On Sat, 19 Mar 2005 21:06:46 +0000, Mike Hearn <mike@xxxxxxx> wrote: > Active defence combined with passive defence will always beat purely > passive defence. If an untrusted source can execute code on your computer the game is over. Antivirus makes sense when thats all you can do, ... when you're on a platform of proprietary software with no ability to test or improve the code running there. T he viruses and worms that have grown up on windows have now reached a level of sophistication that simple pattern matching isn't good enough... They are encrypted, they are patching the running OS, etc. The halting problem tells us that determining the behavior of complex code is an intractable problem. It is now *much* easier to make a secure system than it is to make a naughtycode scanner thats worth a darn. Lets worry about antivirus software if the day ever comes that mass-spreading pathogens outpace the communities ability to actually fix the code, until then using such tools would only slow our pace of fixing actual bugs... Virus scanners don't generally solve the problem of one-off attacks by qualified and determined adversaries, which is a much more dangerous threat in many ways... Fixing bugs stops them and they also stop the bulk spreading stuff, and fixing bugs is something we can do in the free software world that is much harder in the proprietary code world.
