Dailydave mailing list archives

Re: The Anti-Virus/IDS fantasy world

From: Kradorex Xeron <admin () digibase ca>
Date: Sat, 9 Jun 2007 14:39:04 -0400

On Saturday 09 June 2007 13:52, Dave Aitel wrote:

The weblog snippet below shows the attitude I love about the anti-virus and
IDS companies. The "I'm better than you both technically and morally"
fantasy they live in is quite amazing. It's like when people derisively say
"script kiddie" and 100% of the time they mean "someone who's way better at
security than I'll ever be". The reality is that writing malware is
incredibly hard, and the people who do it are amazingly talented.


Agreed. Said companies are only interested in marketting and selling their 
products and will do anything they can to make what they want a reality.

That's why security companies often like causing FUD among those who aren't as 
in-tune to security as most of us on this list are, to cause people to run 
out to buy their products with little to no question.

Furthermore, said companies never act in collective unison with eachother to 
fight malware, but rather they are disjointed, doing their own thing thus 
there are time gaps between each other as well as malware some detect, while 
others do not. Thus no antimalware being perfect and detecting everything 
known, because those companies are too busy and too proud acting superior to 
eachother to work collectively.

As I've posted elsewhere before, large-scale security companies are too busy 
developing on the interface, making their software large and bloated instead 
of what it should be: streamlined and resource-efficient.

My appologies on ranting, just whenever I see security companies acting 
stupidly like this it brings me back to what I've stated above, so I leave 
one question:

If security companies are supposed to be so smart. Why aren't they many steps 
ahead of the malware authors?

http://www.sophos.com/security/blog/2007/05/120.html

"""

The fact is, whatever the motivation, writing malware is not 'clever', on
the whole it's not even particularly difficult. Although this particular
author seems to have trouble because the sample we received didn't work.

It takes a lot more skill to identify and remove malware, but in this case,
even that wasn't difficult. So my message to the author is, don't bother,
get a real job, but don't bother applying to join SophosLabs. In fact
judging by the poor quality of what was submitted, I would recommend a
completely different career.

Update 4th June - If anyone other than malware authors want to join
SophosLabs, we're
recruiting<http://www.sophos.com/companyinfo/careers/uk/822857832455.html>

Mark Harris - Director of SophosLabs
"""


-dave

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

The Anti-Virus/IDS fantasy world Dave Aitel (Jun 09)
- Re: The Anti-Virus/IDS fantasy world Kradorex Xeron (Jun 15)
- Re: The Anti-Virus/IDS fantasy world toby (Jun 15)
  - Re: The Anti-Virus/IDS fantasy world Nathan Landon (Jun 16)
  - Re: The Anti-Virus/IDS fantasy world Paul Melson (Jun 16)
    - Re: The Anti-Virus/IDS fantasy world val smith (Jun 19)
- <Possible follow-ups>
- The Anti-Virus/IDS fantasy world No Body (Jun 15)
  - Re: The Anti-Virus/IDS fantasy world El Nahual (Jun 16)