Wednesday, September 10, 2008

Why publish this software?

Threat to computers for industrial systems now serious | InfoWorld | News | 2008-09-10 | By Robert McMillan, IDG News Service

Finisterre released his attack code as a software module for Metasploit, a widely used hacking tool. By integrating it with Metasploit, Finisterre has made his code much easier to use, security experts said. "Integrating the exploit with Metasploit gives a broad spectrum of people access to the attack," said Seth Bromberger, manager of information security at PG&E. "Now all it takes is downloading Metasploit and you can launch the attack."


I have to admit, I will never understand the open source and hacker crowd. Particularly the hackers.

I can understand researching to identify risks.
I can understand developing exploits to further understand and define those risks.
I can even understand publishing an academic style paper on said risks and my research, which was very clever indeed.
I CANNOT understand giving away the frellin' crack for somthing like this. I mean, honestly, isn't this a bit like handing out lock-picking kits at a grade-school?

No comments:

Minimally Logged Operations in SQL Server

I'm posting this mostly so I can find it later :) The following article has a great table that defines when operations will be minimall...