[XSL-LIST Mailing List Archive Home] [By Thread] [By Date]

Re: [xsl] Newbie - XML and XSLT samples to produce XHTML Files please

---

---

Well here is a base article, however, the xsl page actually relys on
several other external xml files to gather sitewide data and generate
cross references etc.

Sory, but I cant supply you with all those files, I think other people
here at VB might get a little upset if they knew their information
was being thrown about this mailing list.

If you have any questions though, feel free to ask.

<article
        filename        = "11_01.xml"
        date                    = "November 2004"
        type                    = "comments"
 
        title                   = "The dinosaurs live on"
        edition         = "200411">

    <author id = "002" />

<summary>"I was even quite pleased to have lasted in the AV industry long 
enough to be a 'dinosaur'" - Peter Morley, McAfee UK. </summary>
<paragraph>
        I was delighted to read Nick Scales's comment '<link location = 
"/magazine/articles/comments/2004/10_01.xml">Definition-based AV software 
is dead</link>' last month (see <link location = 
"/magazine/issues/2004/10.xml">VB, October 2004</link>, p.2). I was even 
quite pleased to have lasted in the AV industry long enough to be a 
'dinosaur'. Unlike Scales, however, I believe the AV dinosaurs who 
surround me will not be extinct before the decade is out, and that they 
may last some further ten years or more.
</paragraph>

<paragraph>
        Prevention is better than cure, and <link location = 
"http://www.microsoft.com/windowsxp/sp2/default.mspx">XP Service Pack 
2</link> has made great strides. However, I have implemented XP Service 
Pack 2, and if I run without anti-virus software, it keeps popping up and 
reminding me. Obviously the authors are well aware that they haven't 
killed it yet, and that they have more work to do.
</paragraph>

<paragraph>
        So, where do we go from here, to improve still further? Prevention 
comes from four sources.
</paragraph>

<paragraph>
        First, the Operating System provider. Bill Gates stressed two 
years ago that security is a prime consideration for <link location = 
"http://www.microsoft.com/">Microsoft</link>. He associated security with 
Longhorn, his project for the next OS, and promised to concentrate on it. 
Since then, the initial Longhorn implementation has been watered down, and 
the diluted version is scheduled for 2005. Microsoft has since taken over 
<link location = "http://www.gecadnet.ro/securitate/">GeCAD</link>, an 
excellent AV vendor. I conclude that Gates believes there is still a place 
for the conventional AV strategy (detect after the attack) for some time 
to come.
</paragraph>

<paragraph>
        The first version of Longhorn will have to be highly backward 
compatible or it will not take off. It will also, at some stage, support 
the new hardware security requirements about which some vendors (including 
<link location = "http://www.ibm.com/">IBM</link>) are arguing. All this 
adds up to more of a delay in getting Longhorn bedded down.
</paragraph>

<paragraph>
        The second source of prevention is the hardware providers. In his 
comment, Scales mentioned that, by 2007, anti-virus will be built into the 
chipsets of the latest computers and devices. He is right, and several 
vendors (including <link location = 
"http://www.mcafee.com/">McAfee</link>) have started providing the means 
to do it. However, I think it will be several years before it becomes 
really effective.
</paragraph>

<paragraph>
        User policy enforcement techniques represent the third source of 
prevention. The implementation of these is not easy. Over the next five 
years, volumes and Internet usage are set to explode further. There is 
also the integration of both the communication and entertainment 
industries into the computer industry. (You doubt it? May I remind you of 
Sony-MGM.)
</paragraph>

<paragraph>
        Last but not least, the surviving AV companies will remain 
responsible for excluding the known 'nasties' where possible. They may be 
replaced by a new, shining 'MSAV', but I doubt it. Some unknown nasties 
will still get through, and someone will need to respond as quickly as 
possible. Who, other than the surviving anti-virus vendors, will prevent 
them from continuing to get through?
</paragraph>

<paragraph>
        Of the forthcoming Trojans, I am sure there will be some which get 
in, wait up to three months, do something horrible, and then delete 
themselves. This raises the classic subject of backup. Most large-scale 
users will have to improve their ability to retreat to a working system, 
and repeat the essential transactions since.
</paragraph>

<paragraph>
        What will happen to reviewers during the next ten years? I suspect 
they will fade slightly, as the number of field nasties declines, but I 
don't believe they will fade out completely until about 2015. Bear in mind 
that Chinese and other Far East users are several years behind the game, 
but growing very quickly, and that their reviewers expect that anything 
which was ever detected remains detectable. 
</paragraph>

<paragraph>
        Finally, some big AV customers have their own virus collections, 
and expect that anything which has ever infected or attacked them will 
continue to be detected.
</paragraph>

<paragraph>
        Scales's predictions are right, but the extinction of the AV 
dinosaurs will happen later. Perhaps much later.
</paragraph>

<paragraph>
        [See this month's <link location = 
"/magazine/articles/letters/2004/index.xml#October">Letters page</link> 
(p.10) for some different reactions to last month's comment, '<link 
location = "/magazine/articles/comments/2004/10_01.xml">Definition-based 
AV software is dead</link>' - Ed.]
</paragraph>

</article>

-- 
Tom David Kirkpatrick
Virus Bulletin Web Developer, Virus Bulletin

Tel: +44 1235 555139
Web: www.virusbtn.com

---