[87131] in North American Network Operators' Group
Re: Clueless anti-virus products/vendors (was Re: Sober)
daemon@ATHENA.MIT.EDU (Robert Bonomi)
Mon Dec 5 00:12:40 2005
Date: Sun, 4 Dec 2005 23:12:15 -0600 (CST)
From: Robert Bonomi <bonomi@mail.r-bonomi.com>
To: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
> From owner-nanog@merit.edu Sun Dec 4 22:34:54 2005
> Date: Mon, 05 Dec 2005 04:30:26 +0000 (GMT)
> From: "Christopher L. Morrow" <christopher.morrow@mci.com>
> Subject: Re: Clueless anti-virus products/vendors (was Re: Sober)
> To: "Steven M. Bellovin" <smb@cs.columbia.edu>
> Cc: "Church, Chuck" <cchurch@netcogov.com>, nanog@merit.edu
>
>
> On Sun, 4 Dec 2005, Steven M. Bellovin wrote:
>
> > In message <B6621ED4D0AD394BBA73CA657DFD8976869630@MSPEXBE01.wamnet.inc>, "Chur
> > ch, Chuck" writes:
> > >
> > >What about all the viruses out there that don't forge addresses?
> > >Sending a warning message makes sense for these. Unless someone has
> >
> > A-V companies are in the business of analyzing viruses. They should
> > *know* how a particular virus behaves.
>
> This has also been said before, but... they are also in the business of
> SELLING their product. It seems that the 'default' (note I don't either:
> use av, nor scan emails for virii so I'm not sure what defaults to what...
> just use something other than outlook and you can care less about it) is
> possibly there for advertising effect more than anything else :(
>
> Hey, bob's company stopped this virus with $PRODUCT_12, why aren't we
> using that product $VP_O_IT ??
"Because they 'very thoughtfully' fowarded the entire message, INCLUDING
THE VIRUS ITSELF, to us. _Even_though_ the original message did not
originate here.
"Do you _really_ think we should start forwarding viruses to our customers,
'just because' their address was forged into a message sent us? Just how
do you think our customers would respond to _that_?"
There _is_ an art-form to backing management into an untennable corner, when
they are bound and determined to do something 'wrong'. It's simply a matter
of finding the "right" consequences of the action, to illustrate _why_ the
proposed thing is 'wrong'. 'Revenues', and 'customer satisfaction' are
almost _universal_ "hot buttons" that can frequently be used to advantage.
