Re: Virus Crossfire

["val smith" <mvalsmith () gmail com>]

"It's like an anti-virus company, but without that fake "We're better than
you" attitude."

Heh, I'm TOTALLY going to have to work that into the page motto somehow.
Thanks Dave.

This kind of thing is the whole reason why we formed offensivecomputing.
People seem to have this attitude that access to malware is power or money.
Well I'm for power to the people (go 60's!). I've worked on many an incident
investigation where the thought "boy we sure wish we had some website we
could go to to find out what the hell this file is on the victims computer"
came up constantly. Which is why I started learning about reverse
engineering, and malware and the whole thing. There is no one for small
scale security people to turn to for help if they aren't part of the "cool
kids" AV club. It seems that the malware "full disclosure" debate will have
no end but offensivecomputing will continue to try to fill the hole (for
free and uncensored, malware gone wild!) that exists in the "people's"
access to research and samples. Go Malwarist Manifesto!

V.

On 3/4/06, Dave Aitel <dave () immunityinc com> wrote:
> *Many of you probably already read this article by Rob Lemos.
>
> http://www.securityfocus.com/news/11379
> *"A virus that spreads from PCs to mobile devices has become the focus
> of a power play between the antivirus industry and the relatively young
> Mobile Antivirus Research Association, which obtained the only sample of
> the program."
>
> *So some funny things in the following statement from the group who
> started it:
> 1. What was the bullying? Is this a child's playground or what?
> 2. I'm not sure what jurisdiction these people are in - I imagine
> several - but I'm not aware of any US law that makes distributing
> malware illegal in any fashion as long as the people involved all know
> what it is.
>
> http://www.mobileav.org/index.html
> """
> *Currently, several security experts and antivirus companies are applying
> for a formal exchange agreement with MARA in order to get a sample of
> the Crossover Trojan. However, a small number have refused to sign any
> agreement, and have made comments to the effect that, "we're the
> experts, not you, so hand it over right now." Some of them have even
> tried to bully individual members into bypassing the proper protocol.
> That is unfortunate, since it would be illegal to distribute malware
> without a signed agreement. There has to be a chain of custody in place.
> """
>
> In any case, the whole thing is funny. Recently I've had people call me
> and ask me if this sort of service is what the Immunity Partner's
> program is, which it's not. What people are really looking for is
> http://www.offensivecomputing.net/ . It's like an anti-virus company,
> but without that fake "We're better than you" attitude. Valsmith should
> make this their official motto.
>
> -dave