Re: write viruses? it's controversy time of the month

[Drsolly <drsollyp () drsolly com>]

On Tue, 29 Aug 2006, Blue Boar wrote:

> Drsolly wrote:
> > Uh - no. That's not being a good guy. Being a good guy, means you deleted 
> > all copies of the virus.
>
> Speaking of which, do you want Consumer Reports to delete their 5500 
> "viruses", or do you want them to submit them to AV to see if they are 
> really viral?
 
You've put your finger on a key question. But it's actually *their*
resposibility to determine that they are actually viruses, no anyone
else's. My assumption (as I mentioned before) is they they quite probably
weren't (and that they didn't try to verify whether they were), and so my
assumption is that their review is a complete waste of paper.

What I want them to do, is analyse each of them to determine whether or 
not it is actually a virus, and write up their methodology for doing that 
analysis.

If they can't do that, then they should either admit that their review was 
based on "Files that we hope might be viruses", or else hire someone 
(actually, given the volume, a whole bunch of people) and pay them to do 
it for them.

Then, either they'll admit "Oops, X% weren't actually viruses, we withdraw 
the review", or else they'll explain what they did to determine that 100% 
were viruses, and then we can all look at their methodology, and commont 
on whether it was valid. 

If it wasn't valid, then we can suggest a bette methodology, and CR can 
re-analyse their 5,500 files.

If we're all happy with their methodology, then they can delete these 
5,500 files.

Either way, I see no reason why they should release their 5,500 
files-that-might-be-viruses, and lots of good reasons why they shouldn't.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.