Lindsey KuperFeb 6
Just trying to understand the phrase "malware analysis evasion and counter-evasion" (https://dl.acm.org/doi/10.1145/3150376.3150378) is like evaluating a formula with nested negations. "malware" (bad!), "analysis" (good!), "evasion" (bad!) "and counter-evasion" (and also good!)
Show threadLindsey KuperFeb 6
Do security researchers ever get confused as to whether they're the good guys or the bad guys?
Show threadMathias Payer
@lindsey simple answer: to develop a strong defense you must understand offense along with most likely attack vectors. Usually, those that write and talk about it are the "good guys" ;)
Feb 6 at 1:12amWeb
Show threadLindsey KuperFeb 6
@gannimo I could never be one of the bad guys, then -- I like public writing and talking too much!
Show threadBart CoppensFeb 6
@lindsey @gannimo people's writing (and speaking) does sometimes muddle things: 'we can overwrite the return address', 'we then inject a value', but then later 'we transform the code' and 'we monitor the values', etc. 😉