Malcon: the devil? or just a more specialized BlackHat?

So, I saw today Kurt Wismer’s post over on AV Rants about Malcon.  Truth be told, I hadn’t heard about it, so thanks to Kurt for once again illuminating me.

TLDR version for folks not wanting to read his article or the one Kurt quotes: it’s a conference – in Mumbai – targeted to malware authors.  Apparently, forwarding the science of how to write “malwares”.  Hmmm…  I’m not sure where I stand on the idea of having a conference about this.  In other words, I’m torn.

On the one hand, at a visceral level, I’m inclined to agree with Kurt when he says “WTF?”  It’s not about the fact that folks are developing new malware techniques necessarily: I happen to hold the (quite unpopular) opinion that responsible malware creation not only isn’t an oxymoron, but that it can actually be useful for legitimate research purposes… under rare, few-and-far-between, limited situations. That being said, I also believe that malware is annoying as hell and is all-around a blight on the global community. So forwarding the “science” of it seems counterproductive.  Forwarding the science of what?  How to be an asshat?

On the other hand, from a “bottom line” perspective, it doesn’t seem to be that far off from what happens BlackHat/Defcon.  Those are “full disclosure” outlets.  So, is someone pointing out new and innovative methods for how to hack the IOS, ATM machines, or facebook so different from someone pointing out new and innovative methods for how to create new malware?  I’m not sure it is…  Blackhat/Defcon have the air of respectability in the security community established through years of historical precedent as a useful research outlet.  So is it fair for me to prejudge Malcon?

Hmm… I guess we’ll have to see how it plays out to find out if it’s useful or just another wretched hive of scum and villainy.