.

Metasploit's HD Moore is "Hitler's Driver"?

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Tue Oct 24, 2006 11:22 pm

Metasploit's HD Moore is "Hitler's Driver"?

Check out this new article in Information Week magazine.

Has H.D. Moore gone too far?

Moore's like many security researchers who gin up publicity for the software flaws they find, as he did with his bug-a-day stunt highlighting browser weaknesses in July. But he goes further, as one of the main forces behind the Metasploit Project, which posts a free, open source platform that makes it easier to develop and test code that can take advantage of software vulnerabilities. Included are more than 150 examples of such code ready to exploit flaws.

Next month, Moore will raise the already-high stakes when Metasploit releases a new piece of code--called eVade-o-Matic--that makes it harder for intrusion-detection systems and antivirus software to detect exploit code aimed at Web browsers. It's one thing to show people how to exploit software flaws; it's another to help attackers go unnoticed.


He's even well regarded by some--not all--in Microsoft's Security Technology Unit, which had Moore speak at its "Blue Hat" conferences, designed to give Microsoft programmers a wake-up call to the kind of hacking their work will endure. However, one manager of a product successfully broken with his tools, who's no longer with Microsoft, called Moore the "spawn of the devil" and "Hitler's driver."


For full article:
http://www.informationweek.com/news/sho ... =193401125

Don
Last edited by don on Tue Oct 24, 2006 11:25 pm, edited 1 time in total.
CISSP, MCSE, CSTA, Security+ SME
<<

LSOChris

Post Wed Oct 25, 2006 10:17 pm

Re: Metasploit's HD Moore is "Hitler's Driver"?

meh, HD Moore is good for the security business and one of the only people actually dropping exploits these days. 

MS is just a bunch or whiners and finger pointers, of course they dont like him, how would you like someone who lets you know (publicly) everytime you make a boo boo.

his month of browswer bugs was awesome, especially since it was a response to some smart comment by MS.

hmmm Hitler's driver because he found exploitable bugs in code...that doesnt say much to me about the caliber of that person
<<

Kev

Post Thu Oct 26, 2006 12:36 am

Re: Metasploit's HD Moore is "Hitler's Driver"?

Its outrages to criticize H.D. Moore. He has done more than most  people in security to bring out awareness of exploits. More Admin are now aware of buffer overflows and what they represent.  If you subscribe to the Metasploit email you know how he takes time to answer questions and help when he can.  All for free!  Perhaps those that criticize should look at what they have contributed to the security community before they open their mouth.
<<

jimbob

Post Thu Oct 26, 2006 4:51 am

Re: Metasploit's HD Moore is "Hitler's Driver"?

When a web browser that has been in the wild for as long as MSIE 6 has so many flaws, serious flaws that are being exploited daily, it's about time some code shops woke up and took responsibility. The whole disclosure issue has been covered many times in many forums and there is always a vocal crowd in the software development community ready to condemn ANY disclosure of vulnerabilities to the public.

As we have seen time and time again disclosure is often the only way to get a vendor fix for an issue. You can write stunts like browser bug-a-day as egotistical but publicity serves a purpose. We need to keep pushing the game forward; it wasn't that long ago when the advice was you can't get a virus without opening attachment.

Jim

Return to /root

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software