[Full-Disclosure] Virus naming conventions, or lack of them
toddtowles at brookshires.com
Sat Aug 14 11:48:28 BST 2004
I was only showing the point that name of a virus doesn't stop a company
form working and creating IDE to stop a virus. They can name them
whatever they want. Most of us really don't care most of the time, as
long as it gets stopped. AV vendors can choose to name the same (at
least in the same format) and choose to be totally different in naming.
As far as my using Outlook - sorry buddy, I work for a corporation. Is
Outlook a bit more dangerous than some 20 year old netscape client?
Sure, but it all comes down to the users, now doesn't it.
I understand the AV vendors doesn't care about me...and I can care less
about one other companines bottom line too. If the public ever decided
it needs to be changed, then the change will have money in it. Customers
choose to buy what they WANT.
The simple fact is that people out there see a growing need to have some
sort of convention. If they would just agree on a format, that would be
better than it is currently. But I understand money will have to be
driving issue in the end. Agreed.
From: full-disclosure-admin at lists.netsys.com
[mailto:full-disclosure-admin at lists.netsys.com] On Behalf Of Etaoin
Sent: Friday, August 13, 2004 1:18 PM
To: Full Disclosure
Subject: Re: [Full-Disclosure] Virus naming conventions, or lack of them
Todd Towles wrote:
> How is naming a virus with @mm or a W32 in the front slow the process
> down? Naming has nothing to do with AV venders making money IMO. If it
> does, McAfee should change its name to Norton before tries to buy it
> out. =)
Smiley aside, I think that you are being disingeneous here. Either that,
or you read NOTHING of the post below (that microsoft outlook
top-posting style is my first clue; your commentary is the second). Let
me repeat the salient points:
Harlan Carvey wrote:
> One other thing I'd like to throw into the mix. This whole discussion
> is being viewed, it seems to me from the wrong perspective. The
> attitude that the entire A/V industry should have a common naming
> convention seems to be coming from the open source camp...while A/V
> companies aren't necessarily open source.
> Companies in general are about making money, and you do that through
> establishing and maintaining competitive advantages. Expending
> resources (ie, people, money, time, etc) on an endeavor to establish
> and maintain a common naming scheme is an expenditure that has very
> little (if any) ROI...it can't be justified to investors.
> -----Original Message-----
> From: full-disclosure-admin at lists.netsys.com
> [mailto:full-disclosure-admin at lists.netsys.com] On Behalf Of Harlan
[Ick. I so hate that outlook destruction of threading. What the hell is
"On Behalf of..." supposed to mean, anyway?]
Nick FitzGerald wrote:
[some other stuff]
> ..As a
> result, some of these procedures are so crucially dependent on the
> choice of a name _AND_ require that to happen so early in the process
> that it is all but inconceivable for some of these developers to
> change a virus' name.
> As much as most of the industry may agree to not aggrandize some
> spotty faced, bad-breathed teenager's fantasies by not using the name
> the virus writer chose, the media will latch onto the one tiny,
> weird-arse, industry convention defying, publicity starved, former
> Eastern-bloc hopped up AV company that does use the "cute" or "catchy"
> or whatever name, and thereby greatly exacerbates the problem. Worse,
> many journalists (or perhaps their editors) feel that they are better
> qualified to make up virus names than antivirus researchers are and
> they will simply coin what they consider a catchy, snazzy, sexy,
> attention grabbing, etc name to make a good headline or some dodgy
> joke later in their copy.
Still with me? What Nick and Harlan (and others) have near beat into the
ground, is that the AV companies don't CARE what it is YOU want. There's
simply no motivation to change. No money in it, and plenty of current
behavior to continue things as they are. Period. You can whine forever
about what ought to change. It isn't going to happen. It simply doesn't
matter what it is you want.
Unfortunately, it doesn't even matter what Nick suggests (and those
companies are a lot more likely to listen to a researcher like Nick,
than to J. Random Luser on Full Disclosure). It's the way it's done.
Those companies have been around a long time (and will continue to be,
as long as there are windows platforms making it easy for virus writers,
XPSP2 notwithstanding). In fact, I'd venture to guess, as long as users
can install new viruses by clicking on "Click Me!" buttons, they'll stay
Things will happen in well-organized efforts without direction,
controls, or plans.
Friedrich August von Hayek (1899-1992)
"The Road to Serfdom" (ISBN: 0226320618)
Full-Disclosure - We believe in it.
Full-Disclosure is hosted and sponsored by Secunia.