
The person(s) behind the mirror - CarolineW
https://www.josephkirwin.com/2015/09/16/person_behind_the_mirror/
======
chinathrow
"When we published some simple byte matching detection, it appeared that an
“automated system” on that attacker's side would modify the previous version
by doing some simple code manipulation that didn't change the functionality of
the malware, but broke our detection signature."

The major flaw of some AV in one sentence.

~~~
mistaken
That's an inherent problem in all AVs. Signatures based systems can be
bypassed easily. If you're not using signatures, then the AV is
running/analyzing the code which leads to the halting problem.

