Results 1 to 5 of 5

Thread: Definitions of techincal terms...

  1. #1
    Bronze Member Island_Boy_77's Avatar
    Join Date
    Dec 2004
    Location
    New Zealand
    Posts
    123

    Question Definitions of techincal terms...


    Hi All
    I've being trying to find suitable definitions of some of the technical terminology used by various AV manufacturers in their advisories. Contrary to popular geek-belief, much of the "geek speak" used in these advisories is gibberish to the average person. I'm supposed to be an "IT geek" myself; while I get the general idea of the technical info in these advisories, the detail escapes me. Would some uber-geek out there kindly "interpret" the latest advisory from TrendLabs for me:

    "is a zero-day exploit that takes advantage of a vulnerability in the createTextRange Method call process in Internet Explorer"
    - What is a "call process"? Or is it a "Method call process"? If yes, what does it mean (in basic terms)

    "enables a user to create a text range within an object"
    - What is an "object" in this case? Also, what does this statement mean in plain english?

    "This exploit causes an error in the mentioned text range, which is applied to an affected system's memory and is used to execute arbitrary codes on the system"
    - In plain english, what does this actually mean (I've got the general idea, but my clients won't be able to make sense of this)

    Many thanks to the person who takes the time to answer this.

    Regards
    Peter

    P.S. I've tried doing some Googling for some answers, but gave up after wasting 30 mins with no useful result

  2. #2
    Triple Platinum Member Curio's Avatar
    Join Date
    Nov 2004
    Location
    London
    Posts
    899
    zero-day exploit = a naughty thing (zero-day means it's an unpatched vulnerability)
    createTextRange method = a function - part of the program
    an object (as always) is a container
    arbitrary code execution = the exploit can jump out of the container and do whatever it likes - i.e. own your PC

    Without a programming background of some sort you are never going to understand that stuff
    I'm using Windows 7 - you got a problem with that?

  3. #3
    Bronze Member Island_Boy_77's Avatar
    Join Date
    Dec 2004
    Location
    New Zealand
    Posts
    123

    ...Thanks, I think

    Thanks for your reply. I'm not sure that you needed to add your last comment. My response to that would be "why do AV companies insist on spewing out programmers geek-speak to average users?" If they didn't (after all, their target audience for these advisories is NOT programmers and uber-geeks), I wouldn't have to ask "obvious" questions in the first place. Anyway, thanks for the info - perhaps less condescending next time? bye

  4. #4
    Triple Platinum Member Curio's Avatar
    Join Date
    Nov 2004
    Location
    London
    Posts
    899
    Condescention is in the eye of the beholder. I didn't put it there.
    I'm using Windows 7 - you got a problem with that?

  5. #5
    Succeded in braking Windo TZ Veteran Dehcbad25's Avatar
    Join Date
    Apr 2002
    Location
    DE - USA
    Posts
    2,366
    Panda makes an easier to read advisory, but then you have to match the virus (different AV manufacturers name viruses differently)
    Each AV will follow different procedures to describe a virus. Symantec probably has the most detailed one. And I think Panda has the easier to read.
    For me, I just care about a general idea of what it does, and how it propagates, and I only read main advisories. There is too much out there in the jungle to cover everything, and understanding to the level that you are looking is overkill for me. What I mean is, that information is there for the person that really wants it. The person that really wants it/needs it probably knows programming languagues and as such it is targeted to them.
    What I am doing now is answering your question of why AV companies make such a advisory.
    Breaking down the advisory, you will probably find that it has a summary/general section that quickly tells you about the virus. This is tagetted towards regular readers. When the description gets technical is targetted at technical people. Unfortunately technical doesn't really mean networking proffesinal like us. After all a virus/malware is but a piece of software, so the technical section for it would be programming.
    The actual audience for the advsories (I read Symantec Security response, McAffe NAI and Panda) has 3 sections, general users (usually the beggining), networking and system proffesionals (middle, or the propagation section) and the programming (this is the last section usually, and the longest most detailed one) This way they try to cover as much ground as possible in one advisory. Since viruses are created so quickly, they cannot spend resources into writting 3 tipes of advisories for each virus, otherwise their technical writting department would be bigger than the department that test and creates the signatures, or increasing resources would also mean, increasing the price of the products, and then it wouldn't be so accessible.
    JMHO

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •