Re: standards status in the industry - opinion?

[Matthew Murphy <mattmurphy () kc rr com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Gadi Evron wrote:
> Well, about the AV I tend to disagree. I believe the AV simply isn't
> adequate to deal with these sort of threats anymore.

I agree 100%.  Purely signature-based scanning that proved able to
detect all the WMF exploits out there would produce scores of FPs.  It's
yet another example of why sig scanning is broken.

When I said we were setting our standards too low on AV, I didn't mean
that I wanted the AVers to just produce better sigs.  Better technology
is one of the things AV needs as well.  We've set our standards *FAR*
too low there, and are still allowing AVers to ram this terrible,
decades-old technology down our throats.

- --
"Social Darwinism: Try to make something idiot-proof,
nature will provide you with a better idiot."

                                -- Michael Holstein

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)

iD8DBQFDwD6Ufp4vUrVETTgRA78TAJ9brY/1+dWw6ujmIY2L+RKAv2p+cACZAUU+
MZoBCHeDiIUZPQLyh3EZGBU=
=qvoI
-----END PGP SIGNATURE-----

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.