> I can easily understand how someone unversed in the _market forces_ > pertaining to antivirus software could hold that position, and as a > theoretical solution to the problem of lack of cross-vendor naming > coordination it has often been suggested even by though who know it > would never work in the real world. > > Neat and tidy as such a solution seems, it will not, however, work. As > I explained in other of my posts in this and the related "AV Naming > Convention" thread, in general by far the largest "cost" of naming > disagreement is borne by the users in the early hours of large-scale > outbreaks. Thus, a "solution" that specifically _requires_ all vendors > to use a different name until a name is agreed (no matter what this > process it will take some _additional_ time) is, by design, an _anti- > solution_ as such a "solution", by design, ensures perfect naming > inconsistency at the time the highest cost of naming inconsistency is > borne.
Vendors should not "have to" use a different name until the "real" one is detrermined, they should use whatever they want to. You know what, I don't work in the "anti-virus" field, but what you are saying is BS. There is no good reason that I can think of that the AV companies cannot rename these things after the fact. When an outbreak happens, they provide a fix and name it whatever they want. After the fact, they could rename things and their updates reflect the "proper" name. They can keep a reference to their name in the description, what's a few more characters in the signature files for every piece of malware going to matter? another 100k in a download at most? I agree that there is probably a lot of marketing pressure that may make this difficult, but there is no technical reason for it. The AV companies cannot be that lame that they cannot handle a simple name change. I mean we use databases and other things and using these "computers" that should make this easy. If thay are that lame, maybe they shouldn't be in busines. It's up to people like us that read lists like this to make them fix this silly problem, or we can ignore it. It doesn't affect me much, it just seems silly that they cannot name things consistently. > Secondly, one of the greatest impediments to ongoing (as opposed to > initial, outbreak-phase) naming inconsistency is that many vendors do > not have internal processes robust enough to easily handle renaming This is a lame excuse at best, maybe these companies need to redesign themselves, this should not be a big problem. > (And please, before replying to this message, please, please, please, > please, please read _all_ the rest of thread -- as the only person > making a significant contribution who has more than half a clue about > how all this stuff works, what may be technically feasible, and what a > great deal of customer and industry history suggests may be acceptable, > answering the same misconceptions over and over is getting tiresome...) We'll be sure to bow down to you... Todd _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
