On Thu, Nov 20, 2014 at 02:02:24PM -0500, AntiTree wrote: > I don't see what this would do that an AV wouldn't. Of the samples > I've reviewed, most (all?) have been detected by AV.
On the contrary, Claudio has documented several RATs and other "surveillance" malwares used by repressive governments that are not detected by AV. https://twitter.com/botherder/status/535944272047267840 This makes sense; HackingTeam (or whatever other shady malware vendor) is going to test against the tools that are currently used. As Claudio explains elsewhere in recent tweets, the point of Detekt is not to build a long-lasting tool that will detect government malware going forward; the point is to provide a tool *today* that people who are compromised *today* can use to learn that fact. -andy -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
