A Simple Open Question for All AV Experts

Discussion in 'other anti-virus software' started by Perman, Feb 4, 2007.

Thread Status:
Not open for further replies.
  1. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, folks: We are all aware that the task of AV development is a tough and rewarding one, and all AV vendors do have their means and wills to overcome any barrier and huddle they may face. It has been said; If there is a will, certainly there is a way. I, therefore, dare to post an opne question for all AV experts; During the course of vir.database updates, you may utilize a tool(let's dub it as replicator) to analyze any suspicious program in search of any possible malwares. What would happen if your tool can not read any given language, does this mean that you have to skip all progs using that particular language or else better? I suspect it is a trade secret and perhaps an untold one. As one of the many many AV programs users out there, I need to know something, even a little something. Can you guys reply?:)
     
  2. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Not sure what you mean (specifically with language), but every analyst MUST be capable of dissasembling files into small tiny pieces and find out what it does and how it does that. Sure they have tools and stuff but when they all fail, they have to do it manually. And i'm sure there isn't a thing that could counter that kind of intelligence and self adaptation. Except human error of course :D
     
  3. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, folks: Hi RejZor: To quickly answer your question re language. Let's say, for the sake of discussion, if your tool or analyst can not read American English programs, can you still break into them and search for malwares? or you have to soly rely on your American users submitting samples for analysis?
     
    Last edited: Feb 4, 2007
  4. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    I'm quiet sure they're using UNICODE capable tools... As for the text itself on lets say dialogs used by the malware (if it's spoofing somethinG), i'm sure they have translators (which also work on program translation for other countries) and web translators.
     
  5. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi,RejZoR: thanks for quick response. I am not a black belt of AV, but now I do understand how to guard myself from any attempt of manipulation made by so-called AV expert. If this honorable guy claims he has a difficulty reading a given langulage, I can safely term him as sending out SOS and his days at job are numbered. Thanks. It is my pleasure to learn some trade secrets from other trade.
     
  6. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    so your asking what do you do if your english and there is a virus that is in japanese and try to protect your customers against that virus but you cant understand japanese?
    lodore
     
Loading...
Thread Status:
Not open for further replies.