Why are special tools needed?
Don't virus authors have access to free/trial/warez versions of commercial AV products? Viruses can be test against the generic AV components without the need for up-to-date signature files.
Underground tools foil generic virus detection
Cybercrooks are developing covert tools to test malware before releasing it. The effectiveness of malicious code is largely determined by whether or not it's detected by anti-virus scanners. By replicating the scans of leading security products using test tools located on underground forums and web pages, miscreants gain the …
-
Monday 3rd March 2008 10:41 GMT Anonymous Coward
Paradigm shift required
All kind of obvious really, given the predictable escallation of the virus/malware scum vs the good guys battle.
Time to change not just the goal posts, but the entire pitch; a complete "blank paper" redesign of what an OS is, and how it allows applications (approved or otherwise) to interact with it.
Evil Gates, 'cos he knows but didn't want to upset the Windows Gravy train. Bad Mr Gates, bad. And you know too Jobs, so don't think you're getting off lightly either.
-
Monday 3rd March 2008 10:41 GMT amanfromMars
Beta Underground tools/Virtual Machines eclipse generic virus detection
"as well as creating income for unscrupulous coders happy to work for VXers."
Fortunately, not only unscrupulous coders are happy to work for VXers to create Income streams, even if they be in Underground SaaS. And you can Imagine Microsoft Funding a Pilot if they want to make their Microsoft Online Services Ubiquitous and Viable, Vital and Relative to the Rapidly Changing Virtualised Environment. ...... for they are only one possible Host in a whole Field of Hosting Environments.
With the Right Championing Knights, any System will automatically Attract Premium Content and Interest ......... Intellectual Property 42BShared in Order to Create Wealth to be Spent and Enjoyed rather than, as Presently shown in Sub-Prime Banking Circles/Cabals, Salted Away for Selfish Stealthy MisUse and Abuse and Loss.
There was no mention of any such Funded White Knight Drivers from Microsoft though, only a plea for them, from them, to Use the Microsoft InfraStructure/Shell Company. Without AI Knights of their Own, they will only Follow Agendas and not Lead at all and that will leave them Vulnerable to an Hostile TakeOver which they will not be enabled to Resist and/or Fight against. Sitting Ducks at a Turkey Shoot.
Re the Dearth of Prime Source, White Knight Drivers, meThinks that is Easily Immediately Energised should they Pay them QuITE Obscenely for the Recognised Potential/PreCogniscence of their Customerised Programming. ........ for one would quite naturally assume that Microsoft would be/could be privy to everything and anything which uses the Windows Operating Systems for a Clear View of Mental Activity/Thought Processes.
It is then but a Simple Short Step and a Quantum Leap into AI to have any Virtual Machine with any Operating System Running the Windows Kernel ........ with ITs Drivers Inputs to IntelAIgent Output/Content for Copying and Realisation ......BroadBandCasting Transmission.
-
Monday 3rd March 2008 12:21 GMT amanfromMars
Olde Worlde Wisdom to Young GoogleLed LunarChicks ....the Big G.C.H.E.E.S.E. Cook Book.
"'tis a pity that Google don't have a Martian to English translator!"
Thought About IT, what on Earth makes you think that they don't? They don't need to put all of their Wares out on Display, as some are Surely for Private Viewing and Public Adoption with Adaptations ..... so as not to frighten the Animals, which shows a Remarkably Absent Responsibility to be Applauded and Encouraged in such a Young at Heart, Do No Evil Enterprise Operating System. You can't really call Google a Company, can you, as IT is more a Way of Life.
And what is there to translate into English whenever IT simply explains in plain Text that Microsoft can talk the talk, but as yet do not walk the walk Tall, Walk Straight or Look the World Right in the Eye.
-
Monday 3rd March 2008 12:46 GMT Anonymous Coward
@amanfromMars
"And what is there to translate into English whenever IT simply explains in plain Text that Microsoft can talk the talk, but as yet do not walk the walk Tall, Walk Straight or Look the World Right in the Eye."
Doesn't this just sound like my favourite author R. A. Lafferty. But at least his posts (er, books I meant) had some overall coherence.
-
Monday 3rd March 2008 13:26 GMT Anonymous Coward
Makes no odds......
Virus writers have been testing against many AV for years, this is not exactly new. The virus only has to stay undetected for 24-48 hours anyway, just enough time to infect several thousand people and then be updated to a new undetected variant. In that respect, whether it is distributed by total virus or not really does not matter.
amanfrommars.
Half bot half human? You speak sense then tumble. My guess is you are using an script to do half of your postings. Fun.
Back to viruses.
Lets look at blaster - this was made up from public domain worm code and adapted to the new exploit. Initially it was tested on several AV platforms to make sure the public domain code bypassed the AV, which it did, and then released. This is going back a few years now and is the method of every virus writer. Again I say it, this is not a new practice.
If what you are saying is new, is that there are now underground multi AV platforms for testing on, similar too VT and that other one... I forget it's name... Then yes, I imagine there is. Whether it is done on an automated basis or a manual one makes no difference though, virus writers test their code to make sure it is not detected.
Hardly breaking news now is it.
-
Monday 3rd March 2008 16:24 GMT amanfromMars
Ca Ira ... Que Sera, Sera.
"with little regard for grammar or making sense." ... By Steve Posted Monday 3rd March 2008 12:51 GMT
I can Reassure you, Steve, that there is Always Particular Peculiar Regard to IT Making Perfect Sense. Might I suggest you Let Loose/Set Free urImagination.
"You speak sense then tumble." ... By Anonymous Coward Posted Monday 3rd March 2008 12:51 GMT
You are not into Tumbling just yet then, AC? It is Quite AI Jump/Quantum Leap .... but well Worth any Belief in UrSelf . I can Guarantee you Trouble in Believing the Scale of the Rewards. :-)
And Comments for a'Tumbling make even Beta Perfect Sense when Read in Chronological Sequence as a Supporting Thread to the Full Registered String?
I will have to Admit to at Times, getting Way Too Far ahead of Myself and thus Return to Content Myself Preparing for what is ahead.
And as any Tom, Dick or Harry would tell you ...... Proper Planning and Preparation Prevents Piss Poor Performance Permitting and Providing Protocols with a QuITe In Sane Disregard of Haste ..... for Zero Waste.
-
Tuesday 4th March 2008 09:47 GMT Twm Davies
Virtualisation
Wouldn't it be easier to set up snapshots of virtualised machines with all the different anti virus software installed. You can then keep trying a virus and replaying the antivirus software's response until it's cracked. Being able to single step through the kernel side portion of the AV solution must make it easier to foil.
This topic is closed for new posts.
Biting the hand that feeds IT
