dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
422
share rss forum feed


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2

The shortcomings of anti-virus software

quote:
No, this isn't about lousy detection rate. I think we're pretty much resigned to that, irrespective of the latest fancy marketing terms the industry uses to sell us the same failed concept. This is about the forensic quality, or rather lack thereof, of anti-virus.

»isc.sans.edu/diary/The+shortcomi···re/14437

An interesting point. I think the reason is that, and the author hints at it with
quote:
If your enterprise-grade anti-virus software does any better in forensics than described above...

is that most AV is aimed at home/soho-users.These people just want the threat eliminated and don't care where it came from or when.

BTW one of the commenters says
quote:
Shouldn't we refuse any code that the developer doesn't digitally sign so we know where it came from?

Trouble with that is stolen certificates. Microsoft had that happen as did Adobe.

»Emergency Bulletin: Unauthorized Certificate used in "Flame"

»Adobe's code signing certificate has been stolen
--
Don't feed trolls--it only makes them grow!