| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: nick at virus-l.demon.co.uk (Nick FitzGerald) Subject: DoomJuice.A, Mydoom.A source code "Riad S. Wahby" <rsw@....edu> wrote: > According to most reports on the matter, DoomJuice delivers the source > of Mydoom.A to infected computers. I'm running an informal seminar on > malware and this could be an invaluable teaching aid. ... In what way would it be "an invaluable teaching aid"? I can see how it could be used as an invaluable _publicity_ aid for attracting folk to the class. However, as a teaching aid, it is highly unlikely to be of much more or less value than the source of any of dozens upon dozens of other malwares, and and that value would be very low... Unless you are planning on teaching malware _writing_? For folk interested in work in the antivirus and related security fields, source code is all but worthless. We rarely have the source code of the malware we have to analyse -- at least, we rarely have it in advance of, or concurrent with, having do such analyses. Reverse engineering is the name of this game and source code is then useless -- if you have source you need not reverse and if you must reverse you would not have the source... Also, from a purely pedagogical perspective (I majored in Psychology and Education), I find your claim that having the source of this malware "could be an invaluable teaching aid" deeply suspicious. Teaching from the specific is generally superficial, less long-lasting and generalizes much less well than providing a good theoretical grounding in the subject matter. Could you expound the theoretical applications that presenting this specific malware's source code to your class would illustrate especially well? Finally, whether you obtain this code or not, what aspects of the ethics of possessing, handling, distributing, etc such code will be you be teaching? Personally, I doubt they will be substantial (or even present) as your initial approach to obtaining the code shows a serious lack of concern for some significant ethical issues straight off... > ... Thus, if anyone > has the source, I'd greatly appreciate if you'd mail it to me off-list > or point me towards an appropriate URL. And what controls will you be placing on your students obtaining, copying, etc the code? Given your brazenly open and "uncaring" request here, why should we expect that you will take any special care with the code and its further distribution to and among those taking your class and their room-mates, buddies and other contacts? -- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854
Powered by blists - more mailing lists