| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun Dec 11 11:48:25 2005 From: Thierry at Zoller.lu (Thierry Zoller) Subject: McAfee VirusScan vs Metasploit Framework v2.x Dear sk GroundZero, sG> well but you dont see the developer side of this. sG> the big companies can "buy their way out of the sG> signature file", that means that their application sG> wont be included as "potential unwanted software". You mix the parameters here, you are refering to CLARIA and Microsoft. Claria never developed "hacking" related tools but adware. I never saw this reported otherwehere ? (imho) sG> but for small companies and freeware developers, sG> this is a big loss, since if a AV vendors mark their sG> software as malware, noone will download it sG> anymore or even send complain mails and its hard sG> for a little company or a single programmer to do sG> much about this. Like I said I know the developer side of this becuase one of my tools was flagged. I choose to write a sentence above the download link about it, that cut 98% of the complaint mails. sG> for a small company that sG> is selling shareware this could mean loss of money. Tell me, I am/was doing trialware. sG> sure an AV vendor wont care if some little company sG> goes out of business. i remember this one tool called sG> pest remover or something ..it simply removes anything sG> that could possibly harm. It still exists : "Pest Patrol". Companies bought it explicitely _because_ it reported _everything_. On some critical LANS not even netcat should be installed. That's where these programs come in and fill the gap. Yes on the business side there was a gap the common AV solutions reported _not enough_ for certain environments, AV vendors saw this and partielly closed the gap. sG> but their selection is very stupid sG> as even a C programming text (!) will be removed sG> and various portscanners or other administrative tools. IMHO : Yes and no. Again in _some_ highly critical enviroment there should never be source code lying around on workstation which opens sockets or similar. It's hard to see but there IS actually a rising demand for these scanners that tag everything. sG> anyhow the most redicilous malware sG> removing tool i ever saw! I agreed years ago, now I disagree. -- http://secdev.zoller.lu Thierry Zoller Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7
Powered by blists - more mailing lists