RE: [Full-Disclosure] (no subject)

From: Todd Towles (toddtowles_at_brookshires.com)
Date: 08/13/04

  • Next message: Jonathan Rickman: "RE: [Full-Disclosure] lame bitching about xpsp2"
    To: "Harlan Carvey" <keydet89@yahoo.com>, <full-disclosure@netsys.com>
    Date: Fri, 13 Aug 2004 11:53:24 -0500
    
    

    How is naming a virus with @mm or a W32 in the front slow the process
    down? Naming has nothing to do with AV venders making money IMO. If it
    does, McAfee should change its name to Norton before tries to buy it
    out. =)

    -----Original Message-----
    From: full-disclosure-admin@lists.netsys.com
    [mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of Harlan
    Carvey
    Sent: Friday, August 13, 2004 9:40 AM
    To: full-disclosure@netsys.com
    Cc: Barry Fitzgerald
    Subject: Re: [Full-Disclosure] (no subject)

    Barry,

    > I think the whole AV naming issue is, though problematic, the least of

    > our problems. I think you hit the nail on the head here, Harlan.

    One other thing I'd like to throw into the mix. This whole discussion
    is being viewed, it seems to me from the wrong perspective. The
    attitude that the entire A/V industry should have a common naming
    convention seems to be coming from the open source camp...while A/V
    companies aren't necessarily open source.
    Companies in general are about making money, and you do that through
    establishing and maintaining competitive advantages. Expending
    resources (ie, people, money, time, etc) on an endeavor to establish and
    maintain a common naming scheme is an expenditure that has very little
    (if any) ROI...it can't be justified to investors.

    How are A/V companies competitive? They identify and analyze malware,
    and update their products. Doing it faster and better than the next guy
    is the key.
    Slowing that process down to coordinate with other companies dissolves
    the advantage. Let's say I discover a piece of malware, and call a
    round table meeting...only to find out that none of the other members
    have discovered the malware yet. My advantage goes bye-bye.

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Jonathan Rickman: "RE: [Full-Disclosure] lame bitching about xpsp2"

    Relevant Pages

    • Re: AW: [Full-Disclosure] Asynchronous, industry-wide virus naming scheme proposed
      ... correct detection and anming is possible from anywhere that suitable ... tend to develop slowly relative to malware outbreaks and prudent ... skippers will set courses around apparently deepening storm systems). ... malware familially all mitigate severely against adopting the naming ...
      (Full-Disclosure)
    • Re: [Full-Disclosure] MSBLASTER - aka LOVESAN/POZA ?
      ... >> frequently with malware. ... To see one of the differences between CAN/CVE and malware naming, ... attitude in general the AV industry has to naming, ... what all the other developers are calling it. ...
      (Full-Disclosure)
    • Re: Common Malware Enumeration Initiative Now Available
      ... collective experience of CME participants to determine when a malware ... "CME is not an attempt to solve the challenges involved with naming ... > also very simple to implement and this is truly something that's infinite. ...
      (microsoft.public.security.virus)
    • Re: Common Malware Enumeration Initiative Now Available
      ... collective experience of CME participants to determine when a malware ... "CME is not an attempt to solve the challenges involved with naming ... > also very simple to implement and this is truly something that's infinite. ...
      (alt.computer.security)
    • Re: [Full-Disclosure] (no subject)
      ... Harlan Carvey wrote: ... >Forget the whole naming thing...it's been bandied ... accountable for following the standard and/or listening to the standard ... I can see forums for each malware branch/variant. ...
      (Full-Disclosure)