funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: standards status in the industry - opinion?

From: Drsolly <drsollyp () drsolly com>
Date: Sun, 8 Jan 2006 00:29:25 +0000 (GMT)
On Sun, 8 Jan 2006, Florian Weimer wrote:


* Drsolly:


On Sun, 8 Jan 2006, Florian Weimer wrote:

How many anti-virus programs have got an ^MZ checkbox which is enabled
by default?


What do you mean by an "MZ checkbox"?

Why would anyone *not* scan executable files? So why would you want to 
give people an option to disable scanning those files?


Activating the checkbox would flag anything that is received over the
network, looks like an executable, and lacks a proper AuthentiCode
signature as malware.  (IIRC, Microsoft has promised to implement
something similar, but I haven't seen any warnings on Windows XP SP2
yet.)

Apart from PGP users, who sends .EXE files by email?

 
Ah, I see what you mean, I thought you were talking about what to 
scan. Yes, I've been advocating this (and I'm not sure that I'd trust 
Authenticode) for a while.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: