funsec mailing list archives
Re: Consumer Reports Slammed for Creating 'Test' Viruses
From: Drsolly <drsollyp () drsolly com>
Date: Sun, 20 Aug 2006 00:40:28 +0100 (BST)
On Sat, 19 Aug 2006, Blue Boar wrote:
Peter Kosinar wrote:As Nick and I pointed out in our previous replies, it's -incredibly- easy to make the test meaningless from the technical point of view. Quick summary: Did they check each of those 5500 pieces of malware and actually verified that they work -and- that they perform their malicious activity?I don't mean to defend the Consumer Reports methodology in particular, I
What? You mean, they didn't publish their methodology? Then how can we possibly know if it's any good?
don't know anything about what they did. Yes, I would tend to assume the worst, which would be something like they used some outdated toolkits to generate 5500 files, only some of which actually run. Rather, I argue against the claim that writing new malware is never a valid test.
I suggest you specify a design that you think would work - then I can tell you why it won't. Note - writing 5,000 80's style viruses won't work, as explained in a previous email.
Actually, Ryan, assuming that by 80's-style file infector you mean an infector for MS-DOS-running machines of those days -and- using the techniques common in those days, I doubt it'll be undetected by all the AVs. Yes, it is possible to write such a thing (and it is not all that difficult) with current knowledge and ideas but if you really adhered to the virus-writing principles used then, the result will be quite likely to be detected.If I essentially copied some code or cobbled together something out examples of my copy of the Big Black Book of Computer Viruses, then yes. If i did my own study of the PE file format, etc..
There were no PE viruses in the 1980s. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- RE: Consumer Reports Slammed for Creating 'Test' Viruses Alex Eckelberry (Aug 19)
- RE: Consumer Reports Slammed for Creating 'Test' Viruses Drsolly (Aug 19)
- Re: Consumer Reports Slammed for Creating 'Test' Viruses Blue Boar (Aug 19)
- Re: Consumer Reports Slammed for Creating 'Test' Viruses Peter Kosinar (Aug 19)
- Re: Consumer Reports Slammed for Creating 'Test' Viruses Blue Boar (Aug 19)
- Re: Consumer Reports Slammed for Creating 'Test' Viruses Drsolly (Aug 19)
- Re: Consumer Reports Slammed for Creating 'Test' Viruses Drsolly (Aug 19)
- Re: Consumer Reports Slammed for Creating 'Test' Viruses Peter Kosinar (Aug 19)
- Re: Consumer Reports Slammed for Creating 'Test' Viruses Drsolly (Aug 20)
- Re: Consumer Reports Slammed for Creating 'Test' Viruses Blue Boar (Aug 19)
- RE: Consumer Reports Slammed for Creating 'Test' Viruses Drsolly (Aug 19)
- Re: Consumer Reports Slammed for Creating 'Test' Viruses Drsolly (Aug 19)
- Re: Consumer Reports Slammed for Creating 'Test' Viruses Blue Boar (Aug 19)
- Re: Consumer Reports Slammed for Creating 'Test' Viruses Drsolly (Aug 19)
- Re: Consumer Reports Slammed for Creating 'Test' Viruses Blue Boar (Aug 19)
- Re: Consumer Reports Slammed for Creating 'Test' Viruses Drsolly (Aug 20)
- RE: Consumer Reports Slammed for Creating 'Test' Viruses Drsolly (Aug 19)