Actually, I meant to say that it's not that new, but I was originally typing it as "Also, Reign may be complex but isn't really a new concept." and then made changes to the sentence(because I realized that it was leading to an unnecessarily long explanation) and somehow confused myself. The resulting sentence was not as intended. However, now I feel the need to lightly defend my position, including my mistake.
Once upon a time, we used to code virii that employed dynamic reconfiguration, tiny built-in editors, modular architecture, and even basic AI. It was a common occurrence to create monitoring modules to determine normal operating behavior so that it could determine, automatically, the best way to remain hidden. Worms would utilize this information to determine the best way to spread. Remote reporting, control & update capabilities were commonplace. In one case we even created something specifically designed to take advantage of a hardware manufacturing flaw to deliberately fry a CPU & destroy a monitor. If it didn't create a fire, it would at least create smoke, causing fire alarms to go off & sprinklers to spray every workstation in a department. Various functions would often be added to help ensure that the computer was running optimally. If the computer started getting slow due to less than optimal settings, a virus could make small changes to bring things back up to speed. Some virii would employ methods to ensure that there was no other infection on the system.
This was all back in the early-to-mid 90s, well before multicore processors and hyperthreading. These days antivirus companies act like virus coders in the past were idiots though they were bending entire networks to their will, sometimes creating all new communication protocols to do so, long before much of the technology that one might take advantage of now ever existed. As detection techniques & technology have evolved, researchers are beginning to become aware of infections that echo of the art that remained hidden, underground, for so long. These are not new concepts and, though they may seem quite complex compared to the normal drivel that is commonly cranked out(like people @ HF might be pushing), they're no more complex than what has been around for decades; they merely use newer technology.
And my opinion on Norton comes from personal experience. However, as mentioned, I wouldn't trust them to discover anything on their own. Don't get me wrong; their analysts are certainly not idiots. But when Symantec says that they 'discovered' something alone, part of me always wonders if they knew about it before-hand because they'd paid someone to create it.
Regardless, all the information you've provided is quite interesting and it's a good topic. Have a cookie.
