RE: AV Naming Convention

["Todd Towles" <toddtowles () brookshires com>]

How would a name stop an AV company from protecting its customers? A name is
only a name. AV companies should do their job and stop viruses. But do we
really care what they are called in the first couple of hours, no? I am
trying to encourage sharing of some information between AV companies to
better protect the public.

I really don't care what they name them as long as they stop them. But the
idea would be nice. If each company is going to have names for stuff..they
can just use long strings of numbers. Would it really matter what one
company names a virus in the first couple of hours?

Maybe it will never happen because of money and the desire to be the first
to discover it. But all the corporations of the whole have to deal with
multiple AV engines, confusing names and variants. 

Maybe the idea wouldn't work, but to just throw it off without thinking
about change is sad.

-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of Randal, Phil
Sent: Tuesday, August 10, 2004 10:07 AM
To: full-disclosure () netsys com
Subject: RE: [Full-disclosure] AV Naming Convention

> I have to agree with Todd, the naming convention is now right 
> useless for the normal population and make keeping up with 
> viruses on a corporate level that much harder. AV companies 
> are always trying to beat the other company and this leads to 
> very little information sharing between the companies on new 
> viruses, etc.
>
> Maybe a foundation should be created. This foundation could 
> give a seal of approval to all AV corporations that join in. 
> We are starting to make rules for patch management over at 
> patchmanagment.org. Why couldn't a group work with AV names 
> and the first company that finds and IDs it correctly gets to 
> name it in the foundation. Just a dream, I would guess.

This completely misses the point.  When a new virus is discovered, it is
essential that there is a RAPID response to the threat.  The idead of
handing the critter over to a committee to decide it's name is, quite
frankly, plain bonkers.  I for one would rather all the antivirus
vendors came up with their own names if it meant that
detection/disinfection patterns came out hour earlier.

Cheers,

Phil

----
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html