A recent Newsweek article discusses a Sonoma State University course in virus writing. The magazine story sensationalizes the course's impact, even going so far as to describe the course professor as "the guy who gave away the secrets to the Internet's bomb."
Huh?
The article then goes on to describe Ledin's syllabus as a "partly veiled attack on McAfee, Symantec, and their ilk, whose $100 consumer products he sees as mostly useless". Allegedly, Ledin also believes the antivirus vendors have some "hold over antivirus technology".
Huh? and Huh?
Here's the reality: signature-based antivirus scanners detect known viruses. There's no deeply kept secret about this, it's well known, established fact. So trying to "prove" this through a virus writing course is a bit like a sailing course designed to prove the world isn't flat. Yeah, we know already.
As for signature scanners being 'mostly useless' because they don't reliably stop never before seen malware, I suppose we should do away with law enforcement because they can only investigate after a crime has been committed? I'd rather detect the vast majority of threats than none at all. But the real chuckle comes over the alleged "hold over antivirus technology" the vendors' supposedly possess. Is that why there are hundreds of signature-based scanners, behavior analyzers, HIPS, VM solutions, and others flooding the market? Is that why there are industry conferences where antivirus researchers routinely openly publish and discuss the methods they've found successful? Is that why there are so many free antivirus scanners, removal tools and rootkit detectors offered by these vendors?
Perhaps I'm peeved most by the virus writing class because I'm currently funding my own son's college education. Knowing firsthand just how expensive that is, it's hard to fathom his being tricked into taking a class which not only offers no scientific value, but is also so grounded in baseless justifications.
Signature-based antivirus isn't perfect. It's not a panacea for all the security woes that befall us. But it is a critical component of any defense arsenal and one that deserves a bit more respect. Indeed, for the vast majority of users who don't have a degree in computer science, it's the most accessible and affordable protection they can get.
Tidak ada komentar:
Posting Komentar