[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <41190395.19802.A075D2A8@localhost>
From: nick at virus-l.demon.co.uk (Nick FitzGerald)
Subject: (no subject)
The appropriately-named Frank Knobbe wrote:
> Isn't the complete lack of naming standardization in the AV industry
> simply amazing? ...
Much as less than perfect naming coordination bothers me, the amazing
thing is actually that names are coordinated as well as they are
(though especially bad cases such as the mish-mash of mostly generic
and heuristic attempts to detect HTML-embedded vulnerability
exploitation attempts, such as the one you quoted, can certainly be
found to suggest that there is virtually no consistency at all).
Of course, outsiders throwing stones probably shouldn't be expeceted to
understand this.
However, if all AV vendors (and it would have to be all vendors or
market forces would prevent it happening, so guess what is one of the
largest things blocking better naming coordination?) were to agree a
name perfectly before _any_ of them shipped updated detection for new
viruses, it is a better than than fair bet that those same outsiders
would the be ones complaining longest and loudest about how tardy AV
vendors were at shipping "emergency" updates.
> ... Imagine that were the case in science, particular
> medicine...
Or perhaps it would be better to imagine that you made a more
meaningful analogy, such as asking how well you think medicine would do
in maintaining naming consistency if entirely new strains and variants
of viruses and pathological bacteria appeared world-wide at the rate
computer malware proliferates. A little exercise of the grey cells
will likely suggest that they are unlikely to do better in the short
term (i.e. during the outbreak phase), but would probably do much
better longer-term as the dieseases, outbreaks and treatments of
"biological malware" tend to last _MUCH_ longer than their "computer
cousins". If there was much oingoing need to coordinate names I think
the AV industry would do better than it does now, but with the rate at
which new variants appear being what it is, medium-term renaming and
name coordination are both problematic and (generally) seen as having
very little, if any, market value, so few people expend much effort on
such renaming.
--
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854
Powered by blists - more mailing lists