lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <411E64A8.25281.14442A6@localhost>
From: nick at virus-l.demon.co.uk (Nick FitzGerald)
Subject: (no subject)

Brad Griffin wrote:

<<big snip>>
> I can't understand how the Google research is a problem with naming
> conventions. Google for a virus name and multiple hits come up, mostly
> for descriptions on a/v sites that also carry the alias names in most
> cases.  

The "problem" with such "Google research" (or with using VGrep) is that 
it is too much "after the event".

As I keep saying, and as admins everywhere keep agreeing with me, the 
biggest part of the naming inconsistency problem occurs in the first 
few hours of an outbreak (or suspected outbreak) event.  Neither Google 
nor VGrep can help you then...

Some AV developers have taken more care to list the names they know 
their competitors are using by the time they post a web description of 
a new virus, and some make the effort to update that list for the hours 
or days following an outbreak, at least for "high interest" viruses but 
that is only a partial solution to the problem.


-- 
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ