 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
This has come up at work, and it occurs to me that the linux gang might have some good suggestions. The idea is, you've got a product that includes a bunch of tools to check for viruses and other such baddies, and you'd like to give evidence that it works, and isn't just a way of conning money out of worried customers. What you obviously need is a library of known viruses, preferably one or two of each major type. You turn on the checking software, and then run some (expect) scripts that attempt to download them. You've run them all through sum(1) beforehand, perhaps, so that you can verify that they didn't download correctly. Sounds like it should be easy; you just go out to the Net and ask a few search engines for sites with lots of virus info. You do that, go check them out, and discover that, while lots of people have collected information (good or bad) about the little beasties, nobody seems to have the actual code sitting there. When you inquire, it quickly becomes obvious that they think you're a budding hacker intent on getting some good samples as the starting point of more little monsters. After a few weeks of looking, you have managed to get your hands on one or two, but nothing that would impress even the most clueless customer. Any good suggestions? It seems like linus would be a pretty good sort of system for providing such a library. Has anyone done it? Is there some industry-standard way of building such a useful test library? Myself, I don't think I'd trust a salesman who tried to sell me any sort of anti-virus software without a few good samples to demo the product's effectiveness. Though, come to think of it, I probably wouldn't want to get the viruses from the same source. An independent repository would be much more believable. - Subcription/unsubscription/info requests: send e-mail with "subscribe", "unsubscribe", or "info" on the first line of the message body to discuss-request at blu.org (Subject line is ignored).
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
