lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040813144017.95306.qmail@web51506.mail.yahoo.com>
From: keydet89 at yahoo.com (Harlan Carvey)
Subject: (no subject)

Barry,

> I think the whole AV naming issue is, though
> problematic, the least of 
> our problems.  I think you hit the nail on the head
> here, Harlan.

One other thing I'd like to throw into the mix.  This
whole discussion is being viewed, it seems to me from
the wrong perspective.  The attitude that the entire
A/V industry should have a common naming convention
seems to be coming from the open source camp...while
A/V companies aren't necessarily open source. 
Companies in general are about making money, and you
do that through establishing and maintaining
competitive advantages.  Expending resources (ie,
people, money, time, etc) on an endeavor to establish
and maintain a common naming scheme is an expenditure
that has very little (if any) ROI...it can't be
justified to investors.

How are A/V companies competitive?  They identify and
analyze malware, and update their products.  Doing it
faster and better than the next guy is the key. 
Slowing that process down to coordinate with other
companies dissolves the advantage.  Let's say I
discover a piece of malware, and call a round table
meeting...only to find out that none of the other
members have discovered the malware yet.  My advantage
goes bye-bye.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ