Comments on: McAfee, Where’s Your Brain? http://www.liquidmatrix.org/blog/2006/05/15/mcafee-wheres-your-brain/ Bringing Fire To The Village: Your Source For Computer, Network & Information Security News from Dave Lewis, Security Blogger Fri, 29 Aug 2008 10:13:46 +0000 http://wordpress.org/?v=2.6.1 By: gattaca http://www.liquidmatrix.org/blog/2006/05/15/mcafee-wheres-your-brain/#comment-290 gattaca Tue, 16 May 2006 18:46:00 +0000 http://www.liquidmatrix.org/blog/2006/05/15/mcafee-wheres-your-brain/#comment-290 Fair point. I've always been one for open dialogue. I've always been privy to exploit code and source code for most tools that I use. As a result I have not really been viewing this through the eyes of John Q User. The biggest problem is that I can see both sides of this issue. I guess I'll have to agree to disagree. A point well taken nonetheless. Fair point. I’ve always been one for open dialogue. I’ve always been privy to exploit code and source code for most tools that I use. As a result I have not really been viewing this through the eyes of John Q User. The biggest problem is that I can see both sides of this issue. I guess I’ll have to agree to disagree. A point well taken nonetheless.

]]> By: kurt wismer http://www.liquidmatrix.org/blog/2006/05/15/mcafee-wheres-your-brain/#comment-289 kurt wismer Tue, 16 May 2006 14:55:39 +0000 http://www.liquidmatrix.org/blog/2006/05/15/mcafee-wheres-your-brain/#comment-289 frankly, the user base can be educated to the point of being able to protect themselves without sharing source code or compiled binaries for actual attack tools... the user base is not going to be writing their own search routines, they're going to be using pre-built security tools... they need to know the nature of the threat but not necessarily the implementation of it... frankly, the user base can be educated to the point of being able to protect themselves without sharing source code or compiled binaries for actual attack tools… the user base is not going to be writing their own search routines, they’re going to be using pre-built security tools… they need to know the nature of the threat but not necessarily the implementation of it…

]]> By: gattaca http://www.liquidmatrix.org/blog/2006/05/15/mcafee-wheres-your-brain/#comment-275 gattaca Mon, 15 May 2006 18:05:44 +0000 http://www.liquidmatrix.org/blog/2006/05/15/mcafee-wheres-your-brain/#comment-275 True enough. I just feel that bad people are going to do bad things irrespective of anyone's intentions. I'm partial to having it out in the open to help better educate the user base. More often than not, the biggest vulnerability in computer security sits between the chair and the keyboard. If they can be better educated this can help to mitigate problems and hopefully avoid future scenarios such as the Sony rootkit debacle. Thanks for the comment. cheers True enough. I just feel that bad people are going to do bad things irrespective of anyone’s intentions. I’m partial to having it out in the open to help better educate the user base. More often than not, the biggest vulnerability in computer security sits between the chair and the keyboard. If they can be better educated this can help to mitigate problems and hopefully avoid future scenarios such as the Sony rootkit debacle.

Thanks for the comment.

cheers

]]> By: kurt wismer http://www.liquidmatrix.org/blog/2006/05/15/mcafee-wheres-your-brain/#comment-274 kurt wismer Mon, 15 May 2006 17:47:13 +0000 http://www.liquidmatrix.org/blog/2006/05/15/mcafee-wheres-your-brain/#comment-274 if you were a bad guy you might not post your source code there, but you certainly might download their source code... more importantly, you might download the compiled binaries they include with the source code... according to greg hoglund (founder of the site in question), the 'rootkit' that his co-author (james butler) wrote and made available on the site has become one of the most deployed 'rootkits' in the world, and quite often the people who deploy it are using the exact binaries that are available for download from the site... regardless of their intentions (the road to a very hot place is paved with good intentions), they are arming the bad guys... if you were a bad guy you might not post your source code there, but you certainly might download their source code…

more importantly, you might download the compiled binaries they include with the source code…

according to greg hoglund (founder of the site in question), the ‘rootkit’ that his co-author (james butler) wrote and made available on the site has become one of the most deployed ‘rootkits’ in the world, and quite often the people who deploy it are using the exact binaries that are available for download from the site…

regardless of their intentions (the road to a very hot place is paved with good intentions), they are arming the bad guys…

]]>