[nsp-sec] Follow-up - Re: Rustock - anyone interested in leading an industry investigation team?

Fri Jan 21 10:02:15 EST 2011

Hi Team,

Good news. A few minutes after this E-mail was sent out, a "little bird" called. Meaning, we have teammates in the operational security community working on Rustock that requires a level of "operational confidentiality." That means most of us can work on all the other badness, investigating the other badness. For others, if you are in a position to collect telemetry on Rustock, the "little bird" asked that you record and watch. It will be blatantly obvious when the larger community will need that data. If you feel like "rushing to blog" on this, please don't. You'll only be helping the bad guys. 

A personal note ... it is really nice to know that our operational security communities have matured to the level where we can _trust_ our teammates to work the problem. We don't have to poke our noses into it their work. We can trust their work, knowing that they have it covered, but cannot talk about it at this time. One of these mornings We'll wake up and read something in the newspaper and say "yea team!" In the mean time, there is lot of other badness to unravel. :-)

A side note - I was floored by the number of people who stepped forward to help lead and participate in the investigation work. That INSPIRING response gives me hope that 2011 is going to be a year of great success against the badness on the Net. Thank You! 

It also means that we can focus this enthusiasm on another target. :-)

Thanks,

Barry

On Jan 20, 2011, at 9:57 AM, Barry Greene wrote:

> Hi Team,
> 
> Is anyone in the middle of rustock investigative work? Does anyone have any time to lead an effort? 
> 
> Overall, we as a community are all bogged down with investigative work. We're either "maxed out" (no hours in the day) or exhausted  (too many firedrills). We're are looking for someone to lead a effort. There are plenty of people who can help with access to lot of data, we just need two to three people who can spend a good three months driving a industry team to investigate, collect data (syncing with LE), and then orchestrating mindful whack downs. 
> 
> If you are interested, please let me know.
> 
> Thanks,
> 
> Barry
> 
> -- 
> Barry Raveendran Greene
> Security Geek helping with OPSEC Trust
> Phone: +1 650 423 1311
> Mobile: +1 408 218 4669
> E-mail: bgreene at senki.org
> 
> -- 
> OPSEC TRUST: All message content remains the property of the author
> and must not be forwarded or redistributed without explicit permission.