Main Area and Open Discussion > General Software Discussion

ironshield antivirus

<< < (2/4) > >>

TaoPhoenix:
Given the kind of results google returns, this seems pretty fishy.

-f0dder (March 18, 2013, 10:02 AM)
--- End quote ---

Sure, I didn't even go that route, I gave him the benefit of the doubt. But sure, in the age of the net, it's far harder for shady characters to play all sides of the fence because it's not like the wild west when you can change states and just re-post your shingle again 5 times. Word gets out.

40hz:
Given the kind of results google returns, this seems pretty fishy.

-f0dder (March 18, 2013, 10:02 AM)
--- End quote ---

Yeah. I just did a goog. And the hits don't instill much confidence. (Who exactly will be developing this?)

What strikes me as interesting is how they can expect to make a commercial AV product out of this if it's based on ClamWin. ClamWin is released under GPLv2 and LGPLv2 so any derivative work would also be subject to the same licenses. Not to say you can't sell something that has a F/OSS license - but it's hard to see where the value-added would come in with something like this. Especially since your source would need to be shared back upon request and would likely just be incorporated back into ClamWin if the claimed benefit really did turn out as advertised.

Dunno. Seems a little weird to me.

Tinman57:
  And if your using Open Source Code, don't that open a channel for hackers to figure out how to bypass it?

40hz:
  And if your using Open Source Code, don't that open a channel for hackers to figure out how to bypass it?
-Tinman57 (March 18, 2013, 08:33 PM)
--- End quote ---

That's part of an interesting debate in the world of computer security.

One school of thought says it would be a bigger risk being open. The other school says that attempting "security through obscurity" is a pipe dream. Because the only real workable security solution is something that can survive an attack despite being completely open and widely understood. It's almost a Darwinian philosophy - as in 'survival of the fittest.'

There appears to be a good bit of practical wisdom in an open approach since malware itself (especially the zero-day variety) depends heavily on obscurity to avoid detection. However, once identified, such threats are quickly analyzed, reverse engineered, and eliminated. Often within hours.

In some respects, when it comes to security (i.e encryption, anti-malware, etc.) the only products you can possibly trust completely are the "open" ones since  'black box' (or "FM" :mrgreen:) security apps can only be deemed as trustworthy as the people who create and distribute them. And there are plenty of bogus security apps out there.

It's a tough call deciding which philosophy is more correct. But so far, the 'open' approach to security seems to afford a greater degree of protection.



One thing for sure - there's no rest for the wicked. Or the "good guys" for that matter. 8)

f0dder:
  And if your using Open Source Code, don't that open a channel for hackers to figure out how to bypass it?-Tinman57 (March 18, 2013, 08:33 PM)
--- End quote ---
It's somewhat easier to hunt for juicy bugs if you've got the source code - but there's some very powerful binary analysis programs available as well (though not to the general public).

At any rate, it's a moot point - both the Windows and Linux kernel have had stuff like 10-year outstanding local privilege escalation exploits, and you can be sure they still both do - just not (publicly) known yet. And closed vs. open doesn't matter that much, since there's serious money in malware these days. If it's there, they will find it.

Linux does have the advantage of getting bugs patched faster once they're found - but there's also been reeeeal oopsies like Debian getting rid of proper SSH randomization because a developer didn't understand Valgrind properly (why does a person like that deal with security-crucial code?)

Navigation

[0] Message Index

[#] Next page

[*] Previous page