This is straying a bit from VNC, but I think my proposal #2 how events such as vnc's security alert could involve virus scanners would work needs further explanation.
The basic concept is that a program which is known to be vulnerable to attack is just as dangerous as an actual attacker, so "anti-virus" systems should treat vulnerable programs in similar ways. Presumably, this would be the easiest kind of signature to add, since legitimate programs are not trying to evade detection. When detected, they'd feed the user information about the vulnerability and update procedures, possibly in addition to or instead of quaranteen procedures. Among the advantages of this approach (1) it is already a well established procedure: everyone uses a virus scanner. (2) it doesn't depend on the end user's expertise or attentiveness. (3) it can deal with widely dissemenated programs for which there is no available list of users. (4) like an elephant, it never forgets. You can guarantee that for years, new copies of vnc 4.1.1 will be installed long after the current update/alert is forgotten. _______________________________________________ VNC-List mailing list [email protected] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
