funsec mailing list archives
Re: No AV? Shock, horror!
From: Dan Kaminsky <dan () doxpara com>
Date: Tue, 29 Sep 2009 09:15:34 +0200
We would agree: http://countermeasures.trendmicro.eu/in-security-reputation-is-key/
I guess the real question is this: How large is the long tail of viruses? Suppose, if you will, that there are "hits" in the malware space -- individual pieces of malware that get spread all over. Suppose we grant that AV has a reasonably good chance of catching the hits. Suppose also that there's some infection rate, below which a particular attack vector or payload will not have a signature generated for it because nobody will find it. Infections by these rare payloads would constitute a sort of "long tail" of malware -- too rare for a signature, but in aggregate, possibly common enough to represent a significant number of infections. But how common? I mean, we know the long tail doesn't work exactly as promised in the media space. We also know there's a lot of infected boxes out there running AV. It'd be really interesting if we had data around this question. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: No AV? Shock, horror!, (continued)
- Re: No AV? Shock, horror! Dan Kaminsky (Sep 29)
- Re: No AV? Shock, horror! Rich Kulawiec (Sep 30)
- Re: No AV? Shock, horror! Michael Collins (Sep 29)
- Re: No AV? Shock, horror! Toralv_Dirro (Sep 28)
- Re: No AV? Shock, horror! Dan Kaminsky (Sep 28)
- Re: No AV? Shock, horror! Charles Miller (Sep 28)
- Re: No AV? Shock, horror! Nick FitzGerald (Sep 28)
- Re: No AV? Shock, horror! Nick FitzGerald (Sep 28)
- Re: No AV? Shock, horror! Rich Kulawiec (Sep 28)
- Re: No AV? Shock, horror! Paul Ferguson (Sep 28)
- Re: No AV? Shock, horror! Dan Kaminsky (Sep 29)
- Re: No AV? Shock, horror! Paul Ferguson (Sep 29)
- Re: No AV? Shock, horror! Rich Kulawiec (Sep 29)
- Re: No AV? Shock, horror! Dan Kaminsky (Sep 29)
- Re: No AV? Shock, horror! Charles Miller (Sep 29)
- Re: No AV? Shock, horror! Dan Kaminsky (Sep 29)
- Re: No AV? Shock, horror! Michael Collins (Sep 29)
- Re: No AV? Shock, horror! Nick FitzGerald (Sep 28)