lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <058601cf93f3$4b303420$e1909c60$@thelair.com>
Date: Sun, 29 Jun 2014 19:38:55 -0400
From: "Exibar" <exibar@...lair.com>
To: <fulldisclosure@...lists.org>
Subject: [FD] AV scan on read vs write debate....

HI all!
    I see a war a-brewing in our Macintosh area, they're pushing for AV
scanning on Write only...  I'm pushing back, hard and winning so far....
They don't seem to get it no matter how much they say they understand the
dangers, they're still stuck in the world where "Mac viruses just don't
exist", and apparently they don't care if they have a Windows virus dormant
on their machines either.... they claim they have a huge performance
improvement with scan on read turned off...  It always comes back to
performance in their argument....

Does anyone have any white papers or any links or even any off the cuff
thoughts that I can bring to these folks that will help prove my point that
only having scan on write is a *very* bad idea and a huge security hole?

LOL... I'm almost secretly hoping that if they do get their way that a
"crypolocker" like virus hits one of them off of a USB stick and trashes all
their data on their precious little Mac.... I'll be first to tell them "I
told you so..."

Anyway, anything you folks have that you can send along would help fill my
ammo batteries with new ammo...

 Thanks!
  Exibar


_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ