Ok, good. Just thought I'd check because your argument has literally nothing to do with any of the points made in the quoted thread, and I'm starting to get a contact high from reading your tweets and trying to figure out how you got here.
-
-
Replying to @fugueish
Did you read the thread, like at all? I get the feeling you read the first tweet and called it a day.
1 reply 0 retweets 0 likes -
Replying to @MalwareTechBlog @fugueish
like, the entire thread discusses that exact point from that exact perspective. Coupled with the fact you tried to explain to me earlier that people reverse patches (that is literally what I do), i can only assume you did not read the thread.
1 reply 0 retweets 1 like -
Replying to @MalwareTechBlog @fugueish
You misunderstood, nobody is trying to techsplain bindiff to you, the point is that these services are commercially available. It's misleading to say this capability is out of the reach of attackers, because analysis and exploits are available as COTS products.
2 replies 0 retweets 9 likes -
Not saying it's out of the reach of ALL attackers, just most. Only the very top percentage of attackers (nation/state & APTs) are doing this kind of work. Large majority of attackers are only using public tools.
1 reply 0 retweets 5 likes -
Replying to @MalwareTechBlog @fugueish
Right, but it's only the large majority if you include opportunistic attacks - when assessing targeted attacks, we don't measure severity by number of affected users. If you group targeted and opportunistic attacks together, sure everything pails in comparison to trivial malware.
2 replies 0 retweets 6 likes -
That was kinda the purpose of my thread. I felt like the argument being made ignores the fact that while yes, the PoCs only save sophisticated attackers time, they also give capabilities to masses of opportunistic actors who would never otherwise posses them.
2 replies 0 retweets 1 like -
Replying to @MalwareTechBlog @fugueish
Nobody is ignoring that, we have to wrestle with balancing access to research. Many reasonable people (like me... I hope) conclude that the risk of opportunistic cryptominer campaigns is an acceptable trade-off to neuter targeted ethnic cleansing, espionage, etc operations.
2 replies 0 retweets 13 likes -
@taviso Please explain “neuter espionage”1 reply 0 retweets 0 likes
Corporate espionage, stealing proprietary data, accessing financial reports before release, blueprints, source code, design docs, etc.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.