did they hold 
back so Dancho could publish his "Ten Things You Didn't Know About The 
Koobface Gang" article?  Or so Microsoft could gloat over "taking down" the 
Wimpy Waledac botnet?  Is the Good News always published before the Bad News 
in the security industry press release cycle?

The fact remains, Koobface marches on and the security industry can't stop 
it.  Period.  I will be among the first to jump up and down and yell "RA!" 
when someone takes it down, but it ain't going to happen soon.  All I can do 
is sit back and watch while the Big Boys get their headlines.

BTW, I don't consider myself "bitter".  I'm what you might call "tangy".

Thanks for your support,


----- Original Message ----- 
From: J Roger
To: full-disclosure () lists grok org uk
Sent: Saturday, March 20, 2010 3:28 PM
Subject: Re: [Full-disclosure] Setting the record straight on "The Return 

This reads as "waaa i noticed this first and didn't think much of it but now 
that someone else is making a big deal, i want my credit". Maybe you 
reported on it first on your blog, with a single sentence that wasn't even 
the primary focus of the post. Regardless if an up rise in koobface is 
significantly news worthy or not, you apparently failed to draw enough 
attention (or the right attention) to it at the time.

In other words, maybe you did it first, but someone else did it better.

What's more valuable to an enterprise, someone that quickly writes a risk 
assessment that's so sloppy the management with authority to act on the 
findings don't even bother to read it, or someone that takes the time to 
write a report on the same findings that actually speaks to the business and 
be able to make positive changes happen.

You talk about being bitter towards the security industry (which IS 
understandable) but maybe it's time to reflect back a little on yourself. 
Maybe it's not ALL the industries fault. Maybe the sources of your 
bitterness have a little something to do with your inability to make enough 
of the right things happen. Sure you're a "Big Time Security Professional", 
but maybe your blog wasn't enough to get the word out. Maybe you felt it 
wasn't even worth getting the word out or sounding any alarms. If that's the 
case though, don't go back now and try to take credit.

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]