Saw a fantastic episode of
Security Now with Brian Krebs. The show tends to focus more on the protection end of things, while Krebs focuses on the people trying to break that protection.
What fascinated me was how bad guys have adopted open source business models.
With the example they brought up (the "Stix Sploit Pack"), the selling point isn't the software. It's
tech support. A trouble ticket system. Updates via Git (which is ****ing hilarious to me). An unspoken promise buying the software won't make you part of the seller's botnet.
The cherry on top is everything is listed
for tobacco use only for stress testing your own site.
Security Now 392 | TWiT.TV