|
Posted by Leythos on August 6, 2006, 7:12 am
If you were Registered and logged in, you could reply and use other advanced thread options
> B. Nice wrote:
> >
> >>> However, there's no reason why Volker's tool should be declared as
> >>> "Security/Privacy Risk", whereas it's more likely the contrary.
> >> It his tool is using the same exploit then it should be detected or the
> >> anti-malware tools are not doing their job. Why is this so hard for you
> >> to understand?
> >
> > Why is it so hard for you to understand that the intention makes all
> > the difference?
> >
> > You are basically saying, that if a malware uses a specific technique
> > for malicious purposes, then every other program using the same
> > technique should also be considered malware.
>
> I'm looking forward to format.exe, cmd.exe and explorer.exe being
> detected by Leythos AntiVirus 1.0
Why would those be detected as malware, they don't access exploits -
they CAN be exploited, and the code that exploits them should be
detected.
It's nice to see that you don't really understand Antivirus software, as
you've clearly shown by your statements above.
Again, slower, so you can understand, it's not a problem with
applications, it a problem with an application tries to access a method
that has been defined as an exploit path. It doesn't matter what
program, as it's been shown to be an exploit path for malware and not a
proper programming path for good programs.
I don't understand why you guys get bent out of shape when a POC that
proves and exploit path is actually detected as malware - the point was
to show that an exploit path exists and it's the exploit path that is
being detected. So, in a way, you should be honored that the POC was
properly detected as code that exploits a hole, as it means you actually
coded the POC properly.
--
spam999free@rrohio.com
remove 999 in order to email me
| 
