RE: Consumer Reports Slammed for Creating 'Test' Viruses

[Blanchard_Michael () emc com]

None of their new viruses got out AFAIK, but it happens under the most
controlled circumstances.  In my eyes there is never a need to create new
viruses for testing purposes...

Michael P. Blanchard 
Antivirus / Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE
Office of Information Security & Risk Management 
EMC ² Corporation 
4400 Computer Dr. 
Westboro, MA 01580 


-----Original Message-----
From: Dude VanWinkle [mailto:dudevanwinkle () gmail com] 
Sent: Thursday, August 17, 2006 10:48 AM
To: Blanchard, Michael (InfoSec)
Cc: fergdawg () netzero net; funsec () linuxbox org
Subject: Re: [funsec] Consumer Reports Slammed for Creating 'Test' Viruses

On 8/17/06, Blanchard_Michael () emc com <Blanchard_Michael () emc com> wrote:
>  Great!  Just what we friggin need.... 5500 MORE virus variants....
"controlled lab environment" my shiney white ass....  Arrrggghhhh!!!


Am i missing something? Did the viruses get out in the wild?

Anyways, it seems like the way talked about on the sunbelt blog seemed
better:

Take an AV product that is 3 months out of date, then throw recently
discovered viruses at it.
>  WTF are they thinking?  I think they must have taken their stupid pills
that morning....
> Michael P. Blanchard
> Antivirus / Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE
> Office of Information Security & Risk Management
> EMC ² Corporation
> 4400 Computer Dr.
> Westboro, MA 01580
>
>
> -----Original Message-----
> From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On
Behalf Of Fergie
> Sent: Wednesday, August 16, 2006 5:08 PM
> To: funsec () linuxbox org
> Subject: [funsec] Consumer Reports Slammed for Creating 'Test' Viruses
>
> Via Techworld (UK).
>
> [snip]
>
> A consumer magazine has been condemned for possibly adding to the virus
> problem by creating a series of "test" viruses just to review
> anti-virus scanners.
>
> In an act that has long been considered technical taboo, US-based
> consumer affairs organisation, ConsumerReports.org, decided to generate
> 5,500 "test" viruses to run, under lab conditions, against 12 leading
> anti-virus software products.
>
> The organisation's own website describes the methodology used: "To pit
> the software against novel threats not identified on signature lists,
> we created 5,500 new virus variants derived from six categories of
> known viruses, the kind you'd most likely encounter in real life."
>
> The organisation said it had enlisted the help of Independent Security
> Evaluators (ISE), an external consultancy, to help design the tests and
> ensure they matched real-world conditions.
>
> [snip]
>
> More:
> http://www.techworld.com/news/index.cfm?NewsID=6658
>
> - ferg
>
>
> --
> "Fergie", a.k.a. Paul Ferguson
>  Engineering Architecture for the Internet
>  fergdawg(at)netzero.net
>  ferg's tech blog: http://fergdawg.blogspot.com/
>
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.