Just in case you haven't seen it yet, I'd recommend you take a look at the paper put out by Tavis Ormandy discussing the findings from his reverse engineering of the Sophos anti-virus product; the paper's available from:
http://lock.cmpxchg8b.com/Sophail.pdf
It's clear from the tone of the paper that the author had a few issues with Sophos but I don't think the tone should distract from some of the serious weaknesses (particularly in the area of buffer overflow protection) that the paper describes.
What I'd really like to see now would be similar investigations of the claims of the other major anti-virus products out there - are Sophos alone in having these issues or is it endemic across the A-V industry?
It would also be helpful if Sophos put out a more technical response to Tavis' paper rather than the somewhat bland post to be found at:
http://nakedsecurity.sophos.com/2011/08/05/tavis-ormandy-and-sophos/
'til next time...
Friday, 12 August 2011
Subscribe to:
Posts (Atom)
