funsec mailing list archives

Re: another VX site?

From: Drsolly <drsollyp () drsolly com>
Date: Sat, 7 Jan 2006 19:32:11 +0000 (GMT)

On Sat, 7 Jan 2006, Jeff Kell wrote:

Oliver Schneider wrote:

Instead of complaining about naming schemes of other vendors, all vendors
should just sit down together and find a common naming scheme *ASAP* - with
a *shared base* of names! Because this is were the users think that the
vendors are "wrong/silly/etc".

The problem there is the influence of AV business/politics.  There would 
be no way to have a "common naming authority" without simultaneously 
making all discoveries and claims common knowledge.  The "my AV is 
better than your AV" war would be somewhat emasculated when this becomes 
knowledge, and there is no race to the "my AV detected this first" prize.

Well, there is something to be said for competition in the 
implementation and deployment of such detections, but I don't see the 
for-profit AV vendors suddenly co-operating on a global scale.

 
That's true, you don't. But nevertheless, they do, and have done for 16 
years. Don't confuse the marketing folks, who make the marketing claims 
and all the noise, with the technical people, who actually have a rather 
good co-operation going, meet fairly frequently, and share malware 
specimens.

I even got a call once from a the techie who worked at a competitor. It 
was late, he was tired, he'd been given a deadline to do repair for a 
particular virus, and he couldn't work out how to do it. I'd already done 
that virus, so I told him how. 

A few years later, we were working for the same company.

So, don't confuse the marketing competition, with the technical people's 
cooperation. Go to any serious AV conference, and you'll find them all 
drinking and laughing in the bar together, and if you're really really 
lucky, look around the host hotel for a meeting room with a notice "closed 
for cleaning", and you'll find a major malware exchange and beer drinking 
session going on there.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Re: another VX site?, (continued)
- - - Re: another VX site? dudevanwinkle () gmail com (Jan 08)
    - Re: another VX site? Drsolly (Jan 09)
    - Re: another VX site? Valdis . Kletnieks (Jan 08)
    - Re: another VX site? Nick FitzGerald (Jan 07)
    - Re: another VX site? Drsolly (Jan 08)
    - Re: another VX site? Joe Jaroch (Tera Innovations, Inc.) (Jan 07)
    - Re: another VX site? Drsolly (Jan 07)
    - Re: Re[2]: another VX site? Nick FitzGerald (Jan 07)
    - Re: another VX site? Lionel Ferette (Jan 07)
    - Re: another VX site? Jeff Kell (Jan 07)
    - Re: another VX site? Drsolly (Jan 07)
    - Re: another VX site? Oliver Schneider (Jan 07)
    - Re: another VX site? Nick FitzGerald (Jan 07)
    - beer! [WAS: another VX site?] Gadi Evron (Jan 07)
    - Re: beer! [WAS: another VX site?] Nick FitzGerald (Jan 07)
    - Re: beer! [WAS: another VX site?] Drsolly (Jan 08)
    - Re: beer! [WAS: another VX site?] Nick FitzGerald (Jan 08)
    - Re: beer! [WAS: another VX site?] Drsolly (Jan 08)
    - Re: another VX site? Drsolly (Jan 08)
    - RE: another VX site? Nick FitzGerald (Jan 07)
    - RE: another VX site? Oliver Schneider (Jan 08)

(Thread continues...)