>"Research" isn't what you're doing when you're planning to figure out how to >stop the *next* new attack by studying the terabytes of examples of how that >idea didn't stop the attack last time.
No actually research is finding generic signatures for larger virus/wom families, generic detection for virus/worm types, implementing emulated Win32/DOS environment within the virus scanner to analyse the behaviour of a program. Something like this. Not entirely useless. Recently posted a couple of links that investigate the efficiency of these methods. The results are still far from being assuring, but saying that these methods are useless is ignoring tha facts. >What you're doing there is milking a cash cow rather than finding a new way to >actually fix the problem right. Exactly. Like onvincing the people that writing and distributing viruses is a bad thing. But this smells like a flame. Regards, Gabor Szappanos _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html