lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.53.0408130451380.7273@test1900.meganameservers.com>
From: todd at hostopia.com (Todd Burroughs)
Subject: (no subject)

> I can easily understand how someone unversed in the _market forces_
> pertaining to antivirus software could hold that position, and as a
> theoretical solution to the problem of lack of cross-vendor naming
> coordination it has often been suggested even by though who know it
> would never work in the real world.
>
> Neat and tidy as such a solution seems, it will not, however, work.  As
> I explained in other of my posts in this and the related "AV Naming
> Convention" thread, in general by far the largest "cost" of naming
> disagreement is borne by the users in the early hours of large-scale
> outbreaks.  Thus, a "solution" that specifically _requires_ all vendors
> to use a different name until a name is agreed (no matter what this
> process it will take some _additional_ time) is, by design, an _anti-
> solution_ as such a "solution", by design, ensures perfect naming
> inconsistency at the time the highest cost of naming inconsistency is
> borne.

Vendors should not "have to" use a different name until the "real"
one is detrermined, they should use whatever they want to.

You know what, I don't work in the "anti-virus" field, but what you are
saying is BS.  There is no good reason that I can think of that the AV
companies cannot rename these things after the fact.  When an outbreak
happens, they provide a fix and name it whatever they want.  After the
fact, they could rename things and their updates reflect the "proper"
name.  They can keep a reference to their name in the description, what's
a few more characters in the signature files for every piece of malware
going to matter? another 100k in a download at most?  I agree that there
is probably a lot of marketing pressure that may make this difficult,
but there is no technical reason for it.

The AV companies cannot be that lame that they cannot handle a simple
name change.  I mean we use databases and other things and using these
"computers" that should make this easy.  If thay are that lame, maybe
they shouldn't be in busines.

It's up to people like us that read lists like this to make them fix
this silly problem, or we can ignore it.  It doesn't affect me much,
it just seems silly that they cannot name things consistently.

> Secondly, one of the greatest impediments to ongoing (as opposed to
> initial, outbreak-phase) naming inconsistency is that many vendors do
> not have internal processes robust enough to easily handle renaming

This is a lame excuse at best, maybe these companies need to redesign
themselves, this should not be a big problem.

> (And please, before replying to this message, please, please, please,
> please, please read _all_ the rest of thread -- as the only person
> making a significant contribution who has more than half a clue about
> how all this stuff works, what may be technically feasible, and what a
> great deal of customer and industry history suggests may be acceptable,
> answering the same misconceptions over and over is getting tiresome...)

We'll be sure to bow down to you...

Todd


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ