funsec mailing list archives
Re: ? - I don't know where to send this one, so I'm sending i t here...
From: Gregory Hicks <ghicks () cadence com>
Date: Wed, 2 Nov 2005 14:09:42 -0800 (PST)
To: nick () virus-l demon co uk Subject: Re: [funsec] ? - I don't know where to send this one, so I'm sending
i t here...
From: Valdis.Kletnieks () vt edu Date: Wed, 02 Nov 2005 16:53:17 -0500 Cc: funsec () linuxbox org On Thu, 03 Nov 2005 10:40:34 +1300, Nick FitzGerald said:Why are our "protection" systems based on the obviously absurd notion that it is somehow more useful/efficient/whatever to detect more known bad stuff (which is a form of default allow) than simply to detect and allow only the known good stuff (default deny)?Because Willy Wonka never *did* figure out how to sell somebody a second Ever-Lasting Gobstopper.
Because many, many years ago, a certain PC-Magazine decided that it was better for the software vendors to have many, many "signatures" of viruses rather than identifying the "rogue" software. And, at that time, there was one vendor that DID identify the "bad" software (viruses). Unfortunately, that vendor never got good grades in this particular Pc-Magazine's virus "surveys" BECAUSE they didn't have a lot of "signatures". They just had good software that worked BECAUSE it identified the bad software... But, no sigs, no good grades - so no-one bought their antivirus software... Regards, Gregory Hicks ------------------------------------------------------------------- Gregory Hicks | Principal Systems Engineer Cadence Design Systems 555 River Oaks Pkwy San Jose, CA 95134 I am perfectly capable of learning from my mistakes. I will surely learn a great deal today. "A democracy is a sheep and two wolves deciding on what to have for lunch. Freedom is a well armed sheep contesting the results of the decision." - Benjamin Franklin "The best we can hope for concerning the people at large is that they be properly armed." --Alexander Hamilton _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: ? - I don't know where to send this one, so I'm sending i t here... Gregory Hicks (Nov 02)
- RE: ? - I don't know where to send this one, so I'm sending i t here... Larry Seltzer (Nov 02)