lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
From: nick at (Nick FitzGerald)
Subject: Backdoor not recognized by Kaspersky

madsaxon <> wrote:

> As Rob Rosenberger has been preaching for years, the most sensible
> solution to this problem lies in heuristics, not reactive tactics.
> An ounce of prevention has always been worth a pound of cure.

I think heuristics are over-rated for such applications.  To be truly 
effective the false positive rate will be crippling and thus folk will 
stop using such products.

There are other ways to do intelligent prevention that actuually works 
(at least in corporate environments -- SOHO users will largely remain 
the "virus lepers" or be reduced to depending on NGTCB-like approaches, 
making them a different kind of leper).


Nick FitzGerald

Powered by blists - more mailing lists