funsec mailing list archives
Re: The wildlist
From: "David Harley" <david.a.harley () gmail com>
Date: Tue, 3 Jun 2008 11:03:54 +0100
In fact, insiders in the anti-virus industry, especiallyvendors, arewidely derisive of the WildList, looking on it as anoutdated burdenon their development.
This is misleading. There are certainly critics of the WildList, in and out of the AV industry, and not without reason, but the list is an AV research community project: most of the contributors are vendor-affiliated.
The malware in it is outdated
The WildList -is- always behind the curve (in the absence of the fabled realtime WL). So, putting it simplistically, do you want validated samples or do you want a realtime list?
and not representative of the true threats facing users.
Not really true. WL is representative of a -subset- of true threats.
Wait, the "wild" list does not represent the true threats facing users in the real wild? Why not? It's the "wild" list, right?
It's a list that maps to a collection of samples of malware found ItW. You really need to know what WLO means by in the wild, though: http://www.wildlist.org/faq.htm.
Given the amount of footdragging that led up to the "wildlist" shouldn't the users get a replacement before it goes away?
Don't know what you mean by footdragging. The list has been around since the early 90s, and for quite a few years was a fairly good representation of the threatscape. Who do you mean by the users, and where do you expect them to get a replacement?
I mean, really, the AV people would have made more progress early on if they'd had something like the "wildlist" wouldn't they?
I rather thought they did...
Instead of stabbing each other in the back to make a buck,
So we're stabbing each other in the back -and- conspiring to rook the end users?
the AV companies could have put together something that would have helped everyone, instead of merely extracting money from the pockets of the most fearful and superstitious.
I suppose it's too much to hope that just for once we could have a discussion that isn't based on the presumption that the industry is incompetent, corrupt and amoral? :-/
But I guess that wouldn't have been as much fun as telling people to "Practice Safe Hex" or some other dumb catchphrase.
There's nothing wrong with that catchphrase as long as you tell people what Safe Hex is. Of course, lots of people didn't, or defined it as something unhelpful or misleading. But they didn't necessarily have anything to do with the AV industry. D _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- The wildlist Alex Eckelberry (Jun 02)
- Re: The wildlist Bruce Ediger (Jun 02)
- Re: The wildlist Drsolly (Jun 02)
- Re: The wildlist coderman (Jun 02)
- Re: The wildlist Drsolly (Jun 03)
- Re: The wildlist David Harley (Jun 03)
- Re: The wildlist Drsolly (Jun 02)
- Re: The wildlist David Harley (Jun 03)
- Re: The wildlist Bruce Ediger (Jun 02)
- Re: The wildlist David Harley (Jun 03)