| |
Challenging conventional wisdom on AV signatures (Part 1 of 2) « blog.zynamics.com
by Security Reads at 12:30 pm EDT, Apr 5, 2010 |
Challenging conventional wisdom on AV signatures (Part 1 of 2)
By Thomas Dullien We have all been taught (and intuitively felt) that traditional antivirus signatures are, for the most part, a waste of time. I think I have myself argued something similar repeatedly. One could say that “byte signatures don’t work” is accepted conventional wisdom in the security industry. Especially in the light of the recent (and much-publicized) Aurora-attacks, this conventional wisdom appears to ring truer than ever.
|
| |
RE: Challenging conventional wisdom on AV signatures (Part 1 of 2) « blog.zynamics.com
by Dagmar at 6:51 pm EDT, Apr 5, 2010 |
Security Reads wrote: Challenging conventional wisdom on AV signatures (Part 1 of 2)
By Thomas Dullien We have all been taught (and intuitively felt) that traditional antivirus signatures are, for the most part, a waste of time. I think I have myself argued something similar repeatedly. One could say that “byte signatures don’t work” is accepted conventional wisdom in the security industry. Especially in the light of the recent (and much-publicized) Aurora-attacks, this conventional wisdom appears to ring truer than ever.
Hmm... Actually, let's extend this model to home security. That way everyone can leave their doors unlocked and simply deny entry to known felons. That'll work great. |
|
|
|
