Malware: From your text editor, to the United States Government's Lab (SHA2017)
After attending CCCamp 2015, I knew that I would be going to SHA 2017 in Amsterdam. At the time when I started planning my trip, I had a full time job at Georgia Institute of Technology, working in the Institute of Information Security (IISP) with research students whom specialize in Information/Cyber Security. Having the opportunity to work in such a department, I was able to be apart of many conversations that most people in the security world would not be exposed to. Because of this, I learned much more about how the United States Government communicates with Universities in hopes to derive insights on different nation-state threats. Given this unique perspective, I create and submitted a Call for Papers on the subject. Remarkably, my talk got approved and I was given the opportunity to speak at SHA 2017. I made a point to not include names of researchers and their research in an attempt to preserve their privacy.
In summary of my talk, I do not hold the researchers accountable for the actions of the United States Government. Researchers want to conduct research and the government wants those insights. What the government does with those insights and how they decide to use them, is an ethical and moral dilemma that can lead to immortal and unethical means. It's how the USG uses that information and their intentions determines if it's malicious or not.