Re: standards status in the industry - opinion?

[Drsolly <drsollyp () drsolly com>]

On Sat, 7 Jan 2006, Gadi Evron wrote:

> > And, if I get the message you're trying to give us, let's not set our
> > standards low anywhere else, either.  I'd love to see more effective
> > heuristic patterning in IDS/AV as well.  That was one of the major
> > battles with this WMF exploit was dealing with signatures that:
> >
> > 1) were too reactive
> > 2) undercovered (sometimes, knowingly, to avoid FPs)
>
> Well, about the AV I tend to disagree. I believe the AV simply isn't 
> adequate to deal with these sort of threats anymore.

I don't know of an AV that I'd want to use on my systems. The 
signature-based idea that worked well 10 years ago, cannot be workable 
now.
 
> It's a good important part of the solution, it's just not THE solution.
 
Not all problems have a solution. Sometimes, you just learn to live with 
the problem. I think that's how many users deal with viruses today. "Oh, I 
seem to have gotten a virus again."

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.