- Monday, 9 November 2009
- INQ Mobile
- RSS
The man behind the curtain is turning on the PlanetLab node - Patrick Wizard of Oz Gelsinger
AV software is easy to crack
ANTI-VIRUS software programs are easy for hackers to bypass, making them more or less useless, according to NewsWeek.
Professor George Ledin at Sonoma State University has been teaching students how knock out AV programs with the idea that if kids think like hackers then they can clean up after them.
The students work within a closed network so that they cannot do any harm to the real world.
Ledin has a beef with insecurity outfits like McAfee and Symantec and their $100 consumer products, which he sees as mostly useless. He said that if college students can beat these anti-virus programs, what good are they for the people and businesses spending nearly $5 billion a year on them?
Apparently some AV companies are so miffed with Ledin and his approach they have vowed not to hire his students.
They claim he may have figured out how to beat some older anti-virus techniques, but say they are more than a step ahead of him and the hackers.
Zulfikar Ramzan, the technical director of Symantec's security team said that all the students were doing was writing code that had not appeared on any blacklists.
While virus writers normally use blacklisted code, we presume. µ
L'Inq
Newsweek
Share this:
ShareBusiness Intelligence Software
Customer Relationship Management (CRM)
Enterprise Accounting Software
Enterprise Resource Planning (ERP)
Enterprise Systems Management
10/10 for sheer sarkiness. :)

Closed-source security software is a market for lemons.

http://www.schneier.com/blog/archives/2007/04/a_security_mark.html
"Zulfikar Ramzan, the technical director of Symantec's security team said that all the students were doing was writing code that had not appeared on any blacklists."

And in one succinct statement Ramzan points out the fundamental flaw in all blacklist AV programs -- the blacklist. Jackass.
Norton is a piece of pish. McAfee is not much better. I advise everyone to go with one of the free AV's, at least they don't cost you money, and they are more reliable.

The Professor should approach a Venture Capitalist firm for funding and business management help. He's probably got a great idea that needs patenting, and a young trained work force in his students. They could all be shareholders, work hard and end up rich and fat from this!
I fundamentally disagree with AV software purely on the Black Listing rule.
I believe a single application that infact WHITE LISTED trusted applications to run, and GREY LIST the unknown if you aren't 100% sure (competent computer users only [approx 0.0001% of total users!]) Those that you DO NOT want to run AT ALL can them be BLACK LISTED.
Why oh why are white listed applications not built in to AV software??? Instead they INSIST on scanning every f*ckin file against a list of hundreds of thousands of definitions JUST IN CASE it's the old MSBLASTER virus coming back...pah...education on how to use a computer correctly and don't use KeyGens/Limewiere is better than spending £35 on Norton to wipe 25% of your computer's performance off!