| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1095181438.538.42.camel@localhost> From: frank at knobbe.us (Frank Knobbe) Subject: AV companies better hire good lawyers soon. On Tue, 2004-09-14 at 08:14, Micheal Espinola Jr wrote: > [...] If your software is so important that you and > your user base cannot deal with possibly up-to a few days of > inconvenience due to a false-positive - then yes, you had better > coordinate with with that software vendor to make certain your > precious software is not one of them. [...] Alternatively, software manufacturers can add their applications into AV exclusion lists upon installation of their products. Applications already have to "register" with the operating systems. Why not make it register with the AV software if the software is prone to false positives? Or at least advice the end-user of such recommended manual step during installation. If the user trusts the application, and does not trust the AV software, he can override the AV checks for this software. If AV vendors present a lot of false positives, my guess is that the trust of the end user in those AV products will wane. So, it is in the best interest for the AV vendor to ensure low/no false positives. There is no need for software manufacturers to "register" their products with AV vendors. Cheers, Frank -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: This is a digitally signed message part Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040914/7e2676b4/attachment.bin
Powered by blists - more mailing lists