Reply to post: Google chap hasn't used his grey matter before opening his mouth.

Antivirus tools are a useless box-ticking exercise says Google security chap

Jimmy.Reload

Google chap hasn't used his grey matter before opening his mouth.

For AV to detect it needs to know about something. Generic detection methods work some of the time, but malware authors are pretty smart and invest heavily in avoiding detection. So how do we get around this problem? We blacklist everything we don't trust. Nice, OK... Let's consider 2 issues:

Mozilla wants to release version 5000 of their popular firefox browser

1) Security product X hasn't yet whitelisted it. Perhaps it's only at an OS level, but security team at OS A don't think it's secure enough so won't white list it until something is changed. Product product launch is now delayed. Repeat for every single piece of software you use. Maybe they just blindly whitelist which brings me to issue 2.

2) Software is whitelisted which shouldn't be. The 3 letter agencies all over the world are a prime example of software authors who could submit software for whitelisting, but what is that software, should it really be trusted? What if malware authors manage to get their malware whitelisted? It's not impossible and it already happens. Are governments in different countries going to agree on what should be whitelisted? The NSA want their secret spy app whitelisted, but then so do the Chinese, Iran and so on. Who's in charge of the whitelisting?

It's easy to stand on the outside and say it's all rubbish, throw it away, but no one is offering any acceptable solutions to the problems. Blanket statements like "we should whitelist known software" aren't helping. And FYI - AV companies already whitelist most of the known good software anyway.

Google chap in this instance can simply just do one.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019