Z
Zvi Netiv
Laura Fredericks said:
After a transplant of a sense of humor.
After a transplant of a sense of humor.
K
kurt wismer
Zvi said:After a transplant of a sense of humor.
....says the resident beacon of hilarity...
R
Robert Moir
Laura said:
It isn't all in lower case.
K
kurt wismer
Robert said:
you're right... excellent observation... why didn't i think of that...
4
4Q
Nicky said:
Is there any point me denying it? I think some people still think I'm
Jed Connors or masquerading as Blooven *grin*
Talking of him.. when's he gonna update
the site? Get off your arse and make me laugh Paulie
Nicky
I love it when a woman begs ;]D
Btw atm I'm suffering from the hacker blues.
(I think some quality retail therapy might cheer me up (with stolen
credit cards), or maybe I should just plan the next cyber-terrorist
atrocity, give Rob R. something to write about.
)4Q
S
Stuart Krivis
sara was the one with all lower case. The last time I exchanged
e-mail with her, I think she was working for IBM, and they had
evidently bought her some capital letters. So the author must remain
a mystery.
The funniest person I ever saw was back in the Fido days. Some guy
kept posting these diatribes about "clankworks engines" or something
like that. I don't remember the details, but it consistently had me
rolling on the floor laughing. What was even funnier than what he
posted was that I kept getting the feeling that he was serious....
I've always been interested in the "generic" detection methods. It
seems to me that there are a number of things that viruses do, and
if you can watch for those then you'll be able to detect "all"
viruses. Integrity checkers like Tripwire (or Wolfgang Stiller's
Integrity Master), and some firewall and IDS systems also use some
of these same ideas.
I have a pet conspiracy theory. At one time there were quite a few
companies that were working on "generic" methods of detection. They
were mostly purchased by Symantec and disappeared. Pattern matching
scanners continue to be the commonly sold solution.
Let's say you came up with a product that didn't do pattern matching
and didn't need constant updates. How would you ensure a continuing
revenue stream?
Someone can certainly purchase product X with a 1-year subscription
to the pattern updates and continue using it beyond the year.
However, the product rapidly becomes useless.
You could simply change your business model so that you're only
selling a _license_ to use the product for one year. Then you either
expect people to stop using it if they don't pay for another year,
or you design the software to stop working.
It boils down to the same thing. There are ongoing costs to
producing an AV package and you have to stay one step ahead of the
virus writers. It's perhaps a bit different than producing something
like a word processor.
Now how do you ensure continuing revenue?
There may be a difference in how people perceive buying a license
versus buying a "product." I've heard people express reservations
about buying some software where you're just buying a right to use
it for a limited time period. (Although it actually points out that
much software is really a service that you subscribe to, just like
cable TV or an ISP.)
What I suspect is that companies decided that it is easier to sell
pattern updates than to sell a limited license to use software.
(It's the same thing really, just the perception differs.)
So, all the AV companies made sure that the playing field was level
and they all have the same business model - selling pattern updates.
And that's why you don't see "generic" AV products.
I've always suspected that Zvi had something with his IV product.
Some of what he said makes sense.
And he fits in with my description of the different business models.
He sells only a license to use IV for a time period. It's logical;
you have to do _something_ to keep people paying you.
Zvi is a favorite target for abuse in some people's eyes.
He basically comes right out and says that all other AV products are
junk. That's sure to provoke a fight.
I've tried to question him a bit about details on his product, and
he basically replies that, if you don't already understand it,
you're too stupid to understand it. What can I say? I'm stupid.
On the one side, I have all these vendors that take basically the
same approach. I have to wonder if it's the best approach. It's
widely used, but that's not proof it's the best way.
On the other side, I have an intriguing approach to protection, but
the author is a Personality with a capital P and there's a lot of
arrogance there. It makes this approach less approachable for me.
Part of what you're buying with an AV package (or any security
product or service) is comfort or peace of mind. All those updates
being downloaded may make people feel better. "They're doing
something." The way the company treats you is also part of it. Zvi
doesn't make me feel comfortable.
I also wonder about the effectiveness of pattern matching in terms
of it's being a reactive process. A virus writer comes up with
something new and you react to that with an update. There's a lot of
wasted motion there. (This is true of many IDS systems too, as well
as some anti-spam products.) Perhaps a more generic approach would
break the cycle and work better. (Bayesian anti-spam filtering is an
example of a more generic approach. Sender authorization like SPF is
also more generic.)
Ok, so I've basically said that the majority of the AV vendors are
crooks and scamming everyone. I've also said that Zvi is an arrogant
SOB. Can I be the official clown now?
Just to bring things back to reality, the mainstream AV packages
really have helped a lot of people. They do work. They also fit in
well with general security "best practices." That's worth something.
Zvi has also helped a lot of people over the years. I'm sure his
product has helped people, but I'm thinking more of all the times
I've seen him respond to someone who had a virus infection or other
problem and give them advice on how to fix it.
O
optikl
Stuart said:
Well...if it were me, I'd concentrate on going after market share. I'd
suspect, if one could get a steady stream of converts, there would
probably be several years of growth to look at before things plateaued.
After that, who knows? Maybe Symantec makes you a multi-millionaire
.Those are unnecessary business alternatives. Assuming you had a killer
product.
It boils down to the same thing. There are ongoing costs to
producing an AV package and you have to stay one step ahead of the
virus writers. It's perhaps a bit different than producing something
like a word processor.
Now how do you ensure continuing revenue?
See above. You obviously assume that the window of opportunity closes as
fast as it opens. I'm having trouble seeing that.
K
kurt wismer
Stuart said:
yes, and if you ever read her explanation of that you'd know that there
are a lot more where she came from...
[snip]
his name is dale f. beaudoin... like sarah gordon and rod fewster and
countless others he has been immortalized in viral form
(http://tinyurl.com/4pwyk)...
I don't remember the details, but it consistently had me
rolling on the floor laughing. What was even funnier than what he
posted was that I kept getting the feeling that he was serious....
he was serious... he was a serious pretender to knowledge... and not
just when it came to computer viruses... i discovered him making
earth'quack' predictions in a general science related echo some years
later...
not me... i've only been interested in them since zvi introduced me to
the concept...
and of course those were just the tip of the iceberg...
indeed... i read an interesting article from bruce schneier's
cryptogram blog today about real security needing human intelligence in
the mix... applying this here, known virus scanning obviously tries to
take the human intelligence out of the user side environment (by
packaging as much knowledge about viruses as possible in an automated
form) but in so doing fail to catch many newly emerging threats...
generics have the potential to be much better at detecting the newly
emerging threats but that potential cannot be fully realized without an
intelligent operator applying and maintaining those generics...
the business types will tell you that if you want a successful company
you should probably go where the money is... and since the masses tend
to follow the path of least resistance (aka the path of least
interaction/thought/etc - they just want to get on with their *real*
work, after all) it's not hard to understand why the big names put so
much more focus on known virus scanning....
Let's say you came up with a product that didn't do pattern matching
and didn't need constant updates. How would you ensure a continuing
revenue stream?
Someone can certainly purchase product X with a 1-year subscription
to the pattern updates and continue using it beyond the year.
However, the product rapidly becomes useless.
You could simply change your business model so that you're only
selling a _license_ to use the product for one year. Then you either
expect people to stop using it if they don't pay for another year,
or you design the software to stop working.
It boils down to the same thing. There are ongoing costs to
producing an AV package and you have to stay one step ahead of the
virus writers. It's perhaps a bit different than producing something
like a word processor.
Now how do you ensure continuing revenue?
if you develop a product that doesn't need updating, why do you need a
continuing revenue? one big lump sum should be enough... then you
retire to a nice island with all the expected amenities... or you find
some other problem to solve... or both...
[snip]
i think it's more likely that the companies decided that it was easier
to sell a product that (seemingly) required less thought on the part of
the user...
people want to 'install and forget'... never mind the fact that
companies who sell to that mindset are snake-oil salesmen...
there have been and continue to be a number of generic av products...
they just aren't as mainstream...
[snip]
^^
i think you mean "was"...
yes, well when you proclaim there's only one way to skin a cat there's
bound to be people who disagree...
however, in the years following the big wars in fido over this he has
pointed people with immediate problems towards 'conventional' products
on numerous occasions...
[snip]
Ok, so I've basically said that the majority of the AV vendors are
crooks and scamming everyone. I've also said that Zvi is an arrogant
SOB. Can I be the official clown now?
no... we lost our clown maker some time ago... we no longer have that
quality feedback mechanism...
indeed... and he does it in multiple languages too... those acts make
me say (internally of course) hurray for zvi...
Z
Zvi Netiv
Hello Stuart! Glad to see that you are well and kicking!
The only such case that I remember is the sell out of Fifth Generation, and
their "Untouchable" generic product, that Symantec killed and buried.
Untouchable (conceived and patented by four Israeli that formed BRM, and later
on funded what became "CheckPoint") was able to restore binary objects with
incredibly severe alterations, from a relatively small integrity database. If
Symantec hadn't killed that product, then its algorithm could be the perfect
solution for restoring from all PE infections, based on an integrity database of
reasonable size (there exists no such solution for PE objects, at this time!
InVircible will do that for 16 bit binaries, but not for 32 bit ones, only alert
on *viral* alteration, without restoring).
[...]
I didn't make such extreme claims, although many pretend that I did. Who says I
did simply recycles others' opinions, without checking the source. My declared
position toward AV scanners always was, and still is, that they have their value
as offline tools and second line of defense. Especially of value are self
contained cleaning tools, such as Stinger and Trend Micro's Sysclean.
As to provoking, I prefer seeing it as challenging for a debate. Unfortunately,
some primitive minds misinterpreted my challenging as a personal attack and
started a fight. ;-) For such an example see the thread that follows article
You got the wrong impression since I don't think of users that way. I admit
that the understanding and use of my product requires more from the users than
the use of conventional AV. Yet if you check the NG archives you'll see that I
never evaded explaining the internals of my product, when asked. In my posts, I
took care of simplifying and abstracting my explanations to the level that even
laymen could understand what I am talking about. Why would I do that effort if
I thought that low of users? You are also invited to browse the knowledge base
on www.invircible.com. I assure you that you will learn a lot about the product
internals an working, as well as on general techniques and methods in dealing
with malware. If really interested in my product's internals and working, then
it could be worth reading the white paper at
http://invircible.com/papers/IV4Enterprise.pdf
[...]
Why is there need to choose between the two approaches and mutually exclude the
other one? Why not use both, each one to the best of it's capabilities? You
could use InVircible (my apologies for mentioning just IV, but there is no other
product for the moment that would fit that role) as your first line of defense,
and conventional AV to resolve localized problems, which mainstream AV do best.
The benefits of the above strategy are best performance on detection and
alerting, without depending on critical updates, and with the smallest impact on
computer resources and applications' performance. The above scheme also leaves
you total freedom to choose the best AV solutions for your particular problem,
without binding yourself to any specific AV product. Real life proves that no
particular AV product always was the best solution, to any particular malware,
if at all. Then why get stuck with anything less than the best?
Regards, Zvi
The only such case that I remember is the sell out of Fifth Generation, and
their "Untouchable" generic product, that Symantec killed and buried.
Untouchable (conceived and patented by four Israeli that formed BRM, and later
on funded what became "CheckPoint") was able to restore binary objects with
incredibly severe alterations, from a relatively small integrity database. If
Symantec hadn't killed that product, then its algorithm could be the perfect
solution for restoring from all PE infections, based on an integrity database of
reasonable size (there exists no such solution for PE objects, at this time!
InVircible will do that for 16 bit binaries, but not for 32 bit ones, only alert
on *viral* alteration, without restoring).
[...]
I didn't make such extreme claims, although many pretend that I did. Who says I
did simply recycles others' opinions, without checking the source. My declared
position toward AV scanners always was, and still is, that they have their value
as offline tools and second line of defense. Especially of value are self
contained cleaning tools, such as Stinger and Trend Micro's Sysclean.
As to provoking, I prefer seeing it as challenging for a debate. Unfortunately,
some primitive minds misinterpreted my challenging as a personal attack and
started a fight. ;-) For such an example see the thread that follows article
I've tried to question him a bit about details on his product, and
he basically replies that, if you don't already understand it,
you're too stupid to understand it. What can I say? I'm stupid.
You got the wrong impression since I don't think of users that way. I admit
that the understanding and use of my product requires more from the users than
the use of conventional AV. Yet if you check the NG archives you'll see that I
never evaded explaining the internals of my product, when asked. In my posts, I
took care of simplifying and abstracting my explanations to the level that even
laymen could understand what I am talking about. Why would I do that effort if
I thought that low of users? You are also invited to browse the knowledge base
on www.invircible.com. I assure you that you will learn a lot about the product
internals an working, as well as on general techniques and methods in dealing
with malware. If really interested in my product's internals and working, then
it could be worth reading the white paper at
http://invircible.com/papers/IV4Enterprise.pdf
[...]
Why is there need to choose between the two approaches and mutually exclude the
other one? Why not use both, each one to the best of it's capabilities? You
could use InVircible (my apologies for mentioning just IV, but there is no other
product for the moment that would fit that role) as your first line of defense,
and conventional AV to resolve localized problems, which mainstream AV do best.
The benefits of the above strategy are best performance on detection and
alerting, without depending on critical updates, and with the smallest impact on
computer resources and applications' performance. The above scheme also leaves
you total freedom to choose the best AV solutions for your particular problem,
without binding yourself to any specific AV product. Real life proves that no
particular AV product always was the best solution, to any particular malware,
if at all. Then why get stuck with anything less than the best?
Regards, Zvi
S
Stuart Krivis
["Followup-To:" header set to alt.comp.anti-virus.]
I think I did, but it's been a long time.
Thanks for the reference.
I exaggerated. I've been interested in generic methods since my PC
DOS days (I'm a newbie, I became interested in computers with the
Apple ][). It just seems like "always."
Zvi certainly had an influence on me, but there were other people
and companies working on similar concepts. It was an approach that
"clicked" for me because it seemed the right way to do things.
I agree.
Much of our lives involves this concept of packaging intelligence.
I know fairly well how a television set works, but I don't have the
skills and knowledge needed to design and produce one. I rely on
others to build that intelligence into a product that I then buy.
I have to treat a television set as a "black box" and judge which
one to buy based upon the output (best picture, etc.) I might even
rely upon the results of testing (like Consumers Reports), but even
they treat the TVs under test as black boxes - they just use more
involved testing methods than I can.
The same goes for computers and the associated software.
I don't really believe that all the AV people got together in some
back room and decided what direction the industry will go in. In
fact, given my (admittedly limited) knowledge of the personalities
involved, I can't see that such a cabal would last more than a
couple of minutes.
However, it is interesting to observe that there _is_ consensus on
selling known virus scanners.
I also find it interesting that so many smaller companies (some of
which used generic methods) disappeared into Symantec. There were
likely sound business reasons for Symantec acquiring so many other
companies, and it didn't involve the technology; just the sales and
market share.
Some are, and know it. It's likely that ome truly believe that they
can package all the intelligence needed and remove the need for the
consumer to think.
I just noticed yesterday that Panda is now pushing TruPrevent, and
that seems to be more generic than their other products.
Can you give me a list of other generic av products? I'd be
interested in taking a look at them.
I once said it in public and Rod accused me of being one of Zvi's
lackeys or alter egos, then threatened bodily damage.
I think I did, but it's been a long time.
Thanks for the reference.
I exaggerated. I've been interested in generic methods since my PC
DOS days (I'm a newbie, I became interested in computers with the
Apple ][). It just seems like "always."
Zvi certainly had an influence on me, but there were other people
and companies working on similar concepts. It was an approach that
"clicked" for me because it seemed the right way to do things.
I agree.
Much of our lives involves this concept of packaging intelligence.
I know fairly well how a television set works, but I don't have the
skills and knowledge needed to design and produce one. I rely on
others to build that intelligence into a product that I then buy.
I have to treat a television set as a "black box" and judge which
one to buy based upon the output (best picture, etc.) I might even
rely upon the results of testing (like Consumers Reports), but even
they treat the TVs under test as black boxes - they just use more
involved testing methods than I can.
The same goes for computers and the associated software.
I don't really believe that all the AV people got together in some
back room and decided what direction the industry will go in. In
fact, given my (admittedly limited) knowledge of the personalities
involved, I can't see that such a cabal would last more than a
couple of minutes.
However, it is interesting to observe that there _is_ consensus on
selling known virus scanners.
I also find it interesting that so many smaller companies (some of
which used generic methods) disappeared into Symantec. There were
likely sound business reasons for Symantec acquiring so many other
companies, and it didn't involve the technology; just the sales and
market share.
Some are, and know it. It's likely that ome truly believe that they
can package all the intelligence needed and remove the need for the
consumer to think.
I just noticed yesterday that Panda is now pushing TruPrevent, and
that seems to be more generic than their other products.
Can you give me a list of other generic av products? I'd be
interested in taking a look at them.
I once said it in public and Rod accused me of being one of Zvi's
lackeys or alter egos, then threatened bodily damage.
K
kurt wismer
Zvi said:
i believe your claims were to the effect that 'most viruses are
encountered in an active state' and 'known virus scanners fail
miserably under such real world conditions'... means pretty much the
same thing as 'they're all junk'...
second line? that doesn't make much sense... i would think that the
first defensive measure an enemy is supposed to encounter is called the
first line of defense... known virus scanning is exactly that when in
comes to the scenario of intentionally introducing new materials into
the system...
if, on the other hand, we're talking about malware that gets onto a
computer system under it's own power (like, say, blaster) then the
first line should probably be a gateway firewall...
but maybe i'm wrong about the meaning of 'first/second/last line of
defense'...
[snip]
unfortunately that just doesn't ring true, zvi... my first words on the
issue were that both your approach and known virus scanning had both
strengths and weaknesses, neither was a panacea, and that using them
together would be stronger than either one separately... and you
responded by basically telling me i was stupid...
and that was just my first encounter with you...
[snip]
maybe it's not 'users'... maybe it's people who ask the wrong kinds of
questions...
that's true, but you have previously said that your product was of the
"install and forget" variety... not often, but on at least one occasion...
[snip]
ah, the good ol' multi-layered approach... definitely the best, can't
argue with you there...
K
kurt wismer
Stuart said:
i believe it had to do with coming from a case insensitive background...
at any rate, she's obviously not the only person with whom 'all lower
case' has become associated...
[snip]
Thanks for the reference.
you're welcome... now please don't make me remember anything more about
him... he's almost as bad as he who cannot be mentioned...
I exaggerated. I've been interested in generic methods since my PC
DOS days (I'm a newbie, I became interested in computers with the
Apple ][). It just seems like "always."
Zvi certainly had an influence on me, but there were other people
and companies working on similar concepts. It was an approach that
"clicked" for me because it seemed the right way to do things.
yeah, at the time i seem to recall wolfgang stiller and dmitri mostovoy
both had more conventional integrity checkers that demonstrated the
basic concept more plainly... not to mention tbav...
[snip]
either way, it doesn't serve the users' needs (their wants perhaps, but
that's a different story)...
a list? heck no... i can't even give you a list of scanners... i do
know that integrity master and adinf are still around...
I once said it in public and Rod accused me of being one of Zvi's
lackeys or alter egos, then threatened bodily damage.
yeah, i gather he has a bit of a reputation for being a hardass... i
never really noticed it too much myself, though...
S
Sammi More
Zvi Netiv said:Hello Stuart! Glad to see that you are well and kicking!
The only such case that I remember is the sell out of Fifth Generation, and
their "Untouchable" generic product, that Symantec killed and buried.
Untouchable (conceived and patented by four Israeli that formed BRM, and later
on funded what became "CheckPoint") was able to restore binary objects with
incredibly severe alterations, from a relatively small integrity database. If
Symantec hadn't killed that product, then its algorithm could be the perfect
solution for restoring from all PE infections, based on an integrity database of
reasonable size (there exists no such solution for PE objects, at this time!
InVircible will do that for 16 bit binaries, but not for 32 bit ones, only alert
on *viral* alteration, without restoring).
That's not true. I know of an old application, written several years
back which does restore infected PE executables; as well as os2 and
msdos executables. It was written by your old friend, Raid I do
believe. ToadAV As he called it. Development never was finished, it
lacks a nice interface like your applications; but unlike your
"restoration" programs, it actually does work. It's database of
integrity allowed it to restore from most overwriting based viruses as
well; So long as you had the history of the file before damage
occured.
You shouldn't mislead people as you do, so often, Sir.
Z
Zvi Netiv
Rubbish. ToadAV was a pathetic attempt of your friend, Raid (a virus writer) to
demonstrate that he could write something similar to the IV integrity restorer.
ToadAV only dealt with 16 bit executables and it failed miserably when tested.
Read about in article
http://groups.google.com/groups?&[email protected] and
the thread.
Can you provide reference to substantiate your claim? I doubt it.
S
Stuart Krivis
Wolfgang had a lot to say that was relevant. I can readily say that
I owe a debt to his work.
I was surprised at the intensity of his response. It was a bit
shocking, though perhaps that's what he intended.
S
Stuart Krivis
["Followup-To:" header set to alt.comp.anti-virus.]
They also evidently acquired and buried Certus. I know a couple of
people who worked there and were upset with how things were handled.
I think there were others, but I can't point out examples. (It's
simply been too long since I thought about it.
Untouchable was a really nice product, and I used it as long as it
was around.
Checkpoint is certainly a company I fully respect. They've done a
lot of things that are right.
I have received a strong impression that standard AV scanners are
not useful as a primary line of defense. In other words, they don't
work as claimed.
I don't ever remember you provoking a fight as such. However, many
people have a lot invested in known virus scanning, and they're
going to jump to defend their approach. I apologize if I made it
seem like you were the aggressor here.
I think we just have to differ on this one. I have felt like I was
asking valid questions and was brushed off. Perhaps it's due to the
impersonal nature of e-mail.
They also evidently acquired and buried Certus. I know a couple of
people who worked there and were upset with how things were handled.
I think there were others, but I can't point out examples. (It's
simply been too long since I thought about it.
Untouchable was a really nice product, and I used it as long as it
was around.
Checkpoint is certainly a company I fully respect. They've done a
lot of things that are right.
I have received a strong impression that standard AV scanners are
not useful as a primary line of defense. In other words, they don't
work as claimed.
I don't ever remember you provoking a fight as such. However, many
people have a lot invested in known virus scanning, and they're
going to jump to defend their approach. I apologize if I made it
seem like you were the aggressor here.
I think we just have to differ on this one. I have felt like I was
asking valid questions and was brushed off. Perhaps it's due to the
impersonal nature of e-mail.
S
Stuart Krivis
["Followup-To:" header set to alt.comp.anti-virus.]
Ok, so we've got two time periods here. Immediate is the time
between the release of a new threat and the response of the known
virus scanner companies.
Normal is the time after there is an effective response from the
known virus scanner companies.
Many of the known virus scanner companies tell us that we shouldn't
worry about the immediate time period. Their response is fast enough
to cover us.
That may be true in most circumstances, but it certainly leaves me
with a bad feeling. I can get hit and destroyed while they're still
preparing a response. I'm not getting warm fuzzy feelings here.
Zvi tells us that the immediate time period is the most important.
In fact, if I'm interpreting correctly, he relies on the known virus
scanner companies to do the heavy lifting during the "normal" time
period.
Neither approach is optimal. The known virus scanner companies gloss
over the immediate threat.
Zvi requires us to support both him and the known virus scanner
companies. (I can hardly expect to rely on a known virus scanner
during the "normal" time period if I don't financially support
them.)
Am I wrong to want a complete solution?
Ok, so we've got two time periods here. Immediate is the time
between the release of a new threat and the response of the known
virus scanner companies.
Normal is the time after there is an effective response from the
known virus scanner companies.
Many of the known virus scanner companies tell us that we shouldn't
worry about the immediate time period. Their response is fast enough
to cover us.
That may be true in most circumstances, but it certainly leaves me
with a bad feeling. I can get hit and destroyed while they're still
preparing a response. I'm not getting warm fuzzy feelings here.
Zvi tells us that the immediate time period is the most important.
In fact, if I'm interpreting correctly, he relies on the known virus
scanner companies to do the heavy lifting during the "normal" time
period.
Neither approach is optimal. The known virus scanner companies gloss
over the immediate threat.
Zvi requires us to support both him and the known virus scanner
companies. (I can hardly expect to rely on a known virus scanner
during the "normal" time period if I don't financially support
them.)
Am I wrong to want a complete solution?
S
Sammi More
Zvi Netiv said:
A pathetic attempt was it? Indeed. It did however, work.
That's not true; ToadAV was entirely blind as to the internal
structure of the file in question. Or did you not know that? It was a
very generic file restoration tool. Nothing more, Nothing less; In
fact, it was designed very similiar to yours; only it held more data
in it's checksum files then your product.
I was lurking when this occured; And as later is said in the thread,
Randy didn't read the directions; He specified for ToadAV to check
every single file; and naturally, ToadAV overwrote some of it's own
files. If you had a toad.com and a toad.exe in the first directory,
but you specified toad*.* or *.*, only history for one would have been
saved; Randy knew this. As Was later discovered, Randy didn't read the
instructions. Thanks for pointing that out, too.
I make certain to read instructions for software. Others should too.
I have it's source code, Would that suffice? I can post it, I don't
require permission; It's an abandoned program from yesteryear.
S
Sammi More
Zvi Netiv said:
After much researching; Robert Greene later admitted he didn't use the
program as it was intended, and as was mentioned in the documentation;
The results he got were expected. I do indeed blame Raid for the poor
GUI design. The GUI doesn't help, and can lead to data loss; But if
you use it correctly, your files are not harmed. As for ToadAV being
restricted to 16bit files, it isn't. ToadAV isn't aware of the file
your working with, it only sees raw data. As was mentioned in a
previous post sir, I will provide full source code for peer review.
I'm not a programmer, but even I can follow what's going on inside the
program. I have it's source code here someplace on a floppy disk. We
can also do a simple test if you'd like. Perhaps even invite some
patrons here.
What led you to believe ToadAV was for 16bit programs? I see no
specifc limitation in the instructions; In fact, it claims full
dos/windows compatability. And I've tested this with a few programs
and a hex editor. I mangle them, then let ToadAV restore them; then
compare the "restored" file to a known good backup. Surprise surprise,
identical files; even date and time stamp is the same...
I suppose I should lurk, but you make it difficult sometimes. You
outright lie and mislead people when there is clearly no gain in this
case to do so. ToadAV cannot take the place of your products as a
whole. And I did not imply that it could, yet you deliberately mislead
people concerning what it can and cannot do; and quote a partial
review of the program when you already knew the outcome was Robert
Greene did not follow the instructions in the program. He did not
specify *.com or *.exe, but *.* and was surprised when some data loss
occured.
If it's your intention to rehash history Mr Zvi, Please understand,
that aside from new comers here; We all know how it ended.
R
Robert Green
Sammi More said:
"Green" not "Greene."
It really depends on whether you are talking about the recovery algorithm,
which did work in the cases I tested after accounting for the quirks and
screwups (I only tested MZ exes and COMs infected with simple appenders), or
the ToadAV program, which was so buggy and ill-designed as to be all but
non-functional.
Probably Raid could have made a useful utility if he'd kept at it, but I
imagine he was primarily interested in proving some point or other (I forget
what it was) and found little chores like writing a useful interface too
tedious to bother with.
Bob