On Tue, Jul 13, 1999 at 01:41:19PM -0400,
"Adam D . McKenna" <[EMAIL PROTECTED]> wrote:
>
> I seriously doubt that a majority of users will be using public key
> encryption anytime soon. Encryption went from being something hard to use to
> something you have to pay to use. Only the users that demand secure e-mail
> will be using encryption.
PGP for personal use has been free for a long time. RCF 2015 has been
around for a few years as well. There is also an Open PGP standard
that is nearing finalization. The main reason we already aren't seeing
most people using real encryption in their email is that the US Government
is discouraging it, so they can continue to easily read people's email.
>
> > In the shorter run, viruses will be developed that use a simple encryption
> > each time they transmit themselves in order to keep the fixed part of the
> > virus small in order to make virus detection more difficult. They may
> > also use a number of varient codes to do the decryption part so that even
> > that may vary with each copy.
>
> There are already many variants of many common viruses.
We are talking about 'many's that are orders of mangitudes apart. With
encryption, each copy of a virus will be different. There will have to
be a small relatively constant part, but that can be giving a large amount
of variability by having alternate code that does the same thing for
small pieces of the bootstrap part of the program. This is a lot different
than having just a few thousand viruses to check for.
>
> > Another problem is that virus checking is going to take more and more time
> > as the number of viruses that have ever been written increases. Virus
> > scanning just can't work in the long run.
>
> How do you propose viruses be detected then? What will "work in the long
> run"? I suppose we should just ask the malicious hackers out there to just
> "stop" making and distributing viruses.
What will work in the long run is real security such as capability systems.
In the short run teaching people not to run programs given too them
by people who are either clueless or untrustworthy is a good start.
> > The other question is why this is being done on the mail server instead of
> > on the end user machines, where there is likely to be a lot of underused
> > CPU power?
>
> Where I work we run VirusScan on the workstations and NetShield on the
> servers. Guess what, the servers catch way more viruses than the
> workstations do. Why? Because it's a hell of a lot easier to upgrade 10
> servers than it is to upgrade 800 workstations every time there is an update
> from McAfee. Yes, we could start AutoUpdate on every workstation if we had
> the manpower. But there will always be some machines that fall through the
> cracks.
The antivirus people need to improve the way they do things. Viruses are
spreading much faster now than they used to and having to have people go
and look to see if there is a new update once a week or so isn't good enough.
Probably the best solution is a distributed one, where information is
pushed to a local server when there is a change and all local machines
check with that server for updates everytime they are about to do a scan.
