Blogging from SOUPS 2005 at CMU.

Ches just gave the keynote talk titled My Dad’s Computer, Microsoft, and the Future of Internet Security, which like all good talks, has been evolving for some time. Money quotes:

  • “Dad, your computer is blowing blue smoke all over the Internet!”
  • “These virus-building tools have GUIs, *nice* GUIs.”
  • On 0wn3rs: “They try not to be too disruptive. They’ve got uses for your computer. It’s called time-sharing. They install patches for you to keep (other) attackers out, they work very hard to get bugs out of their software.”
  • “You have to get out of the game. Or, as the Karate Kid’s Mr. Miyagi says: ”Best block is not to be there.”

Ches quoted spot prices for botnet cycles — 3 cents per week on the low end for spam forwarding, $40 each for machines on targeted networks. Also interesting, the Phatbot command list.

Ping and others are blogging the conference at Usable Security.