The scanning engine of an AV system is like the render process of a browser. The... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tptacek on Aug 2, 2017 \| parent \| context \| favorite \| on: Microsoft didn’t sandbox Windows Defender, so I di... The scanning engine of an AV system is like the render process of a browser. The browser itself has tentacles all over the system, but most of the danger is in parsing and executing untrusted code, and that subsystem doesn't have a lot of tentacles.

tyoma on Aug 2, 2017 [–]

The browser and renderer is a perfect analogy. Only the scanning code that contains the format parsers, emulators, etc, needs to be sandboxed.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact