Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×

McAfee Blames Open Source for Botnets 223

Posted by timothy from the how-conveeeeenient dept.
v3xt0r writes "It seems that 'the Open Source Development Model' is to be blamed for the recent increase in botnet development. 'We're not taking aim at the open-source movement; we're talking about the full-disclosure model and how that effectively serves malware development,' the spokesman for McAfee says. Why not just blame the IRC Protocol? Or simply admit that Proprietary vendors cannot keep pace with the Open Source Model?"
This discussion has been archived. No new comments can be posted.

McAfee Blames Open Source for Botnets More

McAfee Blames Open Source for Botnets

Comments Filter:

  • Re:They're missing the real culprit. (Score:3, Informative)

    by blcamp ( 211756 ) on Monday July 17, 2006 @02:15PM (#15732366) Homepage

    It could have been the Chinese that are to "blame":

    http://en.wikipedia.org/wiki/Abacus [wikipedia.org]

  • Re:Full disclosure != open source (Score:5, Informative)

    by dzfoo ( 772245 ) on Monday July 17, 2006 @02:35PM (#15732546)
    They *are* complaining. Its called "planting the seed of distrust":

    From the article:
    "Over the last year and a half, we've noticed how bot development in particular has latched on to open-source tools and the open-source development model,"

    Further down:
    Marcus said his company is drawing attention to the open-source trend to educate users, and not as an attempt to discredit open-source alternatives to its own proprietary software products. "We think [open-source antivirus products] are fine. They've never been something that was really in the same class as ours, but we've always been big supporters of open-source antivirus," he said.

    In other words, McAfee is saying "Bot writers are using Open Source tools to develop, maintain, collaborate on, and distribute malware. We're just saying, you know. Not that we're accusing them of anything; we're just saying."

    Then later in the article they start bad-mouthing Full Disclosure. That's, as you say, a separate topic.

        -dZ.

  • Re:Corral Cache damn you guys (Score:2, Informative)

    by kennedy ( 18142 ) on Monday July 17, 2006 @02:37PM (#15732565) Homepage
    Try the Slashdotter plugin for firefox...

  • Misleading title (Score:3, Informative)

    by HangingChad ( 677530 ) on Monday July 17, 2006 @02:38PM (#15732573) Homepage
    It makes it sound like virus writers are using open source software to launch botnets. They're using open source software development techniques to create botnet software for Windows.

    Sheesh.

  • On locks and Open Source (Score:4, Informative)

    by crono_deus ( 796899 ) on Monday July 17, 2006 @02:56PM (#15732703)
    Dammit, I've heard just about enough of these arguments. About 150 years ago, this man called Charles Tomlinson published a paper regarding how the mechanical workings of all locks should be public knowledge because, he reasoned, if the public knew about the weaknesses and strengths of each lock, they could 1) force the lockmaker into making a better lock, and 2) choose the one that suited them the best.

    Below are two excerpts from the paper, found, interestingly enough, using the "fortune" program. Yes, I know that the making of locks isn't exactly like the creation of software, but the principle remains the same. Security through obscurity is no security at all; however, if the standards and techniques are open and available to the public, we, the "experts" in the field, will actually be hold companies accountable for problems and shortcomings in their software.

    "A commercial, and in some respects a social, doubt has been started within the last year or two, whether or not it is right to discuss so openly the security or insecurity of locks. Many well-meaning persons suppose that the discussion respecting the means for baffling the supposed safety of locks offers a premium for dishonesty, by showing others how to be dishonest. This is a fallacy. Rogues are very keen in their profession, and already know much more than we can teach them respecting their several kinds of roguery. Rogues knew a good deal about lockpicking long before locksmiths discussed it among themselves, as they have lately done. If a lock -- let it have been made in whatever country, or by whatever maker -- is not so inviolable as it has hitherto been deemed to be, surely it is in the interest of *honest* persons to know this fact, because the *dishonest* are tolerably certain to be the first to apply the knowledge practically; and the spread of knowledge is necessary to give fair play to those who might suffer by ignorance. It cannot be too earnestly urged, that an acquaintance with real facts will, in the end, be better for all parties."

    -- Charles Tomlinson's Rudimentary Treatise on the Construction of Locks, published around 1850

    "In respect to lock-making, there can scarcely be such a thing as dishonesty of intention: the inventor produces a lock which he honestly thinks will possess such and such qualities; and he declares his belief to the world. If others differ from him in opinion concerning those qualities, it is open to them to say so; and the discussion, truthfully conducted, must lead to public advantage: the discussion stimulates curiosity, and curiosity stimulates invention. Nothing but a partial and limited view of the question could lead to the opinion that harm can result: if there be harm, it will be much more than counterbalanced by good."
    -- Charles Tomlinson's Rudimentary Treatise on the Construction of Locks, published around 1850.

    If you ever wanted to send anything defending OSS to anyone, this would be a very good thing to send.

Slashdot Top Deals

Credit ... is the only enduring testimonial to man's confidence in man. -- James Blish

Close