Should AV software protect against rogue hack/crack files (was: Re: SCR file being posted to usenet ...)
- From: Virus Guy <Virus@xxxxxxx>
- Date: Wed, 01 Mar 2006 10:08:28 -0500
Adam Piggott wrote:
Explain to me why people who use cracks/key gens should be
protected by anti-virus software? It might just be that the
other vendors have better things to do with their time.
If it's the policy of any given AV company/software to be selective
when it comes to malware detection (ie to specifically NOT protect
against malware that is associated with hack/crack files) then they
should advertise that policy - and let that be a factor in how
consumers choose AV software.
Or do you think that AV vendors should NOT publicize their decision to
not protect against rogue cracks and key-gens, thereby keeping
consumers in the dark about the true compentency or capability of
their AV software?
The way I see it, any AV vendor can certainly choose whether to
include or exclude malware detection within known hack/crack/key-gen
files, but there is no coherent argument that can be raised (other
than pure pettiness or malice) for not making end-users aware of such
a corporate-level decision.
I will continue to post the results of malware detection (or lack
thereof) within hack/crack files to establish if any particular AV
vendor does indeed show a policy of detection-avoidance for such
files.
This raises another point: The use of rogue hacks and cracks would
drop if they were detected as trojan/viral/what-ever. You could argue
that anyone who seeks out and installs a keygen or crack (which does
what it's advertized to do) deserves the (possible) infection they
get. I could argue that the internet-at-large has become more
"polluted" because of the infected user, and the vendor for which the
hack/crack was used against has experienced some (perhaps small)
tangible loss because of the crack - so an AV policy of
detection-avoidance has accomplished nothing in this case, and
arguably it has led to the worse of two possible outcomes.
Besides, the incorporation of a given piece of mal-ware into a
hack/crack file doesn't mean that same mal-ware won't migrate to other
types of delivery mechanisms or payloads. For this reason, good AV
software should be blind to the source (or intention) of a piece
mal-ware and just focus on (and protect against) the threat.
.
- Follow-Ups:
- References:
- SCR file being posted to usenet (detected by some AV's, but not all)
- From: Virus Guy
- Re: SCR file being posted to usenet (detected by some AV's, but not all)
- From: Adam Piggott
- SCR file being posted to usenet (detected by some AV's, but not all)
- Prev by Date: Re: Disable AVG signature
- Next by Date: Re: Kaspersky 6 or BitDefender 9 Internet Security or NOD32+OutPost Pro+Ewido+NetLimiter ?
- Previous by thread: Re: SCR file being posted to usenet (detected by some AV's, but not all)
- Next by thread: Re: Should AV software protect against rogue hack/crack files (was: Re: SCR file being posted to usenet ...)
- Index(es):
Relevant Pages
|
