Re: Anti-Virus Testing and Consumer Reports

["Fergie" <fergdawg () netzero net>]

But of course they already know, etc.

It's an issue of the (different) stipulation(s) to its use, etc.
that is the big change -- at least, that is my understanding.

Of course, I'll allow eithe Vix or Dave to comment on it,
since they rae the ones that presented the idea at Defcon.

- ferg



-- Drsolly <drsollyp () drsolly com> wrote:

On Wed, 30 Aug 2006, Fergie wrote:

> Kudos, once again, to Brian Krebs (The Washington Post) for a
> very thoughful article on this topic.
http://blog.washingtonpost.com/securityfix/2006/08/antivirus_testing_and_consumer_1.html

"The most innovative idea I've seen so far came in a presentation from
Paul Vixie and David Dagon at the DefCon hacker conference in Las Vegas
this year. Vixie and Dagon proposed creating a massive malware repository
to which all of the anti-virus vendors would automatically submit new
samples. It remains to be seen whether the industry considers this a
worthwhile endeavor -- and if so, whether it can set aside its notions of
competitive advantage to invest any energy or resources in the idea."

I'm really surprised that neither Paul nor David knew that this repository 
already exists, and is shared by the AV vendors, on a vetted basis.


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.