Larry Seltzer tells it like it is.
Similar points were made by Andreas Marx at his presentation at last year’s Virus Bulletin, “The Wildlist is Dead, Long Live the Wildlist”.
The Wildlist (the primary method of certifying antivirus products) is an anachronism in today’s environment. That doesn’t mean, however, that all AV engines are crap — far from it. Despite the constant negativity out there, there are, in fact, some extremely good engines on the market that have kept up with real threats in an admirable fashion. We just need a better method of certification.
As to the calls about “we need to move to whitelisting because blacklisting is dead”, I don’t agree with these sentiments. Hopefully I’ll have more time this week to write more on that subject.
Alex Eckelberry