CompTIA Security+ 2008, page 99, Chapter Antivirus Not all AV software is the same. Free AV software that is available for download through the Internet will typically only look for viruses in standard files. However, most commercial AV software will also look for Trojans, worms, macro viruses, and adware in standard files as well as in compressed (.ZIP) files. In which decade are you guys from CompTIA living ? *Any* AV product looks for those malware in all files. Maybe you should update the book 😉
Everybody knows about this acquisition. Now, why did Intel (chip produced) needs a Software Security company ? There are some possible reasons: 1. To enter in a multi-billion market which needs fresh ideas and technologies 2. To produce better security software which makes use of their multi-core processors 3. Both 4. Add AV in the CPU (or on the board) directly(with some help from the “cloud”) 5. Create an AntiVirus Chip -> move from software to hardware (which they know better) Of course, I vote for 3… Both. But also 4 isn’t so bad 😉 Why ? Well, because there is what the so called “Moore’s Law“. And, Intel is preparing for the point when it will stop being valid. So, if they can’t produce better hardware, they would better adapt the software that runs on it so that it works much, much better. Intel is already a major player in the software industry. They produce a lot of good software ranging from drivers and software for the hardware, compilers, code analyzers and integrated development environment. So, what the AV world is missing is software that runs optimized on those cores. We all try to implement our code in such…
Short answer: NO Long answer: a very good one provided by Randy Abrams Thanks for the great article, Randy !
I received a nice email with a very good question from Mehdy Mohajery. It is not the first time I am asked the same question. This time I am documenting the answer I always give. Question: I saw you profile on linkedin.com just tonight , and I noticed that you are specialist in both p2p systems and designing security systems. that encouraged me to ask a question from you. As you know, nowadays a lot of viruses are being distributed via p2p networks like KAD & EDonkey. If an anti virus vendor like avira could provide a plug-in for a major p2p2 client (emule) to detect viruses before downloading by their FileID (MD4 Hash) , then a major part of virus traffic on p2p networks can be eliminated. So why nobody on security industry seems to care about securing p2p networks with this method? should I download every piece of scrap to know if it’s infected? I like to know your opinion about this. Dear Mehdy Mohajery, There are several reasons why nobody adds an AV for the P2P programs: 1. Having in mind the “free of charge” nature of the P2P networks, nobody will pay for an Antivirus program….