The AV.

[Gadi Evron <ge () linuxbox org>]

Drsolly wrote:
> In an ordinary collection of business computers (which means they're
> mostly running Windows), do you think that AV is some sort of luxury 
> extra?

I'd go as far as, on the user and engine side: it serves an important 
purpose, using a technology that was good at the floppy disk days. It 
still vastly uses the same technology and relies on the Internet mostly 
for nothing save updating.

It's slow, it's old, it's reactive, it's out.

It's good for detecting and controlling old threats and cleaning up 
relatively old threats. I believe it will always be good and even 
important for that.

Trying to fit it in a new box every few years doesn't work, and the 
industry itself is so stagnant it finds out about what I call "pop" 
Trojan horses and then spyware years after-the-fact.

So, you think packaging it with a new cool exterior every year or so, 
and a couple of nifty marketing features is going to do it?

This is not to say the AV isn't part of the solution or even an 
important part - I strongly believe in that, or to say most AV-ers 
aren't great guys - most of them are amazing. It just comes to say that 
the industry is inhibiting progress by sticking to it and sticking it to us.

        Gadi.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.