RE: Kaspersky strikes again

["Daniel H. Renner" <dan () losangelescomputerhelp com>]

Actually, to say they had only an hour of testing would not necessarily 
be true.

The individual def sigs are (to the best of my knowledge) developed and 
tested independently.  No telling how long they are actually tested 
unless you worked for that company...


Sincerely,

Daniel H. Renner
President
Los Angeles Computerhelp
A division of Computerhelp, Inc.
818-352-8700
http://losangelescomputerhelp.com



funsec-request () linuxbox org wrote:
> Date: Fri, 21 Dec 2007 23:28:40 +0000 (GMT)
> From: Drsolly <drsollyp () drsolly com>
> Subject: RE: [funsec] Kaspersky strikes again
> To: Larry Seltzer <Larry () larryseltzer com>
> Cc: funsec () linuxbox org
> Message-ID: <Pine.LNX.4.44.0712212325240.29048-100000 () ns2 drsolly com>
> Content-Type: TEXT/PLAIN; charset=US-ASCII
>
> On Fri, 21 Dec 2007, Larry Seltzer wrote:
>
> > Damn, I'm going to get a good column out of this. 
> >
> > Doc: What about gateway appliances? Is a signature system more
> > reasonable when you have a limited number of closed platforms?
>  
> You've misunderstood my concern.
>
> If you update your sigs hourly, then you have less than an hour to do all 
> the testing. It doesn't matter how many computers are running the new 
> version; they're all running something that has had less than an hour of 
> testing, and I don't really want to run something that has been tested for 
> less than an hour, on my systems.
>
> A month would probably be enough. A day would probably not be enough.
<snip>
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.