Blackworm Dud Highlights Virus Naming Mess 108
An anonymous reader writes "Washingtonpost.com is running a story that looks at the total mess that the anti-virus companies made in naming the latest overhyped virus threat. According to the article, 'Blackworm' or the 'Kama Sutra worm' was the first major test of a new U.S.-government funded initiative to introduce some sanity into the virus-naming business. From the article: 'For most of [the antivirus vendors], this is like Esperanto: You can speak it if you want to, but everyone else is going to carry on babbling in their own native tongue, so it doesn't really matter.'"
Why not assign every virus an ID number? (Score:4, Insightful)
The naming confusion... (Score:4, Insightful)
Re:Why not assign every virus an ID number? (Score:5, Insightful)
So, did you hear about virus #2451-23123.2134-A? I hear it's going to be a doozy!
No headlines. (Score:2, Insightful)
What do you think sells more papers:
The "Cyber Herpes" virus is coming!
or, "5437B" is coming!
Virus Naming Conventions (Score:5, Insightful)
IVSC (Score:2, Insightful)
My point is, who cares what it's named! A mass mailing worm is just that. Shouldn't matter if you call it "Blackworm" or "You got f'ed in the a". If it walks like a duck and talks like a duck...
Numbered Viruses (Score:3, Insightful)
Three genus(es?) = os
Microsoft
Linux
MAC
species = app
ie
etc...
phylum = number (increment)
now here is the kicker: Microsoft will have a canary.
as the numbers will hit the MAXINT for a 32bit OS
newscaster: "MSIE999999999999999 was found in the wild today"
producer: "mumble mumble"
newscaster: "sorry that was MSIE 10 to the power of 999999999999"
Re:I agree (Score:5, Insightful)
com.symantec.virusdb.mydoom
com.symantic.virusdb.mydoom.variant1
com.symantic.virusdb.mydoom.variant2
This allows the vendors to respond quickly. Then each vendor can also maintain a "thesaurus" of equivalents with other naming authorities,e.g.:
com.symantic.virusdb.mydoom==org.cert.virus.2004.
com.symantic.virusdb.mydoom.variant1==org.cert.vi
Then Symantec reports that you have com.symantic.virusdb.mydoom.variant2, you can check their thesaurus; if you don't find the exact variant, you could still figure out its a form of org.cert.virus.2004.1 that hasn't been named by that authority.
Slightly OT (Score:5, Insightful)
http://en.wikipedia.org/wiki/Sisyphus [wikipedia.org]
http://en.wikipedia.org/wiki/Tower_of_Babel [wikipedia.org]
To stay ontopic, here's the list of companies and the name they picked for this virus So who was calling it "Kama Sutra" ?
Re:Hej! (Score:1, Insightful)
Hurricane names? (Score:2, Insightful)
Sure, they may run out of names, but they can reuse names as they do for hurricane names, with the exception of widespread popular hurricanes/worms/virii, which can be retired [noaa.gov], just like some hurricane names.