[112357] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Re: Death of antivirus software imminent

daemon@ATHENA.MIT.EDU (Peter Gutmann)
Fri Jan 4 12:17:33 2008

From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: leichter_jerrold@emc.com, lynn@garlic.com
Cc: cryptography@metzdowd.com, frantz@pwpconsult.com
In-Reply-To: <Pine.SOL.4.61.0801021623100.15241@mental>
Date: Fri, 04 Jan 2008 20:53:27 +1300

"Leichter, Jerry" <leichter_jerrold@emc.com> writes:

>The claim that VMM's provide high level security is trading on the reputation
>of work done (and published) years ago which has little if anything to do with
>the software actually being run.

Actually VMMs do provide some security, but not in the way you think.  Since
malware researchers typically run malware they're analysing inside a VM, quite
a bit of malware will silently exit (or at least not exercise the "mal" part
of its name) if it detects that it's running inside a VM.  So you can
inoculate yourself against at least some malware by running your OS inside a
VM.

Peter.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com

home help back first fref pref prev next nref lref last post