Anti-Virus Companies Going At Things The Wrong Way
from the but-what's-the-better-way? dept
Following last week’s story about people pushing for anti-virus software that blocks behaviors instead of specific viruses, a new study is coming out showing that the traditional method of fighting internet worms and viruses – by responding after the fact – is completely ineffective. This gets the “well, duh” award of the day. Unfortunately, the report doesn’t seem to suggest what the solution is. While people keep talking about behavioral responses (and, it’s likely that more such products will start showing up on the market), I’m still not convinced they can be effective. If you’re blocking a specific behavior there are two problems that occur: existing technology that acts in a similar way will stop working and virus writers will simply adjust their techniques to make their viruses appear more legit or piggyback on other legit actions. So, if that’s not the solution either, what is?