Focus on Virus
Consumer Reports AV and their 5,500 new variants Aug 22 2006 03:48AM
Bill Stout (bill stout greenborder com) (1 replies)
RE: Consumer Reports AV and their 5,500 new variants Aug 22 2006 07:00PM
Bill Stout (bill stout greenborder com) (2 replies)
Re: Consumer Reports AV and their 5,500 new variants Sep 05 2006 05:24AM
Kurt Seifried (bt seifried org) (1 replies)
RE: Consumer Reports AV and their 5,500 new variants Sep 06 2006 08:01AM
Bill Stout (bill stout greenborder com) (1 replies)
RE: Consumer Reports AV and their 5,500 new variants Sep 06 2006 02:20PM
Paul Schmehl (pauls utdallas edu) (1 replies)
RE: Consumer Reports AV and their 5,500 new variants Sep 06 2006 03:31PM
Roger A. Grimes (roger banneretcs com) (3 replies)
I've been doing AV for 20 years now, and supported this basic safety tenet,
but the Consumer Reports' lab testing incident doesn't bother me.

It had a good AV expert behind the work, tested logical goals that can only
be tested by creating new malware programs, and was kept controlled. If it
wasn't done by a professional and if great care wasn't taken to make sure
they didn't leak, I'd be bothered. But let's be honest, at this point, the
malware problem is so bad, the AV vendors are so bad at detecting them, and
so many variants are being created each day, that the original problem of
something new leaking out, just isn't the priority it used to be.

If I worked for an AV vendor, I'd stop my complaining and get to work on a
better product. The state of AV protection is as bad as it has ever been.
I've been reading about the "death of antivirus scanners" for 20 years now,
but for the first time I think their time is nearing the end, and I say so
in my Friday column in InfoWorld.

Roger

*****************************************************************
*Roger A. Grimes, InfoWorld, Security Columnist
*CPA, CISSP, MCSE: Security (2000/2003/MVP), CEH, yada...yada...
*email: roger_grimes (at) infoworld (dot) com [email concealed] or roger (at) banneretcs (dot) com [email concealed]
*Author of Professional Windows Desktop and Server Hardening (Wrox)
*http://www.amazon.com/gp/product/0764599909
*****************************************************************

-----Original Message-----
From: Paul Schmehl [mailto:pauls (at) utdallas (dot) edu [email concealed]]
Sent: Wednesday, September 06, 2006 10:21 AM
To: Bill Stout; Kurt Seifried; focus-virus (at) securityfocus (dot) com [email concealed]
Cc: rubin (at) jhu (dot) edu [email concealed]
Subject: RE: Consumer Reports AV and their 5,500 new variants

--On Wednesday, September 06, 2006 01:01:39 -0700 Bill Stout
<bill.stout (at) greenborder (dot) com [email concealed]> wrote:
>
> Indeed, the consensus throughout the antivirus development and testing
> community is that creating a new virus or variant for product testing
> would be very bad - and totally unnecessary. To do so would
> undoubtedly raise questions about their ethics."
>
> Maybe opinions have changed on creating viruses in a closed test lab,
> and it's no longer unethical.
>
I can assure you that within the AVIEN community nothing has changed. We
are completely oppposed to the creation of viruses in a lab, for many
reasons, all of which we have publicly articulated.

Paul Schmehl (pauls (at) utdallas (dot) edu [email concealed])
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
0? *?H?÷
 ?0?1 0 +0? *?H?÷
 ?¢0?=0?¦ͺVðßä¼Tþ"¬³rªU0
 *?H?÷
0_1 0 UUS10U
VeriSign, Inc.1705U .Class 1 Public Primary Certification Authority0
960129000000Z
280801235959Z0_1 0 UUS10U
VeriSign, Inc.1705U .Class 1 Public Primary Certification Authority0?0
 *?H?÷
0?å¿m£Va-?HqögÞ¹ë·???
?ú8%¯F??ås¨ ?$]
Ìen °ÐV????¡sß´X9knÁöÕ¨¨?ª1¬°4׏4g? ÍâNEVix?ÚÜG?)»6Éc\Åà×-?{¡·2°{0º*/1ªî£gÚÛ0
 *?H?÷
L?¸?ÆhßîC3]é¦Ë?Mz3ÿ?ô6­Ø?"6hl|BÌó?.Ä?°Oÿ?vùâ¼JéÍ ?
÷Å)ñ?"]¸±Ý#£{%F0yøêK?ÂÈã·ô@<Ã_SèHä?´{¡5°{%º¸Ó?«?84?óÑq?0?b0?
Ë  Ú Á???« tz´Î.30
 *?H?÷
0_1 0 UUS10U
VeriSign, Inc.1705U .Class 1 Public Primary Certification Authority0
980512000000Z
080512235959Z0Ì10U
VeriSign, Inc.10U VeriSign Trust Network1F0DU =www.verisign.com/repository/RPA Incorp. By Ref.,LIAB.LTD(c)981H0FU?VeriSign Class 1 CA Individual Subscriber-Persona Not Validated0?0
 *?H?÷
0?»ZD?»Uýz?-?Ox6¸
J²o?T¿¼èw*¹ðh»?Ù1ApzK¹HV-Çá?B«À¢?«D\ªBð?é/ûÂ;»¾É'
]¶°6B3µnT?O?J¿Úùè?¶ãÌÆ??j$?ãüàeº§±~ïÉÛ7jÈJÈ ä?£°0­0U0ÿ0GU @0>0< `?H?øE0-0++www.verisign.com/repository/RPA01U
*0(0& $ "? http://crl.verisign.com/pca1.crl0 U0 `?H?øB0
 *?H?÷
}?oEK8 ¸ÞéSd!¼äL+þ?@¬Ø
9j¡2!,?«YþÒb}U8°7sÜôfcb½áSpR?ç¨ØRé[-ªáÞϬ1TÔ?ÈØ#¨ï+2},È|?¨.wòDÑe
MtµîÓ?st.?;5rç@1?ӲīçV¾?ãû0?70?  ,¼këEí?¿*æv Ü0
 *?H?÷
0Ì10U
VeriSign, Inc.10U VeriSign Trust Network1F0DU =www.verisign.com/repository/RPA Incorp. By Ref.,LIAB.LTD(c)981H0FU?VeriSign Class 1 CA Individual Subscriber-Persona Not Validated0
060212000000Z
070223235959Z0?10U
VeriSign, Inc.10U VeriSign Trust Network1F0DU =www.verisign.com/repository/RPA Incorp. by Ref.,LIAB.LTD(c)9810U Persona Not Validated1402U +Digital ID Class 1 - Microsoft Full Service10URoger A. Grimes1#0! *?H?÷
 roger (at) banneretcs (dot) com0 [email concealed]?0
 *?H?÷
0?²ÅÕ??ANØN?>[¹½
ëì?üd"íÑÒ??¶v,îØVÅ?õÞ==I_wü8B@øN?Ðu¿.g?çêrÿ®q[´Í$D ·Dº
­=¯l-Ð`ì?gÊ3?;à´?tn1v?L¥Þ;@ç?­®"ldw?㶮éÒcé=àå£Ë0È0 U00DU =0;09 `?H?øE0*0(+https://www.verisign.com/rpa0 U
 0U%0++0
`?H?øENone03U,0*0( & $?"http://crl.verisign.com/class1.crl0

 *?H?÷
râª?Å·§È¶Ó.*ïêûgfú@újÝuj ù?ßw 5ð«ÞZ?*<uÚ^͝7Øu91?Ê?C¸,ôLû¦I wÚ?æÏ¥ª3jë¿äÔ^µvYcêÚ?Ç\??f,ì¸n??U?w
Ä5f[ÓAEmºÏì?PkN5?ì)0?½0?¥ aºýä??L`?ÞqÏ+0
 *?H?÷
0]10
?&??ò,dcom10
?&??ò,d
banneretcs10
?&??ò,dlocal10U
BanneretCS0
040222144455Z
090222145414Z0]10
?&??ò,dcom10
?&??ò,d
banneretcs10
?&??ò,dlocal10U
BanneretCS0?"0
 *?H?÷
?0?
?«??eÇFT½Æç꡼ã'ý(^»XõHÞg?q?©g?x¯º)×[ÒàÆ?3â´Ý²
Kõþ5ô(¤ä?ÈÕ?é?5P!Þ|m?d­¶#`Ç-´¬Ëé`vY?É 0Ö}U̼,?ò»c\äö?Û¸Ø Ð¾_|>þKÉÓÓ?àïÁm L??/T6u¹¨on)­K¡H%Ú×í£?PÑ+ÞVu
·?vËìöÏ j~¥N(÷é-°?Ü? F°':?&Of·O O,S÷ze?;?¬àÍÁØÇzv¬5I-?­z ñ}E²3þ§6læ?"?£?w0?s0 U?0Uÿ0ÿ0U;Ù
,¨¶Ñå´MJáV¦#ô?Ï0? U?0?0? ?  ??Áldap:///CN=BanneretCS,CN=banneretcs1,CN=CDP,
CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=local,DC=bann
eretcs,DC=com?certificateRevocationList?base?objectClass=cRLDistribution
Point?Ahttp://banneretcs1.local.banneretcs.com/CertEnroll/BanneretCS.crl
0 +?70
 *?H?÷
??§n =
$?E??KÜw·¶]ÛLÔèL'{íßo+xDºÌ?K{ç
??T|?²,£z`÷3ÿ© ¥ZÜ@©Ú?¢/·8
3ó9?Ñö©h#ü?YÏÙV oRØD1)/ÛÅYÄn??¦»rLO?
Að(¨?à6cÊ[ÕÖ#y»?#I¨g$Y5?7ÐG´
² çºB?¢_ôM IînùÐ8~Zã£U¸2B¶Cù? ±¢'Ü kMlàæ*Éê5?-9½??YFÕÍY?/W×÷º+¶gñd=M?Â?Áa?JvÒÐ?\?YÉÿEóà??;ïºih.
£0?û0?ã 
§É¡0
 *?H?÷
0]10
?&??ò,dcom10
?&??ò,d
banneretcs10
?&??ò,dlocal10U
BanneretCS0
050831023018Z
070831023018Z0?10URoger A. Grimes1#0! *?H?÷
 roger (at) banneretcs (dot) com0 [email concealed]?0
 *?H?÷
0?Ä8R¢MèD=G5Äk´Ï¥J59?y?âù7ièqAùÕó«$çÅ Ö,¸Çÿ$pO?»1ïøÍ
ÕD?yPOÁÂÝÑá yï6NUõgá0Ú¢J; ûK5í¼",?î@?¶Øc§ä̝?þ DWk;ü??£?¨ãc?¤ 
£?]0?Y0 U 06 *?H?÷
 )0'0
*?H?÷
80
*?H?÷
80+0U±¶3¤?Yeé0¡N¦
Y\ éfÄ0> +?710/'+?7â»}?ù¸ ?Ý??öÕ{¦ðt?·üR?Ï??1d0U#0?
;Ù,¨¶Ñå´MJáV¦#ô?Ï0? U?0?0? ?  ??Áldap:///CN=BanneretCS,CN=banneretcs1,CN=CDP,
CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=local,DC=bann
eretcs,DC=com?certificateRevocationList?base?objectClass=cRLDistribution
Point?Ahttp://banneretcs1.local.banneretcs.com/CertEnroll/BanneretCS.crl
0?:+?,0?(0µ+0?¨ldap:///CN=BanneretCS,CN=AIA,CN=Pu
blic%20Key%20Services,CN=Services,CN=Configuration,DC=local,DC=banneretc
s,DC=com?cACertificate?base?objectClass=certificationAuthority0n+
0?bhttp://banneretcs1.local.banneretcs.com/CertEnroll/banneretcs1.local
.banneretcs.com_BanneretCS.crt0U% 0
+0 +?7
0 0
+0
 *?H?÷
?]ÒSpPMNz ?$×s¢ØÛ²!:ü×ý<Þ¸5i÷ADqnâZh?Õ?4ÙÀe¿t41rvÖõ}û¤e%µY=
)Qk¿??d-jcÞýÙ Èã»EJÆj¶`¾??1ñg?ì/Ä?´+Å3Ïéw
3â§ä® 0÷a¼º9b??u?]ÐHQTõ7?Ü&?d??9?¿D?}~&½TOW¤¦z7?3j$æ ÍjóWfV-ÙÐ+B?̍G·°ßôx qÄX¸vb£?à¼Î<Ã]{h]¡<_s]@ëM3`ÿÚÅ3Ç>Xè±=HÈWÈ?AO1?°¥??Á1?L0?H
0á0Ì10U
VeriSign, Inc.10U VeriSign Trust Network1F0DU =www.verisign.com/repository/RPA Incorp. By Ref.,LIAB.LTD(c)981H0FU?VeriSign Class 1 CA Individual Subscriber-Persona Not Validated,¼këEí?¿*æv Ü0 + ?À0 *?H?÷
 1  *?H?÷
0 *?H?÷
 1
060906153058Z0# *?H?÷
 1
;¸?¦³¿?CäÓÇûefÐùÛ0g *?H?÷
 1Z0X0
*?H?÷
0*?H?÷
?0
*?H?÷
@0+0
*?H?÷
(0+0
*?H?÷
0z +?71m0k0]10
?&??ò,dcom10
?&??ò,d
banneretcs10
?&??ò,dlocal10U
BanneretCS
§É¡0| *?H?÷
  1m k0]10
?&??ò,dcom10
?&??ò,d
banneretcs10
?&??ò,dlocal10U
BanneretCS
§É¡0
 *?H?÷
?oþ¡©2¸aûMz??öÂ8A¼ñ6úºU?vìÕ×n½.~÷¦hc/J?Ó?÷(ÿ°.¦MI=3¯ölÛÍ?
@ÐÑ1þõ?/û430üà|ÉëE$X¡ÁÝA@o?ú7µý???7_p]?3;q&ò1ÃÁDKݵZàô?Îöá?

[ reply ]
RE: Consumer Reports AV and their 5,500 new variants Sep 18 2006 04:50PM
Bill Stout (bill stout greenborder com)
RE: Consumer Reports AV and their 5,500 new variants Sep 06 2006 11:48PM
Nick FitzGerald (nick virus-l demon co uk)
RE: Consumer Reports AV and their 5,500 new variants Sep 06 2006 08:23PM
Bill Stout (bill stout greenborder com)
Symantec AV Strategy Aug 24 2006 06:14AM
Serge Vondandamo (serge vondandamo wanadoo fr) (2 replies)
Re: Symantec AV Strategy Aug 24 2006 08:22PM
Edgar B. Tijerino (ebt2001 med cornell edu)
RE: Symantec AV Strategy Aug 24 2006 02:22PM
Robert D. Holtz - Lists (robert d holtz gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus