The software fell short recently, however, when it comes to zero-day threats - catching just 79% of the samples thrown at it. According to Ormandy, security marketing often utilizes "high level doublespeak."Ĭuriously, Sophos has repeatedly received high marks from AV-Test Labs (Opens in a new window) when it comes to detection of widespread malware and samples discovered in the last 60 to 90 days. A perfect example was Symantec's free Security Scan app, which the company said it planned to re-work ( following a post I penned (Opens in a new window) at Download Squad back in 2010). He further questioned the way the industry as a whole markets itself: antivirus makers repeatedly have had fingers wagged at them before for using scare tactics to generate sales. Shortcomings in the way Sophos handles cryptographics and its signature system could allow cybercriminals to craft malware that could either sidestep the software's defenses or flood a user's system with false positives, making the software appear ineffective or even useless. After poring over the Sophos code, Ormandy discovered what he considered to be some very serious flaws. It's not a complete surprise, then, that Ormandy's research focused on the enterprise software developed by Sophos - though both he and Cluley openly admit that the entire process was entirely good-natured. That simply wasn't enough time to respond. Why didn't Microsoft simply issue a patch? It did, eventually, but Ormandy only gave the company five days grace before putting his code on display for all to see. Within days, new malware was out in the wild that made use of Ormandy's exploit code. Ormandy made what Sophos chief Graham Cluley called (Opens in a new window) an "irresponsible disclosure" of a bug affecting Windows XP. You might recognize Ormandy's name from an incident involving Microsoft a while back. But it's a presentation by Google security guru Travis Ormandy that seems to be making the biggest waves. Black Hat 2011 is in full swing, and conference attendees are making waves with demonstrations of exploits affecting everything from Square's mobile credit card reader to Chrome OS to wireless hacking of insulin pumps.
0 kommentar(er)
