Re: [Full-Disclosure] A suggestion to all AV vendors...

• Previous message: Heikki Toivonen: "Re: [Full-Disclosure] [Advisory] Mozilla Products Remote Crash Vulnerability"
• In reply to: Valdis.Kletnieks_at_vt.edu: "Re: [Full-Disclosure] A suggestion to all AV vendors..."
• Next in thread: Todd Towles: "RE: [Full-Disclosure] A suggestion to all AV vendors..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: full-disclosure@lists.netsys.com
Date: Tue, 07 Dec 2004 11:29:35 -0600

Couldn't agree more, their concern isn't security, but
survival of the business model.
By providing a what you proposed would be a threat to their
profitable model as so
eloquently pointed out by Valdis and many others time and
time again.

-cm

Valdis.Kletnieks@vt.edu wrote:
> On Mon, 06 Dec 2004 19:29:26 PST, bipin gautam said:
>
>
>> A simple yet effective solution would be, for AV
>>vendors to (say) add the vulnerable system dll's,
>>execudables etc... in a threat list (Refering to
>>Microsoft's KB or something similar) And after
>>completing the virus scan, suggest the users to
>>download proper patches accordingly to threat level
>>and directing the end users towards proper link to do
>>so?
>
>
> Simple, effective, and Won't Happen In Our Lifetime.
>
> Remember - we're talking about a multi-billion dollar market segment
> devoted to fixing shortcomings in another company's software. And said
> segment doesn't want to kill the goose that laid the golden eggs.
>
> Repeat after me: Most A/V vendors don't actually give a squat about
> your security. They are there to sell you products and improve their
> bottom line, not yours. They don't care about your bottom line as long
> as your bottom line can still pay their invoices.
>
> The A/V vendors have known for several years now exactly how not to
> send "a virus was cleaned from your email by ShinyAV" spam, but they keep
> doing it anyhow, just to get brainshare for ShinyAV. What business case
> is there for them to give you a pointer to vendor patches that will close
> some of the holes that let the malware in?
>
> (Also, keep in mind that if they don't point you at IE fixes, then when
> you get 0wned by an IE hole, they can just say "Hey, that's not a virus,
> that's an IE hole, Not Our Problem"...)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

• Previous message: Heikki Toivonen: "Re: [Full-Disclosure] [Advisory] Mozilla Products Remote Crash Vulnerability"
• In reply to: Valdis.Kletnieks_at_vt.edu: "Re: [Full-Disclosure] A suggestion to all AV vendors..."
• Next in thread: Todd Towles: "RE: [Full-Disclosure] A suggestion to all AV vendors..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]