(ex)Virus-writer hired by an AV company

http://www.theregister.co.uk/2004/11/08/vxer_joins_av_zoner/

 

From the link mentioned above:

"Most anti-virus firms refuse to employ virus writers because it’s bad for public relations."

Just wondering, how competent employees these av vendors have, when they haven't even written viruses?

It's totally different thing what's hiding behind the lines.

There are really people who believe in Santa Claus!

One more thing, I've heard that in the armaments industries they have never tested their products agains't humans.


Best regards,
Firefighter!

 

dear Firefighter, i remember once Sarah Gordon told me that you don't have to suffer from appendicitis to be a good doctor. let me rephrase that as you don't have to be a thief to catch one. its all about programming and disassembling skills. don't you agree?

 

To the best of my knowledge, Zoner develops image progessing software and not antiviruses. To label Zoner as antivirus company is a bit stong language

 

In my opinion, the behaviour of many AV/AT software companies to condemn virus writers comes close to bigotry.

Moreover, I know several AV/AT software companies the employees/coders/etc. of which have formerly coded malware and/or were active participants of the malware scene. Don't ask for details.

Greetings from Perth,

ntl

 

Actually, this controversy raises some questions.

The only reference that I could find about Zoner Antivirus...is
located on Benny's homepage. On this same page, there is written :
"The ZAV engine for Windows 2000+ is currently protecting the
servers of inmail and czechia."

Inmail points to the following website : http://www2.inmail.cz/

The weird thing is that this website does explicitely states that
the antivirus product used by Inmail actually is...NOD32. There
are not less that 3 references to NOD (links to the czech website)
on this page. Eset even being cited as a "Partner". On the other
hand, there seems to be very strong links between Zoner and
Inmail.

In this frame, I can hardly imagine that Zoner AV team and Eset
work independantly from each other. They have to collaborate in
some way.

Then, I would have a question for Eset people : "Is Zoner a
"decoy" used by Eset for indirectly profit from Benny's experience/
contacts without taking the risk of hiring him ?"

Just a question. No offense intended.

My two cents,

--
Tweakie

 

To IBK from Firefighter!

I've read a web interview about Benny about a year ago, where he said that DrWeb was the most challenging scanner to fool, let's hope that it will be the same with the NOD too!

Best regards,
Firefighter!

 

Fellow Creatures,
The article says he has turned over a new leaf... To me this would mean he has repented and has turned from the darkside. If it is true and he has seen the error of his ways and has come into the light then he should be allowed to join the fight. If after a criminal has served his time and comes back out into society and no one gives him a chance the only thing left is continual crime...

 

What more we can see than a simple example about how to make money?

What the heck! All we have money. You can pay!

Best regards,
Firefighter!

 

Oh, what garbage. This isn't even a grey area; it's all black and white.

It's not about "giving former malware authors a chance" [wipes tear from eye]. They can become any type of programmer. Not being able to work in the AM industry specifically doesn't mean they have to resort to writing malware for organized crime syndicates.

And spare me the nonsense about requiring malware-authoring experience to develop AM products. Can you really imagine that as a hiring criteria? I can see the Symantec hiring manager now: "So, what malware have you written? None? Sorry, the advertisement plainly says 'Must have malware-writing experience'."

Do you know of any law-enforcement agencies that do that? "So, you want to be a police officer. Great! Now, how many houses have you broken into?"

Make malware-authoring experience a barrier to entry--or even an incentive--to work in the AM software industry, and you give a whole slew of scumbags a whole new reason to make "The next big threat". And that's why it's a bad idea, and a bad practice.

P.S.

Yeah, sure you do. Hey, guess what? I talked to god the other day. Don't ask for details. (People who try to incite curiousity annoy me.)

 

Great read:

http://vx.netlux.org/lib/iv001.html

 

The article wasn't that I mentioned above, but also in here according to "Benny",

> The same as for viruses can be applied to antivirus software (but they are here not thounsands but in some couple of dozens exmplares). Your personal TOP five of anvirus packages and reason(s) why:

* DrWeb - it has the best heuristix for Win32
* NodICE32 - also very good heuristix for Win32
* AVP - perfect scanner, perfect internet page

What more to say?

Best regards,
Firefighter!

 

Because McAfee seems to like heuristics methods too, wait some months and you will see about McAfee that it has hired the whole "29A team".

Best regards,
Firefighter!

 

Going to have to disagree with you here. I could supply creds but being online there is no point anyway. It has been my experience and the experience of a lot of security firms I have worked with that ex-hackers and the like are by far the best at stopping people just like themselves from system breaks and the like. The same applies to antivirus, particularly in the field of pre-emtive antivirus where they are able to detect unknown types because the coders understand virus concepts in general. Hope I explained understandably, I have a bad habit of not expressing my views accurately.

 

That doesn't prove that it really takes an ex-hacker to stop current hackers, or ex-malware authors to stop current malware authors; it only goes to show that not many people have the appropriate skills, and have actually tried applying them to positive use.