Hi guys,
Glad to see some excitement about CyberCapture here -- it indeed is quite an exciting piece of technology (really taking benefit of a bunch of things that we have been building for years) and we can't wait to see it in action -- that is, can't wait till the Nitro Update really starts rolling out to millions of users and our backend systems start getting some serious load with this.
Anyway... I totally hear your concern, and would like to say one thing from the very beginning: there's absolutely
no design limitation that would imply that CyberCapture can only work with http/https downloads. And in fact, we totally plan to extend its scope in the upcoming weeks and months. The beautiful thing about it is that the decision process takes place (again) in the cloud, so these things can actually be changed at any time.
The reason why we have limited it to http/https downloads for now is that this is the category of files that carries most infections, and at the same time, contains some additional metadata (e.g. the source URL) that allow us to minimize false positives and generally make faster and more accurate decisions. And it also allows us to slightly lower the number of files coming to the system, which is important to make sure our backend stuff can gradually handle the load (we're quite confident we have built them robustly, but it's always a good practice to roll such things out in stages).
Remember, CyberCapture has been in production for about 1 day now. Here's a proposal. Let's give it a bit of time, and make sure that it handles the http/https vector
really well (which would already be quite an accomplishment, given that statistically, 85%+ of all malware comes through that channel). And in parallel, let us work on the other vectors.
Deal?
