PC Advisor quoted Dave Marcus, security research and communications manager with McAfee’s Avert Labs. “Hackers are using techniques popularized by developers of open-source software like Linux to improve their malicious code, a researcher at McAfee has said. Nowhere is this more apparent than within the growing families of ‘bot’ software, which allow hackers to remotely control infected computers. Unlike viruses of the past, bots tend to be written by a group of authors, who often collaborate by using the same tools and techniques as open-source developers”
Ok what is your point here? What do you think they use to develop? What other development models are they going to use? Do you think a handful of Bot authors are going to invest in Visual Studio Enterprise 2005 backed with Rational Rose and Radview? No…they are going to use CVS, Bugzilla, Ecplise, etc. Why? They are free and can be modified to fit a particular purpose. I am not sure what pointing out the obvious does here. Myabe his point isn’t the tools they are using, it’s that these authors are collaborating.
Mr. Marcus also goes on to say “We’re not taking aim at the open-source movement; we’re talking about the full-disclosure model and how that effectively serves malware development,”. Do you see the irony when McAfee complains about full disclosure. This coming from a company who just last week fixed a serious flaw in their ePolicy Orchestra software without telling anyone. They bundled it in with a “feature update”.
I think they need a little help with their “Wagging the dog” maneuvers. Of course….I could be wrong.
–Chris
Technorati Tags: McAfee, Open Source, Full Disclosure
Leave a Reply