| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: tcleary2 at csc.com.au (tcleary2@....com.au) Subject: AV Naming Convention Frank Knobbe said: >says "We got a new one! Can't give details of course since you are a >competitor. But if you find the same thing in your research, let's call >it Humptydumpty-2." >Whoever finds the virus first has first choice on the name. No sharing >of information required, just agreement on a name. How hard can it be? All we need is the AV guys to agree to use some external standard, and who CARES what it is so long as we can agree it's universal? Under outbreak conditions, ambulance chasing, keeping secrets and failure to co-operate do not win friends. Look at other solutions to the same problem - naming hurricanes? Personally, I could care less whether is called nebiwo or fred as long as when I phone someone to discuss the latest and greatest I can use one word instead of having to spend five minutes making sure we're talking about the same bit of malware. Even if we bother to go to the extent of formalising classification ( and yes, I did study zoology and microbiology for a while so I know such systems exist and underpin the disciplines... ) whatever scheme is eventually adopted we need immediate, clear shorthand too. Figuring out that Fred and Ginger are in fact variants is not the issue when you're attempting to prevent mass failures and the guy on the other line is saying "Do you mean MyDoom.AAHTDRFSWQT or Beagle.QSWPROTU?" But us voices in the wilderness don't maximise shareholder value, right? Regards, tom. ---------------------------------------------------------------------------------------- Tom Cleary - Security Architect CSC Perth "In IT, acceptable solutions depend upon humans - Computers don't negotiate." ---------------------------------------------------------------------------------------- This is a PRIVATE message. If you are not the intended recipient, please delete without copying and kindly advise us by e-mail of the mistake in delivery. NOTE: Regardless of content, this e-mail shall not operate to bind CSC to any order or other contract unless pursuant to explicit written agreement or government initiative expressly permitting the use of e-mail for such purpose. ---------------------------------------------------------------------------------------- -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040811/d1a8fbd7/attachment.html
Powered by blists - more mailing lists