Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > alt.comp.freeware > #242895

Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry

From Bud Frede <frede@mouse-potato.com>
Newsgroups alt.comp.freeware
Subject Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry
Organization 6.022E23
References <gnk8ua5ubvppic0hltir40tunfejg8fvjp@4ax.com> <mt6chk$83d$1@dont-email.me> <EfadnZTBCMjFlmXInZ2dnUU7-XGdnZ2d@supernews.com> <mt9es0$m14$1@dont-email.me>
Date 2015-09-15 17:51 -0400
Message-ID <joCdnaumzvVlD2XInZ2dnUU7-R2dnZ2d@supernews.com> (permalink)

Show all headers | View raw

"Mr. Man-wai Chang" <toylet.toylet@gmail.com> writes:

> On 9/15/2015 8:13 PM, Bud Frede wrote:
>> There are certain behaviors that are necessary for an executable in
>> order for it to be a virus. If those behaviors or a subset of them are
>> not normal for a non-malicious executable, then you can watch for them
>> and assume that anything that displays them is a virus.
>> That's an oversimplification, but it's the basic concept behind generic
>> AV protection.
>
> Then how does SentinelOne test itself? Does it make use of the
> virus-scanners out there to prove its effectiveness?

I assume it has some sort of checksumming happening before it will
run. It's also not just a behavior monitor, but a behavior _blocker_, so
it likely prevents other executables from futzing with SentinelOne itself.

>
> I think SentinelOne's method is just doing an analysis on the virus
> signature database and create a summary as a method.

That would imply that there is a lot of extraneous cruft in the typical
signature database. I don't know whether that's valid or not, nor
whether it would be a good idea to throw away most of a signature
database and keep a fraction of it. (Also, you first have to acquire a
signature database of your own. That isn't going to be a minor
undertaking just in itself.)

I would bet that SO built a behavior monitor (and the other side of
that, a behavior blocker). As I said, it's something that has been done
quite a few times, going back at least 25-30 years or so.

Back to alt.comp.freeware | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

[OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Stormin' Norman <norman@schwarzkopf.invalid> - 2015-08-31 13:14 +0000
  Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Bud Frede <frede@mouse-potato.com> - 2015-09-04 19:19 -0400
    Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Stormin' Norman <norman@schwarzkopf.invalid> - 2015-09-04 23:59 +0000
      Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry "John Corliss (ES)" <q34wsk20@yahoo.com> - 2015-09-05 01:53 -0700
        Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Bud Frede <frede@mouse-potato.com> - 2015-09-14 08:50 -0400
          Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Diesel <me@privacy.net> - 2015-09-14 22:51 +0000
            Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Bud Frede <frede@mouse-potato.com> - 2015-09-15 09:24 -0400
              Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Diesel <me@privacy.net> - 2015-09-15 14:50 +0000
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Bud Frede <frede@mouse-potato.com> - 2015-09-15 18:50 -0400
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Diesel <me@privacy.net> - 2015-09-16 01:40 +0000
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Bud Frede <frede@mouse-potato.com> - 2015-09-16 10:51 -0400
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry ~BD~ <~BD~@nomail.afraid.org> - 2015-09-16 16:06 +0100
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Bud Frede <frede@mouse-potato.com> - 2015-09-17 16:16 -0400
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry "p-0''0-h the cat (UK) - The voice of the Sheeple" <super.pooh@furryfreeware.invalid> - 2015-09-17 22:00 +0100
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry ~BD~ <~BD~@nomail.afraid.org> - 2015-09-17 22:53 +0100
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Diesel <me@privacy.net> - 2015-09-16 17:56 +0000
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Bud Frede <frede@mouse-potato.com> - 2015-09-17 18:07 -0400
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry ~BD~ <~BD~@nomail.afraid.org> - 2015-09-18 07:06 +0100
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Diesel <me@privacy.net> - 2015-09-18 20:55 +0000
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry ~BD~ <~BD~@nomail.afraid.org> - 2015-09-18 22:45 +0100
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Diesel <me@privacy.net> - 2015-09-20 04:14 +0000
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry ~BD~ <~BD~@nomail.afraid.org> - 2015-09-20 10:53 +0100
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Diesel <me@privacy.net> - 2015-09-20 14:51 +0000
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry ~BD~ <~BD~@nomail.afraid.org> - 2015-09-20 16:01 +0100
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Diesel <me@privacy.net> - 2015-09-20 16:15 +0000
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry ~BD~ <~BD~@nomail.afraid.org> - 2015-09-20 21:57 +0100
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry none <none@none.invalid> - 2015-09-20 16:00 -0700
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Shadow <Sh@dow.br> - 2015-09-21 00:11 -0300
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Diesel <me@privacy.net> - 2015-09-21 00:42 +0000
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Bud Frede <frede@mouse-potato.com> - 2015-09-22 08:33 -0400
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Diesel <me@privacy.net> - 2015-09-18 20:55 +0000
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Bud Frede <frede@mouse-potato.com> - 2015-09-22 08:51 -0400
      Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Bud Frede <frede@mouse-potato.com> - 2015-09-14 07:43 -0400
      Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Diesel <me@privacy.net> - 2015-09-14 22:51 +0000
  Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry "Mr. Man-wai Chang" <toylet.toylet@gmail.com> - 2015-09-14 19:56 +0800
    Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Bud Frede <frede@mouse-potato.com> - 2015-09-15 08:13 -0400
      Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Diesel <me@privacy.net> - 2015-09-15 14:50 +0000
        Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Bud Frede <frede@mouse-potato.com> - 2015-09-15 17:22 -0400
          Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Diesel <me@privacy.net> - 2015-09-16 01:40 +0000
            Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Bud Frede <frede@mouse-potato.com> - 2015-09-16 07:23 -0400
              Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Diesel <me@privacy.net> - 2015-09-16 17:56 +0000
      Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry "Mr. Man-wai Chang" <toylet.toylet@gmail.com> - 2015-09-15 23:54 +0800
        Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Bud Frede <frede@mouse-potato.com> - 2015-09-15 17:51 -0400
          Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry "Mr. Man-wai Chang" <toylet.toylet@gmail.com> - 2015-09-16 21:09 +0800
            Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Shadow <Sh@dow.br> - 2015-09-16 12:24 -0300
              Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry "Mr. Man-wai Chang" <toylet.toylet@gmail.com> - 2015-09-16 23:59 +0800
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Diesel <me@privacy.net> - 2015-09-16 17:56 +0000
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry "Mr. Man-wai Chang" <toylet.toylet@gmail.com> - 2015-09-18 20:11 +0800
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Shadow <Sh@dow.br> - 2015-09-18 13:23 -0300
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Diesel <me@privacy.net> - 2015-09-18 20:55 +0000
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Bud Frede <frede@mouse-potato.com> - 2015-09-22 17:01 -0400
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Shadow <Sh@dow.br> - 2015-09-16 15:19 -0300
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry "Mr. Man-wai Chang" <toylet.toylet@gmail.com> - 2015-09-18 20:09 +0800
                Re: [OT] - Netflix Is Dumping Anti-Virus, Presages Death Of An Industry Shadow <Sh@dow.br> - 2015-09-18 13:11 -0300

csiph-web