RE: [Full-Disclosure] Show me the Virrii!

From: VBuster (gszappanos_at_virusbuster.hu)
Date: 01/08/04

  • Next message: Jean-Marie MONNIER: "Re: [Full-Disclosure] ebay forgeries"
    To: <Valdis.Kletnieks@vt.edu>
    Date: Thu, 8 Jan 2004 09:10:13 +0100
    
    

    >"Research" isn't what you're doing when you're planning to figure out
    how to
    >stop the *next* new attack by studying the terabytes of examples of how
    that
    >idea didn't stop the attack last time.

    No actually research is finding generic signatures for larger virus/wom
    families, generic detection for virus/worm types, implementing emulated
    Win32/DOS environment within the virus scanner to analyse the behaviour
    of a program. Something like this. Not entirely useless. Recently posted
    a couple of links that investigate the efficiency of these methods. The
    results are still far from being assuring, but saying that these methods
    are useless is ignoring tha facts.

    >What you're doing there is milking a cash cow rather than finding a new
    way to
    >actually fix the problem right.

    Exactly. Like onvincing the people that writing and distributing viruses
    is a bad thing. But this smells like a flame.

    Regards,
    Gabor Szappanos

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Jean-Marie MONNIER: "Re: [Full-Disclosure] ebay forgeries"