{QUOTE-> The title and topic of this article is clearly controversial. It is guaranteed to get a strong reaction from the anti-virus industry, which is firmly convinced it sees clear sailing ahead. So, is anti-virus scanning obsolete? In a word, yes - but don’t throw out your scanner. Its replacement hasn’t been created yet. In this article we will examine the weaknesses of virus scanning that will cause its eventual downfall.

Anti-virus scanning is based upon the age-old principle of Newton’s law; for every action there is an equal and opposite reaction. Each time a new virus, or a new viral approach, is discovered, anti-virus scanners must be updated. To be sure, this isn’t always true. Heuristic scanning does have the capability to recognize some attacks as viral without having specific detection for the virus it has alerted on. In general, however, each new virus discovery requires an update of the scanning software’s “virus definition” files in order for the scanner to recognize the new virus.

In some cases (Melissa, for example) the scan “engine” (the algorithm that does the comparison between the virus’ behavior and the virus definition files and identifies viral content) must also be updated for the anti-virus scanner to be effective at detection (and hopefully eradication.) This constant updating process has several flaws. We’ll look at these flaws in detail.

The Arms Race. Or Is It The Rat Race?.... <-QUOTE}

Read the full story:

http://online.securityfocus.com/infocus/1562

Hmmm. What can one say? No easy answers for sure. :(

I totally agree, root. Definitely no easy answers.

You have to wonder, will it be one of the big anti-virus companies to develop some new type of product first? Or will it be a newcomer? (as the big anti-virus companies seem to be pretty content with how their products work currently...)