Inside Dark Networks

What a day!

Leaving aside my pain in enriching the government with my checks yesterday, I received a rather interesting email in my inbox today.

It came from McAfee….apparently Matt Asay is saying McAfee has slandered open source by a comment I wrote in my white paper ( http://www.cnet.com/8301-13505_1-9917989-16.html) and (www.mcafee.com/us/local_content/white_papers/wp_botnet.pdf).

First Assumption: I am a McAfee minion employed to destroy open source. Let’s see…after I left McAfee I ran security at Symantec, so no…not a good minion of anyone.

Second Assumption: McAfee wanted that comment in there: No, based on the evidence I had at the time, it was a true statement. It still is.

Well, what did that comment actually mean? Quite simply, two of the nastiest bots out there…PhatBot and AgoBot had published source code. Many people got there hands on it and built uber-bots. We killed those variants, they built more. etc etc etc. Sophos clocked the variants of those two bots at well over a thousand.

Could these bots be described as Open-Source? I believe so.

Was the source code modified multiple times? Yes. Were open source techniques used? Absolutely

Were these bot modifiers core to the Open Source movement? No, just a few bad apples that taint the majority
Was the comment taken out of context? I think so too.

Has McAfee identified crimeware users who rely on Open Source? Absolutely…see David Marcus’s comments here ( http://www.pcadvisor.co.uk/news/index.cfm?newsid=6601)

Sorry Matt, McAfee is NOT your enemy, nor are they ignorant about open source.