Rsnake's Bullet Metric: A Response ~ Miscellaneous Security

5.06.2009

Rsnake's Bullet Metric: A Response



A thought experiment asking the following: "If you put Anti-virus on every desktop in the world, would you stop viruses from existing?"

It seems that a critical assumption that is made is faulty. Early in the post, Rsnake answers the above question stating, "I think any reasonable person who understands how viruses work would say no. It will, however, make the bad guys work harder and iterate faster to get by the filters (boutique malware)."

But would virus developers continue to develop? At some point all attackers, and computer scientists, are generally lazy. Attackers want to follow the path of least resistance. If every desktop in the world had Anti-virus installed, would the attackers actually want to "work harder and iterate faster?"

linkage: Silver Bullet Metric ha.ckers.org web application security lab