|
|
Log in / Subscribe / Register

Requirements

Requirements

Posted Aug 6, 2008 22:57 UTC (Wed) by nix (subscriber, #2304)
In reply to: Requirements by smitty_one_each
Parent article: The TALPA molehill 

The problem is `AV vendors want to keep using DOS-style antivirus scanners 
with their guaranteed revenue stream'...

(note the absence of actual *security* anywhere in there.)

to post comments

Requirements

Posted Aug 7, 2008 13:50 UTC (Thu) by kirkengaard (guest, #15022) [Link] 

More to the point, they have a threat model formed by the vulnerabilities of said OS
ecosystem, and have successfully used it for so long that it's corrupted their thinking.  So,
"AV vendors want to keep operating under DOS-style threat-mitigation heuristics and
methodologies, which for so long have proven functional."  Their business (and profit) is
based on being functional, and not being allowed to simply apply their business methods in a
given case threatens that.  Cf. the Vista flack over kernel hooks.

The sin of not realizing that the game changes based on the terrain on which it is played.
Not being able to properly conceive of the game with fundamentally different conditions.  Like
using massed-troop methods against guerrillas, short-supply-chain logistics to invade Russia,
or cold-war anti-state information methods against terrorist groups.  Determine the problem as
a member of an already-acknowledged class into which it doesn't properly fit, and the
solutions do not properly fit.  It's an abstraction error.

Or, more simply, the old saw: "don't attribute to malice what is adequately explained by
stupidity."


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds