| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 05 Aug 2008 20:25:29 -0400 From: Eric Paris <eparis@...hat.com> To: Greg KH <greg@...ah.com> Cc: Al Viro <viro@...IV.linux.org.uk>, "Press, Jonathan" <Jonathan.Press@...com>, Theodore Tso <tytso@....edu>, Arjan van de Ven <arjan@...radead.org>, linux-kernel@...r.kernel.org, malware-list@...ts.printk.net, linux-security-module@...r.kernel.org Subject: Re: [malware-list] [RFC 0/5] [TALPA] Intro toalinuxinterfaceforonaccess scanning On Tue, 2008-08-05 at 17:11 -0700, Greg KH wrote: > On Tue, Aug 05, 2008 at 07:48:52PM -0400, Eric Paris wrote: > > On Wed, 2008-08-06 at 00:37 +0100, Al Viro wrote: > > > On Tue, Aug 05, 2008 at 03:26:38PM -0700, Greg KH wrote: > > > > On Tue, Aug 05, 2008 at 06:12:34PM -0400, Press, Jonathan wrote: > > > > > Sorry for the top-post... but I give up. > > > > > > > > > > I don't think I'm stupid, but frankly I don't understand the point of > > > > > the questions being asked in the last three responses to my statement. > > > > > I don't know why they are relevant, and I don't know how to answer > > > > > them in a framework that we can all understand at the same time. > > > > > > Excuse me? One of those questions had been a very specific yes-or-no one > > > and I certainly hope that we all can understand either answer to such... > > > > > > For the record, the question is > > > > > > "Do you or do you not expect the malware to be active on scanning host?" > > > > I do believe for a number of AV vendors the answer is yes. I will try > > to have some offline conversations with the right people at a number of > > vendors and work to better define the threats that they wish to or > > believe they are able to help mitigate. > > This is troubling to me. Why "offline conversations"? Why are you > being forced to be the mediator here? Why will these companies not > contribute directly to the development of this code/model in public, > like all other major Linux kernel contributions? I'm going to be trying to get them to talk offline because obviously few people from the AV industry are stepping up online. I'm told we'll be hearing from Sophos tomorrow and hopefully they will have read all of today chatter and will form a coherent position. > Isn't this the point of the malware-list in the first place? Yes it is, hopefully if we can move parts of this conversation to malware list the AV vendors will feel a bit less like this is an us against them proposition and more like a collaborative effort. From my point of view I'd have to say that everyone has been refreshingly polite :) > For them to hide behind _anyone_ seems very suspect. I don't think its hiding, I'm attempting to bring these companies who just don't understand how to work in public after years of building walls along at a reasonable pace so noone feels they have to give up or that finding a real solution is an impossible task. -Eric -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists