Well - I tried Google definitions, and didn't find anything, so here's my
take:
A signature is a short exemplar of some sort that is so characteristic of
(whatever) that it can serve as a unique identifier.
You sign checks with a cursive signature because that's a good enough
identifier for the purpose involved.
In the case of viruses or spyware, a signature might be several bits of
information which taken together uniquely identify that bit of malware.
The information that Microsoft Antispyware uses to encompass these
signatures and make practical use of them is called the definitions--these
are updated periodically so that the product stays current, and fixes false
postives--where a definition is insufficiently precise, and identifies
non-malicious code as malware.
Now can somebody with more background in this area than I have talk about
what practical items are actually used as signatures in a product like this
one? MD5 hashes? GUID #'s?
----- Original Message -----
From: "Duffey" <
[email protected]>
Newsgroups: microsoft.private.security.spyware.signatures
Sent: Wednesday, January 19, 2005 7:20 AM
Subject: Signatures?
