Re: [Full-disclosure] Anti-Virus vendors prove less-effective
James, this is the problem with AV in general and not specific to this problem. detecting the problem defense in depth mitigates zero-day, however, when very basic code gets past AV this is definitely an area that needs work. 24/04/07, James Matthews [EMAIL PROTECTED] wrote: How can these people put out a good product against scripts where you can change anything and it will still work! On 4/24/07, David Kierznowski [EMAIL PROTECTED] wrote: Web Backdoor Compilation along with Dancho Danchev AV research has proven how less-effective many of these products are when detecting web malware. The results are certainly not a shocker but definately an eye opener. WBC has certainly demonstrated what all security researchers already know, this area needs work! See: http://michaeldaw.org/news/news-042407/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- http://www.goldwatches.com/watches.asp?Brand=39 http://www.wazoozle.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Anti-Virus vendors prove less-effective
Web Backdoor Compilation along with Dancho Danchev AV research has proven how less-effective many of these products are when detecting web malware. The results are certainly not a shocker but definately an eye opener. WBC has certainly demonstrated what all security researchers already know, this area needs work! See: http://michaeldaw.org/news/news-042407/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Anti-Virus vendors prove less-effective
How can these people put out a good product against scripts where you can change anything and it will still work! On 4/24/07, David Kierznowski [EMAIL PROTECTED] wrote: Web Backdoor Compilation along with Dancho Danchev AV research has proven how less-effective many of these products are when detecting web malware. The results are certainly not a shocker but definately an eye opener. WBC has certainly demonstrated what all security researchers already know, this area needs work! See: http://michaeldaw.org/news/news-042407/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- http://www.goldwatches.com/watches.asp?Brand=39 http://www.wazoozle.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Anti-Virus vendors prove less-effective
James Matthews wrote: How can these people put out a good product against scripts where you can change anything and it will still work! Haven't you heard? The AV industry cracked the Halting Problem so we should expect them to do this! Regards, Nick FitzGerald ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/