then how does anti-virus software work?GOOD QUESTION! Ideally, anti-virus software would look at a given program, analyze what it will do, and then decide whether it's malicious. However, as we know from my last post, this is impossible.
Instead, anti-virus software takes the easy way out: it maintains a huge lookup table that contains every piece of code known to be malicious. When you scan a file for viruses, you're just checking to see if there's any code in the file that matches code in your table of known malicious code.
This table is called your "virus definitions", and it's because of Turing that you periodically have to download virus definition updates from Symantec or whatever.
1 comments:
Thanks for the response. But how disappointing it is to find out how feeble anti-virus software is. So basically, any new virus (ie, new code) is invincible until added to the definitions table. Gurp.
Post a Comment