The Politics of Malware
Kurt Wismer comes up with the standard set of criticisms that we've received at Offensive Computing.
Kurt really touches on the heart of the issue when he says, "i suppose the argument could be made that public access helps those just breaking into the anti-malware market, but in reality there's all kinds malware already readily available to such people so they can build their malware databases organically... at the same time they can build their reputations and trust relationships with others in the anti-malware community so that by the time they need access to malware they can't easily find themselves they'll have people they can turn to..."
It is true, all you have to do is go look and you'll find all kinds of malware. What you won't find are collections of malware that are somewhat presorted for you. You won't find the analysis, and you won't find trends. This causes a duplication of effort that could better be spent on experimenting with new ideas. The old-guard of AV protection is just not working. There are many many smart people working on the issues, but in the end until people work together advancement cannot happen.
There are large barriers to starting malware research. We believe that those barriers are unnecessary for a largely innocuous threat. The real threat is the new malware that is not, and can not be detected. For the most part the current malware threat has been innocuous, and easily handled. What is the path forward when newer more creative threats emerge?