[funsec] standards status in the industry - opinion?
Drsolly
drsollyp at drsolly.com
Sun Jan 8 11:28:21 CST 2006
On Sat, 7 Jan 2006, dudevanwinkle at gmail.com wrote:
> Gadi Evron wrote:
>
> >
> > Well, about the AV I tend to disagree. I believe the AV simply isn't
> > adequate to deal with these sort of threats anymore.
> >
> > It's a good important part of the solution, it's just not THE solution.
>
> So should we need to look for badcode in memory, on HDD's, encapsulated
> via ip, lighting up on fiber, flashed to bios, loaded in eprom, burned
> on cd, written to floppy and read from tape. In the different protocols and
>
>
> which do we need? one app per OS? one app per medium? One app per medium
> pizza?
>
>
> I think the resources are out there to protect your client systems from
> casual (99%) of attacks, ppl just dont update them :)
No, I think we're approaching this problem entirely the wrong way, today.
More information about the funsec
mailing list