C
curious
What does "delta signatures" mean?
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
B
Bill Sanderson
I should let Steve answer this since he actually knows the answer, and I'm
just guessing, which I do rather too much of sometimes:
I believe that in this case "delta" indicates "changed"--i.e. instead of
completely replacing the full definition files, they are "patching" the
files using a process which I would expect will transmit just the change
information (much smaller!), apply the changes to the files in place, and
checksum the result to be certain that the process results in identical
files on each system.
just guessing, which I do rather too much of sometimes:
I believe that in this case "delta" indicates "changed"--i.e. instead of
completely replacing the full definition files, they are "patching" the
files using a process which I would expect will transmit just the change
information (much smaller!), apply the changes to the files in place, and
checksum the result to be certain that the process results in identical
files on each system.
C
curious
Thanks.
That makes a lot of sense. Like in calculus, where delta
or its associate symbol (a triangle) means a small
increment or change.
That makes a lot of sense. Like in calculus, where delta
or its associate symbol (a triangle) means a small
increment or change.
S
Steve Dodson [MSFT]
Delta Patching is only adding the new threats to the old threat list. For
example... if we had 10 threats in build one and needed to add in another 5
threats, we could accomplish this 2 ways.
1) Normal signature release - This way we would re-engineer the whole
package which included all 15 threats.
or
2) Delta patch release - We would take your old signature file and add the
additional 5 threats to it
The advantage of delta patching is that the download does not increase in
size over time. I hope that explains it well. Post back if it does not, and
I may write a blog on it.
--
-steve
Steve Dodson [MSFT]
MCSE, CISSP
PSS Security
--
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
Note: For the benefit of the community-at-large, all responses to this
message are best directed to the newsgroup/thread from which they
originated.
example... if we had 10 threats in build one and needed to add in another 5
threats, we could accomplish this 2 ways.
1) Normal signature release - This way we would re-engineer the whole
package which included all 15 threats.
or
2) Delta patch release - We would take your old signature file and add the
additional 5 threats to it
The advantage of delta patching is that the download does not increase in
size over time. I hope that explains it well. Post back if it does not, and
I may write a blog on it.
--
-steve
Steve Dodson [MSFT]
MCSE, CISSP
PSS Security
--
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
Note: For the benefit of the community-at-large, all responses to this
message are best directed to the newsgroup/thread from which they
originated.
C
curious
Thanks very much, Steve.
You made it very clear. I appreciate that.
You made it very clear. I appreciate that.