@no_structure @exploitshield @chriseng But unless you can show lots of real world malware bypassing ExploitShield, they kinda win
@dakami @dinodaizovi Also what @thegrugq is true: ASLR/DEP impose continuing cost. ExploitShield is “bypassed” once and done.
-
-
@dguido@dinodaizovi@thegrugq These are all very compelling theories. What does the empirical data say though? -
@dakami@dguido@dinodaizovi what are you measuring? -
@thegrugq@dguido@dinodaizovi An apparent 100% success rate stopping unsignatured malware feels like it deserves some respect -
@dakami@thegrugq@dinodaizovi Rather, AV has a 100% success rate detecting malware that hasn’t tried to bypass it. -
@dguido@thegrugq@dinodaizovi AV is signature based and has an enormous false positive rate if they try anything funny -
@dakami@thegrugq@dinodaizovi AV is in the same position as ExploitShield. If it’s worth it to bypass, you will with minimal effort. -
@dguido@dakami@thegrugq@dinodaizovi anyway I can get in on this conversation and introduce automatic execution detection from@itsosafe ? -
@JaredSperli@itsosafe TBH, I think we're done reviewing software like this for a while. I feel like I've met you guys before... - 1 more reply
New conversation -
-
-
@dguido@dinodaizovi@thegrugq The classical security engineer in me has made every single argument you have.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@dguido@dakami@dinodaizovi basically, the very definition of security through obscurity. ;)Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.