Re: The wildlist

[Bruce Ediger <eballen1 () qwest net>]

Apparently from:
> http://www.eweek.com/c/a/Security/The-AntiMalware-Certification-Problem/
        ...
> In fact, insiders in the anti-virus industry, especially vendors, are
> widely derisive of the WildList, looking on it as an outdated burden on
> their development. The malware in it is outdated and not representative
> of the true threats facing users.

Wait, the "wild" list does not represent the true threats facing users
in the real wild?  Why not?  It's the "wild" list, right?

Given the amount of footdragging that led up to the "wildlist" shouldn't the
users get a replacement before it goes away?  I mean, really, the AV people
would have made more progress early on if they'd had something like the
"wildlist" wouldn't they?

Back in the days when boot-sector viruses like Brain were the main threat,
getting an idea of the geographic dispersion would have helped the AV folks to
decide what the methods of propagation were, right?  Local outbreaks might mean
sharing MS-DOS boot disks.  International simultaneous outbreaks might mean
"BBS" distribution, or someone typed in a virus from Burger's or Ludwig's
books.

Instead of stabbing each other in the back to make a buck, the AV companies
could have put together something that would have helped everyone, instead of
merely extracting money from the pockets of the most fearful and superstitious.

But I guess that wouldn't have been as much fun as telling people to "Practice
Safe Hex" or some other dumb catchphrase.  They should have told people to run
linux, or netbsd or OS-9 or NeXTStep.  That would have helped more than "Safe
Hex".

See the article "Virus vectors of infection" in:
http://www.phreak.com/archives/The_Collection/newsletr/virus/virus_l/1993/vlnl06.060

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.