Discussion on:
View:
Show:
The best way to avoid viruses is to lose Windows. I have loads of naive-user friends. Theyall used to get viruses ALL the time. I swapped them over to Ubuntu. Over several years, I've never had a virus problem to deal with for them.
Plus, it's not a full-day job to install either.
Plus, it's not a full-day job to install either.
Since cross platform threats are now becoming more prevalent; how are you to truly know your Ubuntu platform isn't actually pwned? You have no way of really knowing, unless you're a file freak who is constantly looking at your file structure.
I agree that viruses are not really the threat here actually; but malware. Today's malware don't need administrative privileges, and can do harm without taking over the operating system. They can pwn the browser though, using java/adobe vulnerabilities and do damage to anyone who uses the machine for financial purposes. Quite frankly for my clients that do not use their PC's for shopping, banking, or E-Trading, I tell them not to worry too much about viruses/malware/etc. Because they have little to lose, and as long as they don't click on fake alerts and run as a limited rights user, they will be fine. Especially if they run CCleaner before every log off and/or shutdown.
I agree that viruses are not really the threat here actually; but malware. Today's malware don't need administrative privileges, and can do harm without taking over the operating system. They can pwn the browser though, using java/adobe vulnerabilities and do damage to anyone who uses the machine for financial purposes. Quite frankly for my clients that do not use their PC's for shopping, banking, or E-Trading, I tell them not to worry too much about viruses/malware/etc. Because they have little to lose, and as long as they don't click on fake alerts and run as a limited rights user, they will be fine. Especially if they run CCleaner before every log off and/or shutdown.
You have to change friends. I've had *NO* friends with any virus infections for years. Why? Because they are smart enough to know what to do.
Most viruses [other than attachments] are from sites you should be going to or pirated software you've downloaded.
Ditch the friends and stop with this Linux crap is better.
Most viruses [other than attachments] are from sites you should be going to or pirated software you've downloaded.
Ditch the friends and stop with this Linux crap is better.
But do your friends pay for security software they wouldn't need if they used Linux? Come on, Ubuntu is 10 times better than Windows, and its free.
I installed Ubuntu on an old Dell laptop last night in little over an hour. Works perfectly, it's fast, I've no need to worry about viruses, it's free (in all contexts), has a beautiful interface, and it isn't riddled with bloatware.
http://duplicatefilesdeleter.com/ - this one deletes duplicate files
http://longpathtool.com/ - and this one deletes files with "too long" filenames
http://longpathtool.com/ - and this one deletes files with "too long" filenames
Do you consider duplicates and long file names as diagnostic? Why?
Sorry if I sound a little like a jerk, but who uses Antivirus to be a proactive measure? If you do, then you are behind the times. I see antivirus to regular cold medicine. It is always behind the latest strand and you still deal with the effects of the cold. Of course they will not have the latest or greatest defense. There is how many new viruses created daily?
The other argument I can't stand is, "Hey switch to this operation system. It has no viruses." My response to that is, "Yea for now." If everyone in the world switched OS's like they do with phones, clothes, girlfriends, wives, jobs, etc; every system would have a virus. It doesn't solve the problem. You are just running away from it.
The odds are against us. There is probably a 2 to 1 ratio when it comes to hackers and anti-virus companies. If you want a strong true antivirus system, be proactive. There are a lot of steps you can take in order to make sure that your system is virus free. Please do not rely just on antivirus software. If you do, you failed.
The other argument I can't stand is, "Hey switch to this operation system. It has no viruses." My response to that is, "Yea for now." If everyone in the world switched OS's like they do with phones, clothes, girlfriends, wives, jobs, etc; every system would have a virus. It doesn't solve the problem. You are just running away from it.
The odds are against us. There is probably a 2 to 1 ratio when it comes to hackers and anti-virus companies. If you want a strong true antivirus system, be proactive. There are a lot of steps you can take in order to make sure that your system is virus free. Please do not rely just on antivirus software. If you do, you failed.
Good article. AV is good for what it is worth as an automatic protection system that runs in the background. User training in safe use of computers, smart phones, and the internet is the next line of defense that should provide good value for the money put into it.
Instead of creating better anti-virus software... I wish we could have better methods of hunting down the worthless pieces of trash that write malware and viruses and... well, make them "disappear"...
There's a whole lotta gray in that realm, and giving too much power to any enforcement body ... well, think Aaron Swartz.
The US made any kind of intrusion a crime, and Germany went so far as to make hacker tools illegal. The result was that law-abiding hackers in those nations watched their skills atrophy while nations like Romania, China and Russia have effectively pwned all the nations that cracked down on their domestic hackers.
You also need to harden your desktop, keep the OS and other software up to date and stop using insecure plugins like Java and Adobe products.
More and more companies and users are having 'clean' computers that they keep offline entirely as backups
It would be nice to encrypt and polymorph our OS comparable to genetic evolution/mutation of "receptor sites"
ASLR and PIE only went part of the way. Individually "unique" OS's would be like a new Ubuntu/OS6 for each individual. That should reduce root kits, drive by's and overflows.
The devil would be in the details e.g MS would need a public key system.
ASLR and PIE only went part of the way. Individually "unique" OS's would be like a new Ubuntu/OS6 for each individual. That should reduce root kits, drive by's and overflows.
The devil would be in the details e.g MS would need a public key system.
out there that lock the drive environment. They have become so effective, they don't even require PCI or other hardware support. Steady state went away, but there are still good paid solutions in this arena. They basically turn the local machine into a dumb terminal, so using an NAS at minimum is probably wise. IT staffs everywhere are already using remote server storage for backup redundancy anyway. It is surprising the industry still buys refresh user equipment with any drive in it at all these days.
the attacks I see in my honeypot lab are almost 100% malware. The threatscape is changing, so questioning the system is legitimate, and I commend the author for bringing it up, because things are changing so rapidly, that constant day-to-day re-evaluation is a requirement.
The Windows x64 NT5 and NT6 kernel have almost achieved the hardness that was once exclusive to Unix based operating systems. However too many users still need java and adobe products to do their daily business, so let us get real here. I propose an SOP that goes something like this; but not necessarily in priority order:
1. Run only in restricted user environments, and DON"T disable the UAC.
2. Only select malware solutions that don't conflict with each other and overlap in coverage.
3. Select mitigation tools that work as near the kernel level as possible to avoid malware manipulation; and always password protect the GUI controls(of course)
4. Have a good automatic backup plan, and use more than one HDD drive whenever possible.
5. Keep the free AV - at least it does housecleaning.
6. I used to recommend two of the top software firewalls, but they've become so bloated now, that using the Vista/Win7 built in firewall with a template and/or manager is just about as good.
7. Switch to new generation UTM perimeter appliances with streaming services for SMBs or any larger organization, that have something to lose.
8. Keep in mind solutions that can actually run in the infected environment and still foil the malicious mission of any resident malware that may be on board. Encrypted password managers, and things like bit-locker are on this list.
9. Use Secunia PSI, File Hippo Update Checker, or any tool necessary to keep all applications, plugins/extensions, and drivers up to date. This can go a LONG way toward hardening the operating system environment.
10, A HIPS that correctly identifies the process in question, and relies more on updates to the heuristic engine, and less on white lists, [and definitely NOT signatures], is the logical direction.
AV might well be on the road to obsolescence; but the blended defense is not.
The Windows x64 NT5 and NT6 kernel have almost achieved the hardness that was once exclusive to Unix based operating systems. However too many users still need java and adobe products to do their daily business, so let us get real here. I propose an SOP that goes something like this; but not necessarily in priority order:
1. Run only in restricted user environments, and DON"T disable the UAC.
2. Only select malware solutions that don't conflict with each other and overlap in coverage.
3. Select mitigation tools that work as near the kernel level as possible to avoid malware manipulation; and always password protect the GUI controls(of course)
4. Have a good automatic backup plan, and use more than one HDD drive whenever possible.
5. Keep the free AV - at least it does housecleaning.
6. I used to recommend two of the top software firewalls, but they've become so bloated now, that using the Vista/Win7 built in firewall with a template and/or manager is just about as good.
7. Switch to new generation UTM perimeter appliances with streaming services for SMBs or any larger organization, that have something to lose.
8. Keep in mind solutions that can actually run in the infected environment and still foil the malicious mission of any resident malware that may be on board. Encrypted password managers, and things like bit-locker are on this list.
9. Use Secunia PSI, File Hippo Update Checker, or any tool necessary to keep all applications, plugins/extensions, and drivers up to date. This can go a LONG way toward hardening the operating system environment.
10, A HIPS that correctly identifies the process in question, and relies more on updates to the heuristic engine, and less on white lists, [and definitely NOT signatures], is the logical direction.
AV might well be on the road to obsolescence; but the blended defense is not.
Anti-virus on its own is useless. Viruses aren't coming out as frequent as 10 years ago. Instead those virus writers are switching to malware or ransomware. Making money off someone's less fortunes is the name of the game now.
Getting ahold of a victim's computer, searching for passwords, account information etc. Then if not use the information, sell it off.
Or maybe hijack someone's computer. Pay $200 or the user never sees the information again.
Most AV software outhere [well particularly the free ones] won't even detect malware out there and if they did, they don't know how to clean the computer.
Avast Pro [which had malware "protection"] couldn't even pick up that fake Windows XP Antivirus crap. Microsoft Security Essentials wouldn't find a bunch of trojans....
But finally the biggest problem is the end user. Either they'll click on anything that pops up or don't do anything when a legitimate popup comes around.
Getting ahold of a victim's computer, searching for passwords, account information etc. Then if not use the information, sell it off.
Or maybe hijack someone's computer. Pay $200 or the user never sees the information again.
Most AV software outhere [well particularly the free ones] won't even detect malware out there and if they did, they don't know how to clean the computer.
Avast Pro [which had malware "protection"] couldn't even pick up that fake Windows XP Antivirus crap. Microsoft Security Essentials wouldn't find a bunch of trojans....
But finally the biggest problem is the end user. Either they'll click on anything that pops up or don't do anything when a legitimate popup comes around.
Since we are mentioning brand names, I like the pro version of MBAM, which BTW has recently hardened its code to avoid manipulation by the malware. Avast will report it as a root-kit on the XP platform(false positive). For my rather indigent clients, I like to pile on the anti-malware, and pick them by their various technologies - this way whatever kind of passive or active real time protection does not conflict.
With the right tools - a scan of the hard drive will not result in any secure data being detected by the crooks. My honey pot tests confirm this.
I got to admit though - even though I dropped Lavasoft's AdAware, I have noticed some malware manipulations on limited rights accounts, that can still be vexing and lead to eventual compromise on a novice's machine. My clients who do not bank or shop online still use it; but you have to cow-tow to their AV, as it is a suite product now. It is still free; but it must be conflicting with some of my kernel based solutions, and I can't get any stability out of it(as if I trusted them anymore anyway).
With the right tools - a scan of the hard drive will not result in any secure data being detected by the crooks. My honey pot tests confirm this.
I got to admit though - even though I dropped Lavasoft's AdAware, I have noticed some malware manipulations on limited rights accounts, that can still be vexing and lead to eventual compromise on a novice's machine. My clients who do not bank or shop online still use it; but you have to cow-tow to their AV, as it is a suite product now. It is still free; but it must be conflicting with some of my kernel based solutions, and I can't get any stability out of it(as if I trusted them anymore anyway).
I'm using GFI Vipre. I also keep a few 'backups' available, but not running (Malware Bytes & various Spyware things). But, no matter who you are, it's not a question of 'if', but 'when'.
I hear that Lavasoft is using Viper's engine in their new suite product - which is still free - AdAware 10. However - since they were bought out by some shady concerns last January, I can't trust them on my machine - but I do encourage clients with little to lose, to continue using it. On those that did uninstall it - they quickly decided to return to using it - so that is proof in the pudding - as I see it.
I've been running my home pcs for 14 years without a single infection. So, "when" might I expect it to happen?
Avira, avast!, AVG Free, ClamWin AV. Avira was the cleanest and most user-friendly; avast! was the most comprehensive. These days I'm sticking with Windows Defender/MS Security Essentials, mostly to see how I like it and because it seems to be less of a resource hog than 3rd-party solutions - so far it's worked out fine for me, but should it fail me (or if MS screws it up at some point) I'm ready to return to Avira in a heartbeat.
BUT, I also use Sandboxie for all my web-browsing and email-erm, -mailing, so even if I get something I just close out all my sessions, wipe the sandbox and begin anew. So far, nothing has gotten out of the sandbox!
Anyway, I haven't paid for anti-malware since the '90s, or used a commercial package since my last free trial of Norton AV in '05. Commercial anti-malware is a waste of money. But one must install something; I have a friend who, in the past, always put off installing anti-malware, and I can recall at least 2 occasions when he spent the better part of a day recovering from a virus that pretty much any AV prog would have stopped (ditto one occasion for another friend).
BUT, I also use Sandboxie for all my web-browsing and email-erm, -mailing, so even if I get something I just close out all my sessions, wipe the sandbox and begin anew. So far, nothing has gotten out of the sandbox!
Anyway, I haven't paid for anti-malware since the '90s, or used a commercial package since my last free trial of Norton AV in '05. Commercial anti-malware is a waste of money. But one must install something; I have a friend who, in the past, always put off installing anti-malware, and I can recall at least 2 occasions when he spent the better part of a day recovering from a virus that pretty much any AV prog would have stopped (ditto one occasion for another friend).
I'd ditch MSE. It lost a security certification letting in too much stuff it should be blocking. Another free AV product detected trojans on a system [not mine] that MSE didn't detect in the hidden Recycler folder. Also didn't detect a harmless rootkit.
Don't trust Avast. It didn't pick up those fake AV malware a few years back at a place where I worked.
Don't trust Avast. It didn't pick up those fake AV malware a few years back at a place where I worked.
Using Avast with other good freeware anti-malware are doing a good job for my clients who are on a budget. Avast and MBAM Pro are a killer team - but then you need to run as a limited user too.
I have NEVER considered Avast to truly be an anti-malware despite any claims by ALWIL on their Pro version.
I have NEVER considered Avast to truly be an anti-malware despite any claims by ALWIL on their Pro version.
I just got done working on a client's machine that was using MSE, and it was so hosed that you could not use conventional means to recover the system!! Even the optical drives were being blocked - and I suspect the malware flashed the controller on the DVD drive and ruined it. I had to pull every trick I knew out of the tool box to fix this machine, and I had to learn a few new tricks too!!! 
I use my antivirus as a precaution rather then the solution for viruses. I try to use common sense when I surf the net and don't completely rely on my antivirus (Unthreat Antivirus) and so far so good.
The 99% detection rates they boast sound great until you consider the countless thousands of old viruses that are catalogued and the sampling bias inherent in only testing viruses they know about. The new and custom viruses may represent a small fraction of that catalogue but that doesn't mean they aren't more widespread. And there really is no good way to measure performance on zero day viruses. If had reason to suspect my PC was compromised I'd format and reinstall.
And don't think these viruses slipping through are super viruses engineered by the CIA or mob. I remember custom virus kits being sold so you could have an undetectable virus for less than $1000 which you can then use to infect hundreds of PCs and maybe thousands before your virus is found and catalogued.
Antivirus is a bandaid solution to bad security models.
And don't think these viruses slipping through are super viruses engineered by the CIA or mob. I remember custom virus kits being sold so you could have an undetectable virus for less than $1000 which you can then use to infect hundreds of PCs and maybe thousands before your virus is found and catalogued.
Antivirus is a bandaid solution to bad security models.
can become a professional "cyber" criminal with the crime kits available at the crack forums now. You advice is golden.
Think about the absurdity of the "9 out of 10" argument. Would you fly an airline which boasts that 9 out of 10 flights reach the destination?
I wouldn't fly an airline that gets there only 9 times out of 10, but I'd sure hire a baseball player than gets 'only' 4 hits for every 10 times at bat.
How about the AV vendors start living up to their press. They say they have "intelligent heuristics" and various other technology. Where is the "intelligent" stuff? Why haven't they delivered what they describe? Real human intelligence rather than somewhat less than an earthworm.
Perhaps the fundamentals of business are flawed and need to change.
False and misleading advertising. Anything a business says about their products should be factually accurate.
False and misleading advertising. Anything a business says about their products should be factually accurate.
If folks would use Ubuntu Linux then this would Not be a problem and viruses, malware and infections are just words and no threat. I do research on this and have been using Ubuntu 4 years, saves me a ton of money eliminates stress about viruses. for proof go to : http://micromac.webs.com/
A dubious contention at best.
That's not even counting the huge issue of persuading appliance users that they should wipe the OS thay have off their machine, source a distibution, and then install and configure it.
I know it's as easy as windows, but they don't install windows do they, which is fortunate, because they'd find it just as difficult...
Do better, the only people you are convincing is those who already disagree with you and will continue to do so, when you represent yourself with this sort of drivel.
That's not even counting the huge issue of persuading appliance users that they should wipe the OS thay have off their machine, source a distibution, and then install and configure it.
I know it's as easy as windows, but they don't install windows do they, which is fortunate, because they'd find it just as difficult...
Do better, the only people you are convincing is those who already disagree with you and will continue to do so, when you represent yourself with this sort of drivel.
It is definitely all about training and knowledge of malware, I don't have any anti-virus on any of my PCs, but how many users are smart enough to identify and stay clear of the bad stuff? Experience is the best defense. No anti-virus is perfect, some don't even come close, and most cannot clean a PC completely after infected. But we all know this already. Knowing this I would not pay one penny for anti-virus, there are plenty of free ones that work as good as you can expect. The best anti-malware software I have ever used is free...combofix.
If everyone used Linux, guess what, the problem would be just as big as it is now with windows users. If you were wanting to target an audience, would you set your goals on New York City, or Belton, Texas? Linux is great I use several different flavors, but as far as software goes, there are limits, so I use windows far more often, most people do and therefore the target audience. And since Linux is basically open source, well some enthusiastic scammer/hacker/script kiddie could develop his own open source vulnerability virus/trojan/malware of some sort, then what do you do? No anti-virus company is going to touch that, no profit in it,...one problem on Linux possibly affecting a handful of PCs. All this highly unlikely, but you catch my drift.
You might use linux and open source but you obviously don't get it.
Obscurity is NOT security. If the source being open was a real factor then there would be no windows viruses, because it isn't.
Obscurity is NOT security. If the source being open was a real factor then there would be no windows viruses, because it isn't.
Yeah, that's really true. I like Kaspersky antivirus software.
This helps windows operating system. And safe your computer from outside virus attack. And protect your computer.
It's really amazing.
This helps windows operating system. And safe your computer from outside virus attack. And protect your computer.
It's really amazing.
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
