[funsec] Consumer Reports Slammed for Creating 'Test' Viruses
dudevanwinkle at gmail.com
Thu Aug 17 15:21:07 CDT 2006
On 8/17/06, Axel Pettinger <api at worldonline.de> wrote:
> Blue Boar wrote:
> > For one, I agree with Jericho (apologies if I'm putting words in his
> > mouth) that generating a new virus is probably the best way to test a
> > virus scanner that is expected to detect new viruses. I'm pretty
> > sure I already know what the answer would be before I even tried, but
> > if I were trying to test it, that would be how I would want to do it.
> > If I were trying to see how quickly AV companies could write a
> > signature for a new virus, there's one obvious way to do that.
> Sorry, but in both cases it certainly isn't necessary to create new
> malware. Simply open your eyes, there're enough "new" malicious code
> files lying on the "street" of the Internet. Simply collect them and use
> them to test your favorite av scanners. Do that for a while then you'll
> know what you can expect from them. At least such samples are real
> malware samples found ITW ...
As far as testing how quickly the turn around on signatures is
concerned, it is required.
You cant be sure that a malware sample you just found wasnt discovered
yesterday by an AV company unless you write one yourself.
> Axel Pettinger
> Fun and Misc security discussion for OT posts.
> Note: funsec is a public and open mailing list.
More information about the funsec