I would suggest you are talking about different people.<br>The malware analysts at any AV company probably dig through more malware samples than you do on a regular basis. They are likely talking about the average quality of code they get.
<br>You (I suspect) are talking more about the ability to write good, subtle malware.<br><br>Underestimating your opponents is a fatal mistake either way. The best malware analysts I know are well aware of the skills of the authors. Likewise so are the authors I know aware of the skills of the analysts.
<br><br>t<br><br><div><span class="gmail_quote">On 6/9/07, <b class="gmail_sendername">Dave Aitel</b> <<a href="mailto:dave.aitel@gmail.com">dave.aitel@gmail.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
The weblog snippet below shows the attitude I love about the anti-virus and IDS companies. The "I'm better than you both technically and morally" fantasy they live in is quite amazing. It's like when people derisively say "script kiddie" and 100% of the time they mean "someone who's way better at security than I'll ever be". The reality is that writing malware is incredibly hard, and the people who do it are amazingly talented.
<br><br><a href="http://www.sophos.com/security/blog/2007/05/120.html" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.sophos.com/security/blog/2007/05/120.html</a><br><br>"""
<br><p>The fact is, whatever the motivation, writing malware is not
'clever', on the whole it's not even particularly difficult. Although
this particular author seems to have trouble because the sample we
received didn't work.</p>
<p>It takes a lot more skill to identify and remove malware, but in
this case, even that wasn't difficult. So my message to the author is,
don't bother, get a real job, but don't bother applying to join
SophosLabs. In fact judging by the poor quality of what was submitted,
I would recommend a completely different career.</p>
<p>Update 4th June - If anyone other than malware authors want to join SophosLabs, we're <a href="http://www.sophos.com/companyinfo/careers/uk/822857832455.html" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
recruiting</a></p>
<p>Mark Harris - Director of SophosLabs</p>"""<br><span class="sg"><br><br>-dave<br>
</span><br>_______________________________________________<br>Dailydave mailing list<br><a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:Dailydave@lists.immunitysec.com">Dailydave@lists.immunitysec.com
</a><br><a onclick="return top.js.OpenExtLink(window,event,this)" href="http://lists.immunitysec.com/mailman/listinfo/dailydave" target="_blank">http://lists.immunitysec.com/mailman/listinfo/dailydave</a><br><br></blockquote>
</div><br>