lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
From: toddtowles at brookshires.com (Todd Towles)
Subject: (no subject)

How is naming a virus with @mm or a W32 in the front slow the process
down? Naming has nothing to do with AV venders making money IMO. If it
does, McAfee should change its name to Norton before tries to buy it
out. =) 

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Harlan
Carvey
Sent: Friday, August 13, 2004 9:40 AM
To: full-disclosure@...sys.com
Cc: Barry Fitzgerald
Subject: Re: [Full-Disclosure] (no subject)

Barry,

> I think the whole AV naming issue is, though problematic, the least of

> our problems.  I think you hit the nail on the head here, Harlan.

One other thing I'd like to throw into the mix.  This whole discussion
is being viewed, it seems to me from the wrong perspective.  The
attitude that the entire A/V industry should have a common naming
convention seems to be coming from the open source camp...while A/V
companies aren't necessarily open source. 
Companies in general are about making money, and you do that through
establishing and maintaining competitive advantages.  Expending
resources (ie, people, money, time, etc) on an endeavor to establish and
maintain a common naming scheme is an expenditure that has very little
(if any) ROI...it can't be justified to investors.

How are A/V companies competitive?  They identify and analyze malware,
and update their products.  Doing it faster and better than the next guy
is the key. 
Slowing that process down to coordinate with other companies dissolves
the advantage.  Let's say I discover a piece of malware, and call a
round table meeting...only to find out that none of the other members
have discovered the malware yet.  My advantage goes bye-bye.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ