Commtouch gulps down Icelandic anti-virus pioneer FRISK FRISK, one of the early pioneers in anti-virus technology, has been acquired by Commtouch. Terms of the deal, announced Wednesday, were undisclosed. Icelandic-based FRISK developed the first versions of its flagship F-Prot anti-virus software in 1989, and claims it was the first firm to develop heuristic (generic) detection of …
On sending early live virus samples discovered where I worked, I had to learn how to use asymmetric cryptography so no-one else could become infected along the transmission route. A skill well worth learning, so it turned out. Even then in the early nineties there were 2 kinds of virus, the kind the scanners could detect and those they couldn't. But the latter sort of virus were relatively easy to prove what they were using a hex editor.
"On sending early live virus samples discovered where I worked, I had to learn how to use asymmetric cryptography so no-one else could become infected along the transmission route..
On systems where OPEN does not equal RUN such steps would be unnecessary and AV software has been known to be ineffective for a long time, even of the 'heuristic` kind. link link
Thanks for the links, but computing security has to work with the systems we've got while attempting to develop the ones we'd like. As these links state, the fact is that too often OPEN can lead to RUN through buffer overflow vulnerabilities. Regardless of the state of systems imperfection - there's also the issue that some nosy fool won't be able to try running something copied out of a buffer somewhere if encrypted, and I'd rather be part of the solution than part of the problem. I may also consider antivirus a weak part of a larger solution . But my server systems built based on a cryptographically-assured software supply chain also happen to transmit wanted stuff through email list hosting sent between people I have no control over, so I'd rather my email list management program is less likely to replicate their viruses as a normal part of its email replication function. So I scan for email viruses regardless of the fact my system is very unlikely to execute them.
If one of my email users sends a virus to many others, my other likely to be infected email users won't readily comprehend the distinction which you and I may understand between:
a. a system which replicates viruses because it's infected by them and
b. one which replicates viruses because it doesn't know the viruses are unwanted communications content when it's designed to replicate wanted messages.
So even though I choose neither to run virus-prone software or untrusted executables myself, I still have to scan for the digital diseases of those who use less secured approaches compared to mine.
Then there's the risk of an email being redirected or misaddressed. So I'd rather send a malware sample encrypted against the published public key of an antivirus company - and nowadays other email admins are likely to prevent the unencrypted virus sample getting through using the technique I've applied. But for a year or so in the very early nineties, I still hadn't yet fully realised that scanning for bad software would so rapidly become so ineffective as a total security approach. It's a small layer in my security for reasons explained above. And I'd prefer it to be less important than it is. But I have to deal with systems which exist as well as those I can influence and control.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
