View Single Post
  #12  
Old 04-03-2015, 04:11
Insid3Code's Avatar
Insid3Code Insid3Code is offline
Family
 
Join Date: May 2013
Location: Algeria
Posts: 80
Rept. Given: 43
Rept. Rcvd 60 Times in 30 Posts
Thanks Given: 21
Thanks Rcvd at 65 Times in 30 Posts
Insid3Code Reputation: 60
Yes, releasing something (vulnerability/exploit) that can be used for malicious purposes by bad guys is always problematic, but IMHO expose a vulnerability (to the author first, then to the public after that the fix was released) can help developers and users to be better protected.

In VM detection case, EP_X0FF work around known tricks used by malware authors in real life, and malware authors also search what is new (Underground/Private forums). Do not expose these tricks lead to more victims.

Collect and expose all VM detection tricks in open source project can help also all RCE Newbies to better learn and test binary analysis.
__________________
Computer Forensics
Reply With Quote
The Following User Gave Reputation+1 to Insid3Code For This Useful Post:
user1 (04-03-2015)
The Following User Says Thank You to Insid3Code For This Useful Post:
user1 (04-03-2015)