Re: Show me the Virrii!

[Harry Hoffman <hhoffman () ip-solutions net>]

Hi,


Quoting Valdis.Kletnieks () vt edu:

I'm not sure that not protecting against known threats is a good idea. The
willingness to accept a "0-day" is limited by the necessity of Internet usage,
which (usually today) is a nesessity.
Not to protect against known virii would be negligent and lazy which is why most
modern OS's provide these "fixes" as patches to eventually become part of the
main OS.


Cheers,
Harry


*> Why?
*> 
*> Think it through - the Big Boys may have 6,000 patterns in their database,
*> but
*> let's face it, after the first few dozen, it's just penis-extender time.
*> 
*> Remember we're hopefully trying to *manage risk*.  And let's be honest with
*> ourselves here - which is more likely to show up at the virus scanner, a
*> copy
*> of Michelangelo, or a new Klez/Sobig/Gibe variant that neither you nor the
*> Big
*> Boys have a pattern for because it only came out 4 hours ago?
*> 
*> But you're perfectly willing to accept the risk of a 0-day that you don't
*> have
*> a pattern for, so why should you be unwilling to accept the risk of
*> something
*> even less likely?
*> 


-- 
Harry Hoffman
hhoffman () ip-solutions net

#----------------------------------------------------------------#
# Harry: version 4.0a                                            #
# Known bugs:                                                    #
# 1) Verbal output may occur before data processing is complete. #
# 2) Loudspeaker option may activate without being invoked.      #
# 3) Other bugs as reported                                      #
#----------------------------------------------------------------#

-------------------------------------------------
This mail sent through IpSolutions: http://www.ip-solutions.net/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html