McAfee Avert Labs is advertising its Focus ’09 conference next month in Washington, D.C.. We find one of the 13 sessions offered on the agenda disturbing:
Avert Labs — Malware Experience
Join experts from McAfee Avert Labs and have a chance to create a Trojan horse, commandeer a botnet, install a rootkit and experience first hand how easy it is to modify websites to serve up malware. Of course this will all be done in the safe and closed environment, ensuring that what you create doesn’t actually go out onto the Internet.”
This is unethical. And it’s the wrong approach to teaching awareness and understanding of malware. This would be like your local police giving a crash-course on how to plan and execute the perfect robbery — yet to avoid public criticism, they teach it in a ‘safe environment’: your local police station.
The oldest myth and question in the antivirus business can now be answered thanks to McAfee: ‘Yes, antivirus vendors do create their own malware. At least one of them does it. On top of that they even educate people that are not criminals yet on how to do it!’ Knowing Vesselin Bontchev as a colleague and friend, I’m sure the last word has not been spoken here. Someone has to point out that this is wrong. Very wrong.
I think McAfee just managed to add another point to the ‘why do people write malware list:’
1, Anger issues
2. Fun Factor
3. Espionage
4. The hacker instinct
5. Money Money Money
6. Political agitation
7. The Shakespeare Syndrome: Romance & Drama
8. Sabotage
9. The intellectual challenge and passing the boring time
10. Extortion
11. I just updated my resume with virus knowledge
12. Because McAfee teaches it now in a ‘safe’ environment
See McAfee’s course description here.
Let’s remember that in 2003, the University of Calgary drew fire for offering a similar course.
I have a lot of respect for my colleagues at McAfee. Please, don’t let this happen.
Michael St. Neitzel
VP of Threat Research and Technologies
Update: McAfee has clarified this matter in the curriculum for their upcoming Focus 09 Security Conference. The text now reads: Join experts from McAfee Avert Labs and have a chance to work with a Trojan horse, commandeer a botnet, install a rootkit and experience first hand how easy it is to modify websites to serve up malware.
This is considerably better.