It has been quite some time since I updated this blog, I will try to update the blog in the next weeks, with a few details what I was up to during the last months.
Let's start with the more important stuff, I got into AV Research again =) The output of which will hit the public in the next months, be warned there will be a flood of advisories :D
Together with Sergio Alvarez I gave a talk @ Hack.lu 2007. This year we explained what the heck is up with Anti-Virus software. We revisited the way AV solutions are implemented in current Company networks and AV Engines themselves. Defense in Depth is being misinterpreted and incorrectly implemented with disatrous effects. Customers (end-users of AV Software) believe they do DiD when in reality they do not, this is an important fact to keep in mind.
Rough Break-down of the Talk :
Calls for an NTSB? - In September, Steve Bellovin and I asked “Why Don’t We Have an Incident Repository?.” I’m continuing to do research on the topic, and I’m interested in put...
9 hours ago