A Steganography sample malware

[edgewalker]

I very rarely post to say nothing other than "I agree" but in this
case I feel so strongly about the on-demand scanning issue that
it's _really_ nice to see someone post a opinion I agree with. It's
a good thing that I'm not in charge of a av scanner comparative
test agency since I'd be flunking products left and right for not
alerting on the froggies

This is why AV gets so bloated with superflouos features. I'm sure e-mail
scanning (coming and going) was adopted because users actually wanted
AV to do this and would gravitate to those offerings that do and the ones
that don't will lose marketshare.

That doesn't make that feature any less useless.

Scan all files for simple (and not so simple) encryption techniques,with
and without steganographic embedding, on demand if you want to. But
don't you think people will complain about how long it takes to thoroughly
check all files this way?

Why not just look for the malware, and if found look for the data store it
attempts to fetch from. Why waste time with non-threats?

 

[Art]

Why not just look for the malware, and if found look for the data store it
attempts to fetch from. Why waste time with non-threats?

Too risky, that's why. Day Zero malware. It's dumb to not detect known
and simple-to-detect froggies so users can get them off their
machines. You claim they aren't a risk but that's just plain false.
They're a risk as long as they're stored on drives.

Art
http://home.epix.net/~artnpeg