this post was submitted on 12 Mar 2024
98 points (91.5% liked)
Technology
59587 readers
2478 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
False positives everywhere
Just to play devil's advocate here: if that system can scan better than current systems, it's already a win. If that system can scan more efficiently than current systems, even with false positives, that could be a win, if used as a screening layer.
There could be use cases for this, or it's just buzzwords and marketing.
This doesn't sound any different than what most host based AV already do. The novel idea is implementing it in on the storage array directly in a way that doesn't hose performance. That means instead of needing 100% coverage of all clients to detect/ prevent ransomware encrypting your network storage, the storage array can detect it and presumably reject the compromised client.
No change then. Every time I've uploaded new encrypted (most) data to one drive, it's emailed me about potential ransomware.