|
Focus on Virus
Consumer Reports AV and their 5,500 new variants Aug 22 2006 03:48AM Bill Stout (bill stout greenborder com) (1 replies) RE: Consumer Reports AV and their 5,500 new variants Aug 22 2006 07:00PM Bill Stout (bill stout greenborder com) (2 replies) Re: Consumer Reports AV and their 5,500 new variants Sep 05 2006 05:24AM Kurt Seifried (bt seifried org) (1 replies) |
|
|
Privacy Statement |
No noise makes life more complicated for me, when the boss thinks what
CR did is a great idea, and maybe we should do that too. I bet that CR
article complicated life for many others working in companies with
security products.
"Rosenthal Virus Simulator" - That sensitive topic came up when I asked
about testing our product against malware. The point that many
well-known experts on this board made was that an accredited (trusted)
lab perform the tests, and that creating malware was always bad, even
for testing.
To quote from a letter signed by many on this list
(http://cybersoft.com/whitepapers/papers/open_letter.shtml) "Most
antivirus companies are under some form of self-imposed restrictions
that prevent them from knowingly creating new viruses or virus variants.
In addition, competent testing and certification bodies such as ICSA,
Virus Bulletin, Secure Computing, and AV-Test.org, do not create new
viruses or virus variants for testing.
Indeed, the consensus throughout the antivirus development and testing
community is that creating a new virus or variant for product testing
would be very bad - and totally unnecessary. To do so would undoubtedly
raise questions about their ethics."
Maybe opinions have changed on creating viruses in a closed test lab,
and it's no longer unethical.
Bill Stout
p.s. - The letter quoted was signed by:
Joe Wells - Francesca Thorneloe - Pavel Baudis - Kenneth L. Bechtel -
Dr. Vesselin Vladimirov Bontchev - Shane Coursen - Joost De Raeymaeker -
Allan Dyer - Nick FitzGerald - David Harley - Dr. Jan Hruska - Jose
Martinez - Andreas Marx - Petr Odehnal - David Phillips - Peter V.
Radatti - Stuart Taylor - Robert Vibert - Eddy Willems - Righard J.
Zwienenberg -
-----Original Message-----
From: Kurt Seifried [mailto:bt (at) seifried (dot) org [email concealed]]
Sent: Monday, September 04, 2006 10:24 PM
To: Bill Stout; focus-virus (at) securityfocus (dot) com [email concealed]
Cc: rubin (at) jhu (dot) edu [email concealed]
Subject: Re: Consumer Reports AV and their 5,500 new variants
Who cares if they aren't released. I'm willing to best the testing
firm/CR
is competent enough to do this on a closed network. I haven't heard
anything
about these actually being relased, if a tree falls int he forest, but
the
forest is fenced off and no-one hears it who cares. Maybe that's why
there
is no noise.
-Kurt
------------------------------------------------------------------------
----
ALERT: "How a Hacker Launches a SQL Injection Attack!" - White Paper
It's as simple as placing additional SQL commands into a Web Form input
box giving hackers complete access to all your backend systems!
https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000CZW
l
------------------------------------------------------------------------
----
------------------------------------------------------------------------
----
ALERT: "How a Hacker Launches a SQL Injection Attack!" - White Paper
It's as simple as placing additional SQL commands into a Web Form input box giving hackers complete access to all your backend systems!
https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000CZW
l
------------------------------------------------------------------------
----
[ reply ]