Arequire

Level 23
Verified
Content Creator
The user Cruelsister here in this forum says Panda is not very good against zero day and ransomware...but his video wasn't fair, because the free version doesnt have the data shield.
Her video.
The data shield is irrelevant. The test was against the free version their software (Panda's most popular product I might add) which includes behavioural analysis/blocking and it failed to block the ransomware before encryption took place. Don't think this is exclusive to Panda though; if you go through her video list you'll see pretty much every security solution she's tested has allowed malware to slip by and encrypt files or set itself up for persistence. That's just the way the cookie crumbles: Zero-day defences are far from perfect and malware authors continue to use more sophisticated methods to avoid detection by said zero-day defences.
 
5

509322

That's just the way the cookie crumbles: Zero-day defences are far from perfect and malware authors continue to use more sophisticated methods to avoid detection by said zero-day defences.
That is only true of default-allow security solutions that most people are so fond of. Malc0ders know full-well the weaknesses of default-allow and leverage those weaknesses to their own benefit.

Default-allow = a good game of dice. That is the history and will remain so. However, a lot of people live in denial thinking the next release of this or that will be SkyNet - and that it will have a 100 % detection rate 100 % of the time, tell them the process they thought was safe is behaving maliciously, and completely resolve\mitigate\protect against any and all security risks and issues on their system.
 
Last edited by a moderator:

Arequire

Level 23
Verified
Content Creator
That is only true of default-allow security solutions that most people are so fond of. Malc0ders know full-well the weaknesses of default-allow and leverage those weaknesses to their own benefit.

Default-allow = a good game of dice. That is the history and will remain so. However, a lot of people live in denial thinking the next release or this or that will be SkyNet - and that it will have a 100 % detection rate 100 % of the time, tell them the process they thought was safe is behaving maliciously, and completely resolve any and all security issues on their system.
Yeah. Shame default-deny or whitelisting isn't adopted more often but I guess general consumers would find it way too difficult to deal with or would end up letting malware through regardless. Pretty sure most still see their antivirus as a silver bullet too; I had a friend who got hit by Crysis last year and he was so confused and angry as to why his antivirus didn't protect him. Safe to say he won't be using AVG again.
 
5

509322

Yeah. Shame default-deny or whitelisting isn't adopted more often but I guess general consumers would find it way too difficult to deal with or would end up letting malware through regardless. Pretty sure most still see their antivirus as a silver bullet too; I had a friend who got hit by Crysis last year and he was so confused and angry as to why his antivirus didn't protect him. Safe to say he won't be using AVG again.
General consumers are users "that want to use stuff."

Despite this fact, when the multi-billion dollar slammers begin to happen - and, surely, they are on their way - it is just a simple matter of time, the future will be very bright indeed for completely locked systems = you will use what comes pre-installed and that is it.
 
Last edited by a moderator: