undefined | Better HN

0 pointsmseebach9y ago0 comments

Also, there's a huge difference in the number of people capable of secretly building exploits alone in their bedrooms at night (probably committing a crime), and those building them as a day job, where you can solicit feedback and advice from peers, reference well-organised documentation and study the original source code of previously successful exploits and freely discuss ideas and approaches with colleagues over lunch.

Which of course partially challenges this assumption in the article:

The developers of the malware [..] were discovered and not trained.

0 comments

lawnchair_larry9y ago

people capable of secretly building exploits alone in their bedrooms at night (probably committing a crime)

No, that isn't how exploit research works. I don't understand why one would think that writing exploits is associated with being a criminal.

mseebachOP9y ago

Research, no, but turning it into malware is.

lawnchair_larry9y ago

Do you consider exploits to be malware? If so, then no, you couldn't be more wrong.

j / k navigate · click thread line to collapse

0 pointsmseebach9y ago0 comments

Which of course partially challenges this assumption in the article:

The developers of the malware [..] were discovered and not trained.

0 comments

lawnchair_larry9y ago

people capable of secretly building exploits alone in their bedrooms at night (probably committing a crime)

No, that isn't how exploit research works. I don't understand why one would think that writing exploits is associated with being a criminal.

mseebachOP9y ago

Research, no, but turning it into malware is.

lawnchair_larry9y ago

Do you consider exploits to be malware? If so, then no, you couldn't be more wrong.

j / k navigate · click thread line to collapse