Machine learning in security: Good and bad news about signatures