funsec mailing list archives

Re: ? - I don't know where to send this one, so I'm sending i t here...

From: Gregory Hicks <ghicks () cadence com>
Date: Wed, 2 Nov 2005 14:09:42 -0800 (PST)

To: nick () virus-l demon co uk
Subject: Re: [funsec] ? - I don't know where to send this one, so I'm sending

i t here...

From: Valdis.Kletnieks () vt edu
Date: Wed, 02 Nov 2005 16:53:17 -0500
Cc: funsec () linuxbox org

On Thu, 03 Nov 2005 10:40:34 +1300, Nick FitzGerald said:

   Why are our "protection" systems based on the obviously absurd
   notion that it is somehow more useful/efficient/whatever to detect
   more known bad stuff (which is a form of default allow) than simply
   to detect and allow only the known good stuff (default deny)?


Because Willy Wonka never *did* figure out how to sell somebody a
second Ever-Lasting Gobstopper.


Because many, many years ago, a certain PC-Magazine decided that it was
better for the software vendors to have many, many "signatures" of
viruses rather than identifying the "rogue" software.  And, at that
time, there was one vendor that DID identify the "bad" software
(viruses).  Unfortunately, that vendor never got good grades in this
particular Pc-Magazine's virus "surveys" BECAUSE they didn't have a lot
of "signatures".  They just had good software that worked BECAUSE it
identified the bad software...  But, no sigs, no good grades - so
no-one bought their antivirus software...

Regards,
Gregory Hicks

-------------------------------------------------------------------
Gregory Hicks                        | Principal Systems Engineer
Cadence Design Systems 
555 River Oaks Pkwy
San Jose, CA 95134

I am perfectly capable of learning from my mistakes.  I will surely
learn a great deal today.

"A democracy is a sheep and two wolves deciding on what to have for
lunch.  Freedom is a well armed sheep contesting the results of the
decision." - Benjamin Franklin

"The best we can hope for concerning the people at large is that they
be properly armed." --Alexander Hamilton


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Re: ? - I don't know where to send this one, so I'm sending i t here... Gregory Hicks (Nov 02)
- RE: ? - I don't know where to send this one, so I'm sending i t here... Larry Seltzer (Nov 02)