The accumulation happens automatically. When a user installs Kaspersky software, it scans every application, file, and email on the computer for signs of malicious activity. If it finds a piece of known malware, it deletes it. If it encounters a suspicious program or a message it doesnt recognizeand the user has opted to be part of the Kaspersky Security Networkit sends an encrypted sample of the virus to the companys servers. The cloud-based system automatically checks the code against a whitelist of 300 million software objects it knows to be trustworthy......"
For Kaspersky, exposing Flame reflects his companys broader ambition: to serve as a global crime-stopper and peacekeeper. Malware has evolved from a nuisance to a criminal tool to an instrument of the state, he says, so naturally he and his malware fighters have grown in stature and influence too. My goal is not to earn money. Money is like oxygen: Good idea to have enough, but its not the target, he says. The target is to save the world.
Although the meat in the sandwich for the average user seems to be with Kaspersky sending data encrypted (apparently just for samples for identifying unknown software) the thing that bothers me is an AV company that has the power to readily identify new software of any kind and whitelist/blacklist all.
With his supposed aspirations Microsoft should harness this type of potential and incorporate a whitelist of it's own. Saying goodbye to AV's.
Are we not tied of the growing list of daily 1000's of signatures and and heuristic engine updates for what is an essentially flawed method of patching signatures after the events have occurred.
Before the connected AV industry pulls any of the strings espoused.
Paradigm Shift beta test pilot. "Dying to defend one's small piece of suburb...Give me something global...STAT!