Ok, good. Just thought I'd check because your argument has literally nothing to do with any of the points made in the quoted thread, and I'm starting to get a contact high from reading your tweets and trying to figure out how you got here.
-
-
Replying to @fugueish
Did you read the thread, like at all? I get the feeling you read the first tweet and called it a day.
1 reply 0 retweets 0 likes -
Replying to @MalwareTechBlog @fugueish
like, the entire thread discusses that exact point from that exact perspective. Coupled with the fact you tried to explain to me earlier that people reverse patches (that is literally what I do), i can only assume you did not read the thread.
1 reply 0 retweets 1 like -
Replying to @MalwareTechBlog @fugueish
You misunderstood, nobody is trying to techsplain bindiff to you, the point is that these services are commercially available. It's misleading to say this capability is out of the reach of attackers, because analysis and exploits are available as COTS products.
2 replies 0 retweets 9 likes -
Not saying it's out of the reach of ALL attackers, just most. Only the very top percentage of attackers (nation/state & APTs) are doing this kind of work. Large majority of attackers are only using public tools.
1 reply 0 retweets 5 likes -
Replying to @MalwareTechBlog @fugueish
Right, but it's only the large majority if you include opportunistic attacks - when assessing targeted attacks, we don't measure severity by number of affected users. If you group targeted and opportunistic attacks together, sure everything pails in comparison to trivial malware.
2 replies 0 retweets 6 likes -
That was kinda the purpose of my thread. I felt like the argument being made ignores the fact that while yes, the PoCs only save sophisticated attackers time, they also give capabilities to masses of opportunistic actors who would never otherwise posses them.
2 replies 0 retweets 1 like -
I have no strong opinions that doing x or y is good or bad, my intent was simply to point out that the argument ignores an entire class of attackers who cause real harm.
1 reply 0 retweets 3 likes
I understand, but you're incorrect that anybody is ignoring this - you were just saying you thought someone was techsplaining bindiff to you, but Chris and I have been working on vulnerabilities for way too long, of course we've thought about this! 
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.