Talk:Zero-day vulnerability/Archive 1
This is an archive of past discussions about Zero-day vulnerability. Do not edit the contents of this page. If you wish to start a new discussion or revive an old one, please do so on the current talk page. |
Archive 1 |
Page title
Shouldn't it be called Zero-day malware. In my opinion virus is too specific. — Preceding unsigned comment added by Alejo123 (talk • contribs) 01:29, 4 April 2011 (UTC)
- I thought that it was "zero day." A part of the computer. — Preceding unsigned comment added by 24.187.145.47 (talk) 12:12, 12 July 2011 (UTC)
- "0day" originally referred to exploits targeting vulnerabilities that are unknown to a vendor. When the exploit is used, the author originates the start of this unique attack activity, at "Day Zero" (everything starts at "0", not "1", in the world of computing). So, a true "0day worm" like Slammer spread via an 0day attacking CVE-2002-0649 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0649), which was unknown to Microsoft at the time. In more recent terms, Stuxnet was an 0day worm. It is very unusual to find true 0day malware - worms, client side remotes, whatever. The current "zero day virus" description on wikipedia follows the lame marketing department lingo at startups looking to take market share from AV vendors, who don't understand the original term, but want a catchy/flashy term to describe new variants of malware, which are commonplace. This lingo is also commonly used as an attempt to suggest that AV scanners detect fewer malware than they really do. Wikiksec (talk) 00:41, 16 February 2012 (UTC)
- On the one hand, I agree that Zero-day malware is a better name for this article than Zero-day virus. On the other hand, I agree with Wikiksec's comments - the article may well not be encyclopedic. Time for an Wikipedia:AFD? --Elvey (talk) 03:15, 28 April 2012 (UTC)
virus as a section of zero-day
Hey guys, can you guys add your views about merging the three WP zero-day articles attack, virus (and/or also malware) and warez into one at: Talk:Zero_day. Thank you :)
- Done,
footnote 11 leads to "page not found" for InfoWorld article on SONAR by Symantec — Preceding unsigned comment added by 12.157.110.195 (talk) 18:11, 7 June 2016 (UTC)
Warez
Warez doesn't really belong here IMO Deku-shrub (talk) 19:42, 17 May 2015 (UTC)
I agree and will wait a week or so for differing opinions DGerman (talk) 01:14, 10 July 2015 (UTC)
The usage of the term zero-day began with the warez scene, so why would the mention of warez not belong here?
Agree, zero day started in the 'cracking' scene (warez). If mentioned it should be in a history of the meaning section. --Jericho347 (talk) 01:40, 20 August 2022 (UTC)
"Undisclosed" ?
The lead sentence currently says that a zero-day vulnerability is one that is "undisclosed". Later in the article it's pretty clear that the vulnerability may be disclosed and still be considered a zero-day -- it just isn't fixed yet.
I suggest this should either be removed or modified to say "possibly undisclosed" or "disclosed or undisclosed", but I thought I'd discuss before going bold on it.--NapoliRoma (talk) 17:56, 9 November 2015 (UTC)
- This page is a bit of a Frankenstein currently. In which section has the second reference you're referring to? I can't find it. Deku-shrub (talk) 20:03, 9 November 2015 (UTC)
- More than anything I was referring to later in the lead paragraph, where it mentions that zero-day vulnerabilities may be exploited on the day that notice is released (which would mean that at that point, they are disclosed).
- But on reflection, I think the "undisclosed vulnerability" description is accurate. I would now be more inclined to leave it as-is.--NapoliRoma (talk) 03:27, 10 November 2015 (UTC)
Zero day is just a "street slang" term; the article should be short and link readers to where they should really go.
the term "zero-day" is used because it sounds "cool", and it doesn't have much other meaning. Just like stoners think you sound like a guidance counselor if you say marijuana, leet haxorz think you sound like a PHB if you don't say zero-day, but otherwise it's just a newly discovered bug (or previously discovered and kept under wraps) that is exploitable. What's the difference between a virus and a zero day virus? nothing except "is there a patch available for it?" So, this article should restrict itself to that, and keep the rest of the discussion about viruses vs worms etc. in the "real" articles. We don't have separate articles for "dime bag", "roofie", etc. where all the other info about the drugs is recapitulated, and nor we should recapitulate exploit info that belongs elsewhere in the zero-day article. The distinctions that are interesting are, zero day vuln vs zero day exploit, and whether bugs are are fixed in new releases, or if vulns or sploits have been predicted (based on the beta, specs or previous versions) and do exist on day zero of a new launch. 74.73.179.172 (talk) 18:27, 19 January 2016 (UTC)
- My understanding of the term zero day has always been that it is an exploit that is being exploited by hackers "in the wild" for which there is not yet any published fix or mitigation. Hence you have zero days to get the patch out or whatever. If there has been no zero day attack then it's not a zero day vulnerability! BrianDGregory (talk) 22:57, 4 August 2020 (UTC)
Double Zero-Day?
When searching for Zero-Day exploit info the term Double Zero-Day comes up frequently and would be nice to be defined here as it seems related somehow. I could not find a definition and it may well just be something that the script kiddies uses trying to look cool. But it would stille be nice to have it layed out here. User:L00KnS33
I have not seen this term used anywhere. If you or anyone can come up with some citations it would be easier to evaluate it. I suspect you are right, just a random term to sound cool. --Jericho347 (talk) 01:40, 20 August 2022 (UTC)
- The only real references I can find related to "double zero-day" all seem to be stories about two zero-day vulnerabilities cropping up at once. So I suspect that's all it is, a way of talking about (double) (zero-day {vulnerabilities|exploits|announcements}), not (double zero-day) ({vulnerabilities|exploits|announcements}). FeRDNYC (talk) 01:51, 4 April 2024 (UTC)
Name origins
This section is incoherent and unreferenced. It talks about 2 origins and then doesn't say what they are. Also unreferenced sections are usually removed. 69.86.6.150 (talk) 21:06, 6 May 2016 (UTC)
External links modified
Hello fellow Wikipedians,
I have just modified one external link on Zero-day (computing). Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:
- Added archive https://web.archive.org/web/20091027041339/http://geocities.com/skrzydla/ to http://en.wikipedia.org/wiki/Wikipedia:Footnotes
When you have finished reviewing my changes, please set the checked parameter below to true or failed to let others know (documentation at {{Sourcecheck}}
).
An editor has determined that the edit contains an error somewhere. Please follow the instructions below and mark the |checked=
to true
- If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
- If you found an error with any archives or the URLs themselves, you can fix them with this tool.
Cheers.—InternetArchiveBot (Report bug) 17:37, 16 July 2016 (UTC)
- This is some glitch in the bot, I guess. Debresser (talk) 18:48, 16 July 2016 (UTC)
External links modified
Hello fellow Wikipedians,
I have just modified 4 external links on Zero-day (computing). Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:
- Added archive http://web.archive.org/web/20081222035950/http://www.computerworld.com:80/action/article.do?command=viewArticleBasic&articleId=9005117 to http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9005117
- Added
{{dead link}}
tag to http://www.avinti.com/download/case_studies/whitepaper_email_residual_risk.pdf - Added archive http://web.archive.org/web/20090402192651/http://www.infoworld.com:80/article/07/01/17/HNsymantecsonar_1.html to http://www.infoworld.com/article/07/01/17/HNsymantecsonar_1.html
- Added archive http://web.archive.org/web/20120803213309/http://securitywatch.eweek.com/virus_and_spyware/antivirus_is_dead_dead_dead.html to http://securitywatch.eweek.com/virus_and_spyware/antivirus_is_dead_dead_dead.html
- Added archive http://web.archive.org/web/20090324082620/http://www.infoworld.com:80/article/07/02/15/HNzerodayinword_1.html to http://www.infoworld.com/article/07/02/15/HNzerodayinword_1.html
When you have finished reviewing my changes, please set the checked parameter below to true or failed to let others know (documentation at {{Sourcecheck}}
).
This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}}
(last update: 5 June 2024).
- If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
- If you found an error with any archives or the URLs themselves, you can fix them with this tool.
Cheers.—InternetArchiveBot (Report bug) 11:17, 21 July 2016 (UTC)
Removed advertising-like sentence
Hey,
By reading this article a sentence related to Symantec antivirus seemed more like advertising than objective knowledge to me. I deleted it, feel free to restore it if you feed like it was not but in this case justify yourself here please.
(talk)
0~Day
Zero-Day 41.47.143.81 (talk) 01:44, 10 August 2022 (UTC)
Requested move 26 August 2022
- The following is a closed discussion of a requested move. Please do not modify it. Subsequent comments should be made in a new section on the talk page. Editors desiring to contest the closing decision should consider a move review after discussing it on the closer's talk page. No further edits should be made to this discussion.
The result of the move request was: no consensus. (closed by non-admin page mover) Extraordinary Writ (talk) 17:20, 10 September 2022 (UTC)
Zero-day (computing) → Zero-day – This article is the primary topic, between all the options on the Zero day disambiguation page. That page should be moved to Zero day (disambiguation) and Zero day should become a redirect to Zero-day. PhotographyEdits (talk) 12:27, 26 August 2022 (UTC) — Relisting. – robertsky (talk) 16:24, 2 September 2022 (UTC)
- My first thought would be that zero-day exploit is the better title. The article deals more with exploiting of the vulnerabilities, than the concept of the vulnerability itself. -- Netoholic @ 13:15, 26 August 2022 (UTC)
- Oppose. No primary topic here. -- Necrothesp (talk) 12:33, 31 August 2022 (UTC)
- Neutral/Support. This Zero day page is the most popular page on the Zero day disambiguation page (by pageviews in the last 30 days). It has a wikitionary definition as well with alternative spellings like "zero day", so a redirect would be appropriate and I do support moving Zero day to Zero day (disambiguation). I do not support removing (computing) from the title because I believe Google's infobox uses that information for clearer presentation and classification.
- Gett Numbers (talk) 03:28, 1 September 2022 (UTC)
- The (computing) suffix does not matter for Google. Even without that suffix, Google can infer that the article is about computing using other means PhotographyEdits (talk) 12:19, 6 September 2022 (UTC)
- Note: WikiProject Computing has been notified of this discussion. – robertsky (talk) 16:24, 2 September 2022 (UTC)
- Note: WikiProject Computer Security has been notified of this discussion. – robertsky (talk) 16:24, 2 September 2022 (UTC)
- Oppose - No clear primary topic here. Zero-day (computing) pageviews are not greater than the others combined. ~Kvng (talk) 15:07, 5 September 2022 (UTC)