This again shows that anti-virus companies cannot be considered security
vendors.
security vendors _know_ they don't just sell a _product_, they also sell
_trust_, and trust is not a set of claims such as "believe me".
no one is gonna ask a vendor how he handles bold fonts in a desktop
soft, nobody needs to see what's happening in a PCMCIA card. But
if one buys a product to secure his site, the main question is how to
make sure the product really secures anything.
many still regret the crystal days of TIS, but open source is sure to take
things back....
cheers,
mouss
At 10:17 07/12/00 -0500, Ng, Kenneth \(US\) wrote:
>As a matter of fact, I have been asking Symantec the same question about
>their anti virus software updates for the past 2 years. Even for one of the
>security staff at KPMG who would be willing to sign a NDA, they
>catagorically refuse and will only say that "the site is secure, there is no
>way in". Now I think we know the REAL REASON why they don't want to
>disclose their security, they have none.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
