Jump to content

Recommended Posts

Kaspersky has just passed 300000 signature records in their extended set! Congratulations to all that are hard working in the lab :D

Edited by saso

Share this post


Link to post
Kaspersky has just passed 300000 signature records in their extended set. Congratulations to all hard working in the lab! :D

On the other hand: a sad day as well, especially since it doesn't seem like this is going to end anytime soon... ;)

 

Paul

Share this post


Link to post
On the other hand: a sad day as well, especially since it doesn't seem like this is going to end anytime soon... ;)

 

Paul

 

True, it is even getting much worse. It was 12.06.2006 (not even a year has passed) when they went over 200000 and note that it took more then a decade to do that. I think it pretty much shows todays situation with malware.

Edited by saso

Share this post


Link to post

Thats true, but due to the effectiveness of the Kaspersky signatures they "only" need 300000 to do better than that some need 600000-750000 to do!

Share this post


Link to post

The question is, how far can we keep going with signatures? Kasperski is already working 24/24, 7 days a week.

Share this post


Link to post
The question is, how far can we keep going with signatures? Kasperski is already working 24/24, 7 days a week.

Actually IMO, the question is can we do without signaturebased programs...........................................and the answer is........NO, not yet, it will take a lot of thinking by clever people to get rid of signatures in the near future.

 

Yes, there are heuristics, yes, there are behavior blockers etc etc, but a replacement will have to be something even Joe Clueless will be able to operate without having to do all the interpretation of warnings.

 

So signatures will be around for some time. :)

Share this post


Link to post

So many allready?

There are far more malware around. The signatures are very strong

Share this post


Link to post

let's hope the Kaspersky Team still goes strong in the future :)

 

I wonder how long will it take to get to 400 000 sigs :)

Share this post


Link to post
let's hope the Kaspersky Team still goes strong in the future :)

 

I wonder how long will it take to get to 400 000 sigs :)

I'm affraid not too long. I'm affraid that the wacko malware script writers will be writing more and more

Share this post


Link to post

The more money there is to be made, the more malware will be produced.

 

Sad but true.

Share this post


Link to post
Actually IMO, the question is can we do without signaturebased programs...........................................and the answer is........NO, not yet, it will  take a lot of thinking by clever people to get rid of signatures in the near future.

 

Yes, there are heuristics, yes, there are behavior blockers etc etc, but a replacement will have to be something even Joe Clueless will be able to operate without having to do all the interpretation of warnings.

 

So signatures will be around for some time.  :)

Actually, to me the most useful aspect of an AV app is as a filter for email/ftp binary content. I could get by without all of the real-time features, and still find an AV solution useful.

 

I never download any binary content, email or FTP, from anywhere but known sources. But when it comes to such sources, particularly email, there is no such thing as a trusted source. And so even many of those who don't find real-time AV protection useful can see the benefit of using an AV app similar to an Anti-Spam utility. As a filter.

 

And so, when one of my friends, family or colleagues sends me a binary email attachment, I want to scan it, slow and deep, with the best AV engine using the most complete set of signatures to date. And that means KAV. By the time I get the attachment, it has been circulating for a while and should have been added to the databases. For such a use (filter), IMHO, heuristics are more trouble than they are worth as the possibility of a FP becomes orders of magnitude greater than a miss.

 

Ron :)

Share this post


Link to post
The more money there is to be made, the more malware will be produced.

 

 

Does anyone really earn money from making malwares, for what purpose?

Share this post


Link to post
Does anyone really earn money from making malwares, for what purpose?

Billions, if not trillions, of dollars. There was a time that malware was the province of the script kiddies. There is a new world paradigm.

 

http://www.viruslist.com/en/find?search_mode=full&words=money&x=0&y=0

 

And most of this crap is delivered through email.

 

http://www.viruslist.com/en/analysis?pubid=204791920

 

Ron :)

Share this post


Link to post
I wonder how long will it take to get to 400 000 sigs :)

Actually, should be able to make a reasonable estimate based on past trends....

 

My son started this for a school project on malware expansion, and I updated it a little more than a month ago, see initial comment and figure. The standard database was used in the analysis, so that's a bit of a difference, but if you assume that growth rates for the two databases are equal, using the equation (not shown on the graph), it should take around 255 days to make the jump from 300k to 400k, which would put it around Dec 30, 2007 (yep - that's the real calculation result). Let round the estimate and just say "by the end of the year"...

 

Blue

Share this post


Link to post

But do not forget even in signatures there are thousand of "generic masks" which detect viruses from the same family. Its not the way we can go up to, its how the core engine really handles it :)

Share this post


Link to post
Actually, should be able to make a reasonable estimate based on past trends....

 

My son started this for a school project on malware expansion, and I updated it a little more than a month ago, see initial comment and figure.  The standard database was used in the analysis, so that's a bit of a difference, but if you assume that growth rates for the two databases are equal, using the equation (not shown on the graph), it should take around 255 days to make the jump from 300k to 400k, which would put it around Dec 30, 2007 (yep - that's the real calculation result).  Let round the estimate and just say "by the end of the year"...

 

Blue

That's really fast.

It si just math. The most sickening is that those wackos are all playing with the bad malware. It will only get worse

Share this post


Link to post
That's really fast.

It si just math. The most sickening is that those wackos are all playing with the bad malware. It will only get worse

Which confirms that safe-hex is the only sensible approach: don't download and don't run malware in any form +

* shut down unnecessary and potentially dangerous Windows services;

* block all inbound traffic in your firewall;

* block scripts, Flash Player, and all other browser extensions in your browser by default (you should make an exception for your AV extension of course);

* set browser history to '0';

* set browser cache to '0' if your Internet connection is good and if you don't pay for every bite (of course you can't do this in IE - the minimum there is 8MB);

* you can even go as far as to not download pictures by default (which is what I do) and set exceptions for the sites that are allowed to download them.

 

Together with a good Anti-Virus like Kaspersky this should keep you clean wherever you go. Even better: you will never hear Kaspersky's squeal again... ;)

 

Paul

Edited by p2u

Share this post


Link to post
Which confirms that safe-hex is the only sensible approach: don't download and don't run malware in any form +

* shut down unnecessary and potentially dangerous Windows services;

* block all inbound traffic in your firewall;

* block scripts, Flash Player, and all other browser extensions in your browser by default (you should make an exception for your AV extension of course);

* set browser history to '0';

* set browser cache to '0' if your Internet connection is good and if you don't pay for every bite (of course you can't do this in IE - the minimum there is 8MB);

* you can even go as far as to not download pictures by default (which is what I do) and set exceptions for the sites that are allowed to download them.

 

Together with a good Anti-Virus like Kaspersky this should keep you clean wherever you go. Even better: you will never hear Kaspersky's squeal again... ;)

 

Paul

 

Hi Paul

 

safe-hex?

I like the pig......... ;)

But you are right. I think browser cache is a very important part in security

Edited by Sjoeii

Share this post


Link to post

Aha

I get it.

Well common sense it the most important part.

In most parts the security failure sits on the chair in front of the pc........

Share this post


Link to post

We can do it togeter, by sending files to lab.I have send over 10, and 1 new virus detected.Keep going to send undetected files to lab, if you think its virus.

Share this post


Link to post

I agree, although we can't swamp the lab with too many samples. The lab guys are busy as it is nowadays

Share this post


Link to post
Sign in to follow this  

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.