RE: [Full-Disclosure] AV Naming Convention
From: Frank Knobbe (frank_at_knobbe.us)
To: "Randal, Phil" <firstname.lastname@example.org> Date: Tue, 10 Aug 2004 11:40:20 -0500
On Tue, 2004-08-10 at 10:06, Randal, Phil wrote:
> [...] I for one would rather all the antivirus
> vendors came up with their own names if it meant that
> detection/disinfection patterns came out hour earlier.
And the reason the name of the virus can not be changed after said hour
is what exactly? Agreeing on a name does not mean that they have to
delay release of signatures.
Perhaps new sigs can be released with candidate names, but then shortly
thereafter changed to an agreed upon, standardized name.
"...in other news, the new virus which the industry now calls
NewSucker-1, caused havoc amongst those that...."
Contrast that to:
"...in other new, the new virus which the industry calls NewSuck-A or
SuckThis-1, which is also known by the name of SuckTrojan.95 or
Underloader-13, caused havoc amongst those that..."
But you're right, the response time should not be compromised. I still
believe that agreeing on a single name after the initial releases is not
just possible, but would benefit all involved.
Full-Disclosure - We believe in it.
- application/pgp-signature attachment: This is a digitally signed message part