| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1f5f01c3d450$8f053060$0864a8c0@STARDEVALEXSHIPP> From: ashipp at messagelabs.com (starlabs) Subject: Re: Show me the Virii! (Pyrrhic heuristic) >From: "Feher Tamas" <etomcat@...email.hu> > >Anti-Virus heuristics' job is not to catch unknown viruses, but to >measure the amount of lazy factor in virus authors' blood. > >The fully functional trial versions (usually 30-day limited) of all anti-virus >packages by all vendors is available on the Web. You just download it, >no hassle, anonimously. Obviously, AV companies need to sell their >products and free trial versions are an effective way of convincing the >would-be customers of the software's merits. >But there is a side effect: virus writers can also test their new creations >in-house, for free. [snip] This is a good point, but is not the full picture. I know of at least four companies offering virus scanning as an outsourced service, who use their own scanners. These are not available to the virus writer offline, and therefore it is much harder to get viruses past them. >I think heuristics has a limited future in the AV field... I guess I better start looking for a new job then :-) Regards, Alex ________________________________________________________________________ This email has been scanned for all viruses by the MessageLabs Email Security System. For more information on a proactive email security service working around the clock, around the globe, visit http://www.messagelabs.com ________________________________________________________________________
Powered by blists - more mailing lists