On Dec 23, 2007 12:05 PM, Drsolly <[EMAIL PROTECTED]> wrote: > > On Sat, 22 Dec 2007, silky wrote: > > > On Dec 22, 2007 10:35 AM, Larry Seltzer <[EMAIL PROTECTED]> wrote: > > > Even so, there would be so much less testing to do, wouldn't there? > > > After all, on an appliance users can't just arbitrarily install > > > applications (not and expect support). > > > > > > Larry Seltzer > > > eWEEK.com Security Center Editor > > > http://security.eweek.com/ > > > http://blogs.pcmag.com/securitywatch/ > > > Contributing Editor, PC Magazine > > > [EMAIL PROTECTED] > > > > > > > > > -----Original Message----- > > > From: Drsolly [mailto:[EMAIL PROTECTED] > > > Sent: Friday, December 21, 2007 6:29 PM > > > To: Larry Seltzer > > > > > > Cc: [email protected]; Richard M. Smith > > > Subject: RE: [funsec] Kaspersky strikes again > > > > > > On Fri, 21 Dec 2007, Larry Seltzer wrote: > > > > > > > Damn, I'm going to get a good column out of this. > > > > > > > > Doc: What about gateway appliances? Is a signature system more > > > > reasonable when you have a limited number of closed platforms? > > > > > > You've misunderstood my concern. > > > > > > If you update your sigs hourly, then you have less than an hour to do > > > all the testing. It doesn't matter how many computers are running the > > > new version; they're all running something that has had less than an > > > hour of testing, and I don't really want to run something that has been > > > tested for less than an hour, on my systems. > > > > sorry but i don't see how 'hourly releases' translates into 'one hour > > of testing'. that seems like an assumption on your part, it's not a > > direct result of that strategy. > > > > you need to look at the actual number of signatures they generate > > internally. if they only write one once an hour, then that's the one > > they must release. but if they write more then that, or have a > > stockpile they release from, then clearly they can spend more then one > > hour testing. > > What's the point of hourly releases, if you're releasing stuff that you > did a week ago?
Marketing tool? +time to test? -- mike http://lets.coozi.com.au/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
