funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: standards status in the industry - opinion?

From: Gadi Evron <ge () linuxbox org>
Date: Sun, 08 Jan 2006 00:25:13 +0200
I agree 100%.  Purely signature-based scanning that proved able to
detect all the WMF exploits out there would produce scores of FPs.  It's
yet another example of why sig scanning is broken.

When I said we were setting our standards too low on AV, I didn't mean
that I wanted the AVers to just produce better sigs.  Better technology
is one of the things AV needs as well.  We've set our standards *FAR*
too low there, and are still allowing AVers to ram this terrible,
decades-old technology down our throats.


I disagree on a part of what you say.

If AV-ers could make better detection, they would. They are no slackers.
The fact that the marketing part of the business keeps sticking that same solution down our throats is indeed the truth, and it is no longer adequate and research should proceed in other fields as well. 

Our industry likes old and stable though. It fits well in budget requests.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: