Why doesn't anyone organize a contest for making a program that will protect from a virus which will be unknown to the participants prior to the...
I wholeheartedly agree with the rest of your post; just a small correction regarding the above. It (the above, that is) is not necessarily true....
It's difficult to produce exact numbers because this has been going on for years and I didn't keep track of the exact numbers every time....
Somehow I missed this when I was replying. As anybody who can read and has access to Virus Bulletin knows, their tests are by far not based...
Well, I don't know what exactly was stated. Perhaps I have misunderstood. Perhaps Bryndis was just trying to be polite. In any case, I don't make...
Maybe I am mistaken, but it is my understanding that the company I work for (FRISK Software International) also withdrew from these tests. The...
They are not. Well, I don't know about "tools like that" but OfficeCat isn't. It is a tool for scanning for known Office exploits. They way it...
Heh. Tell me about it. You folks still remember what a COM file is, right? Well, a COM file is just like that - no headers, just CPU...
This is... not so simple. Well, a detailed treatement of the subject could fill a whole paper.;D Basically, in order to do what you propose,...
Nothing is fool-proof, because the fool is always bigger than the proof.;D Besides, the fools are so ingenious! But, seriously, which...
Heh. You don't have to tell me about the deficiencies of the integrity checkers, man, I wrote the book (ok, the paper) on this subject.;D And,...
Because by then your precious private data might have disappeared too - or be on its way to Moldova. Regards, Vesselin
Because, although testing known-malware scanners properly is immensely hard, testing properly generic anti-malware tools like behavior blockers...
Behavior blockers, just like integrity checkers, are a generic anti-malware tool. They have similar strengths and weaknesses with the other...
I don't think that anyone claimed that they can't be stopped. The claim was only that they can't be stopped by software that blocks unauthorized...
"Signature" is such an ugly and imprecise term. :( Most anti-virus programs stopped replying exclusively on scan trings (which is the slightly...
Yes, but how are you going to achie ve that? There are only two ways. One is, you get that list built by somebody else (a security software...
Do you really understand how it does that? If yes, explain it here and I'll explain you how it can be bypassed. If not, then the argument is...
False. An MZ header identifies only EXE files, it has to be at the very beginning and it can be "ZM" too. There are many other kinds of...
Then Mike's other points still stand. :) There is no easy way of preventing execution of malicious code without making the system unusable (e.g.,...
In general - no, there isn't. It can be done in every particular case, of course - if you know the file format, if you know what the exploit...
In a word - no. Right - but that's not of much help. You see, one of the basic principles of von Neumann computers (which is what all...
True. False. In general, that "other object" could be something seemingly legitimate and often-used - like a Word document. You can't block...
Removes all hard disk changes?! You gotta be kidding me. Such a computer is completely unusable - you can't create documents, you can't even play...
Another crappy article on the same subject, by the same author: The decline of antivirus and the rise of whitelisting I've already sent them...
Separate names with a comma.