[Owasp-singapore] Open source does not work well for bad guys

Wong Onn Chee ocwong at usa.net
Tue Sep 22 21:20:26 EDT 2009


"The big problem? Revealing the code means delivering security companies
everything they need to write an identifying virus “signature” for it.
Even if you enhance the base program, the original signature will still
identify it.

It’s in the nature of crime. A bad guy’s actions can only work if they
are done in secret."

OC: I can't understand why the trojan horse authors released their
trojan horse as open source. The fact is all malware, except this funny
trojan horse, are closed-source by default.

More information about the Owasp-singapore mailing list