Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: New worm?

From: dim () XS4ALL NL (Dimitry Andric)
Date: Fri, 12 May 2000 15:24:00 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2000-05-11 at 10:57 Dan Schrader wrote:


A number of ISPs (US West, Sprint, British Telecom to name a few)
are now offering virus scanning as a value added service.  This
allows them to differentiate themselves and generate added revenues.
Users seem to like the feature.


I can understand that users like to feel safe and cosy, and are ready
to pay for it, but how can you offer any guarantee that these users
will not be affected by the latest permutation of, say, LoveLetter.*
?  It is impossible to detect new viruses which are not yet in your
database, and heuristics will of course only work to a limited
extent.

So if you offer a guarantee, then you might be sued by users who
become infected even after using your scanning service. On the other
hand, if you don't offer any guarantee, what is your scanner service
worth then? To me, it would then seem of no use at all, except for
draining customer's pockets.

Cheers,
- --
Dimitry Andric <dim () xs4all nl>
PGP key: http://www.xs4all.nl/~dim/dim.asc
KeyID: 4096/1024-0x2E2096A3
Fingerprint: 7AB4 62D2 CE35 FC6D 4239 4FCD B05E A30A 2E20 96A3

-----BEGIN PGP SIGNATURE-----
Version: Encrypted with PGP Plugin for Calypso
Comment: http://www.gn.apc.org/duncan/stoa_cover.htm

iQA/AwUBORv30rBeowouIJajEQIyYQCg1QIMWGlzOQPxi4yngG1tKGzmxIMAoNgf
bjvEi0P6HCb/MJRvmyloLTgf
=Ai3b
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: