Dan Kaminsky to me: > > _That_ is not at all much like what you say, above, that this workshop > > will be about, so who is right? > > > > You? > > > > Or the morons in marketing/PR who wrote the website copy? > > More to the point, are you seriously suggesting that some IT > professional out there is thinking -- > > You know, this job sucks. I know! I'll go to a McAfee training > seminar and learn how to write me some malware! Muahahahhahahah! > > But first, let me grow out this mustache, for I must have something to twirl.. > > In all seriousness, I don't mind security professionals going to Black > Hat to learn how to use Metasploit; I certainly wouldn't mind McAfee > training on what actually is going on inside of malware.
Not at all -- I'm equally cool with the AVERT folk (several of whom are good friends of mine, though whether they'll be involved in Focus'09, I know not) making informed presentations on malware workings and even running workshops where customers can get hands-on experience of dealing with infections, outbreaks, etc in as realistic (but Internet- disconnected) lab settings as possible. My complaint is that they have a website saying "we write Trojans and will train you up too" and when folk complained about that they wheeled out a statement saying "that's not what we meant", rather than taking some action to change the offending website and _then_ making a statement. The old adage has it that action speaks louder than words -- so far McAfee have spoken... ... OK -- last reload of the offending page before I hit send it has changed to read: Join experts from McAfee Avert Labs and have a chance to work with a Trojan horse, commandeer a botnet, install a rootkit and experience first hand how easy it is to modify websites to serve up malware. so, better late than never... Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
