Anti-Virus Companies Going At Things The Wrong Way
from the but-what's-the-better-way? dept
Following last week’s story about people pushing for anti-virus software that blocks behaviors instead of specific viruses, a new study is coming out showing that the traditional method of fighting internet worms and viruses – by responding after the fact – is completely ineffective. This gets the “well, duh” award of the day. Unfortunately, the report doesn’t seem to suggest what the solution is. While people keep talking about behavioral responses (and, it’s likely that more such products will start showing up on the market), I’m still not convinced they can be effective. If you’re blocking a specific behavior there are two problems that occur: existing technology that acts in a similar way will stop working and virus writers will simply adjust their techniques to make their viruses appear more legit or piggyback on other legit actions. So, if that’s not the solution either, what is?
Comments on “Anti-Virus Companies Going At Things The Wrong Way”
No Subject Given
Yeah, I agree, but there are a few people with security sites on the net who think malware can be completely stopped by behavioral software. Well, maybe, but I’m not so sure.
Some AV manufacturers defend themselves by saying that peolpe don’t feel comfortable if they’re not getting their weekly AV update. Sort of a positive response thing.