tag:blogger.com,1999:blog-7347279.post3613729165987270417..comments2023-08-26T05:04:33.009-04:00Comments on anti-virus rants: the best laid plans of mice and men often go awrykurt wismerhttp://www.blogger.com/profile/03810635947269551517noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-7347279.post-86177395059511400242009-03-24T10:08:00.000-04:002009-03-24T10:08:00.000-04:00in theory, yes, you could test... but how accurate...in theory, yes, you could test... but how accurate and globally applicable would the results of said test be? <BR/><BR/>there are a variety of complications that would make me avoid a take-down action on the scale of a typical botnet even with encouraging test results - not the least of which being things like unexpected/unintended behaviour due to bugs or interaction with other software, as well as the familiar prospect of malware writers putting code in their malware to check for test environments so as to behave differently in them than in the real world...kurt wismerhttps://www.blogger.com/profile/03810635947269551517noreply@blogger.comtag:blogger.com,1999:blog-7347279.post-8108038979771102462009-03-24T07:12:00.000-04:002009-03-24T07:12:00.000-04:00While I agree with most of your comments on the et...While I agree with most of your comments on the ethical issues and leaving them aside for a moment, there's one point you did not touch. And that is that there's always the possibility of testing if the self-destroy/uninstall command of a botnet works as expected without negative impacts on the OS or common applications. If such validation is performed then most of the arguments against taking the botnet down seem to loose importance (again, without going into the ethicals).Anonymousnoreply@blogger.com