lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: alerta at redsegura.com (Alerta Redsegura)
Subject: AV Naming Convention

Standardization is the solution: If precise rules are established to name
viruses, then it is not even necessary that AV companies meet to decide on
the name for every new virus.

The problem here is the way viruses have been getting classified through the
years, which leads to a "would-be-taxonomy" that reflects more economic and
marketing interests than a "scientifically-driven" classification effort.

A clear example is the use of "malware" as an accepted term encompassing
viruses, worms, adware, spyware, etc.
Malware stands for "malicious software".  Can you categorically affirm that
all viruses,  worms and the like are made with a "malicious intention"?  You
cannot!  But "Malware" is a term that sounds great to scare people and
that's good for marketing purposes.

So, what alternative could be used to describe what is known today as
"malware"?
What all these "entities" share is that they get to their destination
without the user's consent.  So, regardless of the intention at their
origin, they all are "intruders".  Why not call them, for example,
"intrudeware"?

Another example is the one of  Trojan horses.  How come some AV companies
abbreviate Trojan Horses as "Trojans"?
It is clear that if we are to follow this Trojan-Greek story, Trojans were
the victims of the Trojan Horse, therefore "Trojan" would refer to infected
software or equipment.

What is clear here is that, contrary to the biological virus taxonomy, which
follows rigorous scientific methods, computer virus classification (I dare
not call it "taxonomy"...) as we have it today is far from being
"scientific", and will continue so,  as long as economic interest prevails
on scientific interest.


Regards,


I?igo Koch
Red Segura



Powered by blists - more mailing lists