Re: ? - I don't know where to send this one, so I'm sending i t here...

[Blue Boar <BlueBoar () thievco com>]

Drsolly wrote:
> Certainly when I was in the AV field, a signature-based scanner was the 
> most cost-effective way of using a bunch of computers in a world that 
> included viruses. That was true, because it took months, even years, for 
> malware to spread. 

Also don't forget that it's very important to identify things 
specifcally, by name.  So signatures aren't going away anytime soon, I 
imagine.

I wouldn't want my AV software to (just) say "Hey, we found something 
bad.  We stopped it.  Probably.  Here's the file if you want a look." 
And then I spend 8 hours analyzing just another Bagle.  As an end-user, 
I mean.  Not as an AV employee.  You guys still have to analyze just 
another Bagle for me. ;)

                                                BB
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.