lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
From: Glenn_Everhart at bankone.com (Glenn_Everhart@...kone.com)
Subject: AV Naming Convention

So isn't this the reason CVE was created some time ago now?

Give the AV companies a bit of mercy though: they are called upon to
analyze virii with ever less lead time, and need to pick names sometimes
before full behavior is even known (as it seems to me from watching
them).

Given the time allowed to do this work, it seems a cross reference after
the fact is probably the best one can hope for.

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of Todd Towles
Sent: Tuesday, August 10, 2004 10:16 AM
To: 'Todd Burroughs'; 'Frank Knobbe'
Cc: full-disclosure@...sys.com
Subject: RE: [Full-Disclosure] AV Naming Convention




I have to agree with Todd, the naming convention is now right useless for
the normal population and make keeping up with viruses on a corporate level
that much harder. AV companies are always trying to beat the other company
and this leads to very little information sharing between the companies on
new viruses, etc.

Maybe a foundation should be created. This foundation could give a seal of
approval to all AV corporations that join in. We are starting to make rules
for patch management over at patchmanagment.org. Why couldn't a group work
with AV names and the first company that finds and IDs it correctly gets to
name it in the foundation. Just a dream, I would guess.





_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


**********************************************************************
This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you
**********************************************************************

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ