How Antivirus Companies Are Hacking the Truth -- and Making Us All More Vulnerable

simmerskool

Level 31
Verified
Top Poster
Well-known
Apr 16, 2017
2,094
Everyone defending Default-Deny, has anyone of you ever used Comodo, avast!'s Hardened Mode (Aggressive) or Microsoft SmartScreen in Block mode?
Sure, in practice, Default Deny works. Sure, on the outside it gives the impression it's clever, but there is really nothing sentient or intelligent about it. We call in-game bots "Ai", but again, they just follow sets of rules and on the outside they appear intelligent. That's the state of "Ai" everything these days. To even remotely have something close to Ai you need a quantum computer which works closer to how brains of intelligent organisms operate and you'd need it on a local level and not in the cloud.

I dunno about that. I just saw a video re US Navy drone with AI that takes off from aircraft carrier, flies a mission, returns to the aircraft carrier and lands, all using AI, NOT remotely controlled by a human. AI is happening and getting better. Beware the Terminator. :eek:
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Everyone defending Default-Deny, has anyone of you ever used Comodo, avast!'s Hardened Mode (Aggressive) or Microsoft SmartScreen in Block mode?

Sure, in practice, Default Deny works. Unless you happen to be a beta tester, someone who always updates things to latest versions on day zero or happens to be a developer. Then they are all absolute nightmare to work with. They keep on limiting and buggering you so much you most likely disable them quite soon. Some of these systems are pretty good for casual users (particularly avast! Hardened Mode in Aggressive setting), but as soon as you step outside of casual expectations, it becomes a huge inconvenience.

Also, everyone thinking "Ai" is the magic bullet for everything, I'm gonna give you a wake up call. The "Ai" everyone keeps plastering around like mad these days is nothing "intelligent". It's literally just tons of IF/THEN statements packed in subcategories. When you trigger initial category you tell the "Ai" what set of rules to use. And then it basically linearly goes through command tree till it gives you a somewhat expected result. "Ai" would be when something would look at a file and could actually understand what it is and why it is bad. Like for example user looking at a randomly named EXE or EXE file named similarly to Explorer.exe but isn't one and you understand that it being in wrong location fires up all the alarms. That's what makes us intelligent. The "Ai's" don't do any of it, I don't think they can even make rules to diferentiate gibberish named EXE files from meaningfully named ones (like dsafuxgdsgkfx.exe and totalscan.exe). They just tap into massive online databases and go through bunch of IF and OR statements. Sure, on the outside it gives the impression it's clever, but there is really nothing sentient or intelligent about it. We call in-game bots "Ai", but again, they just follow sets of rules and on the outside they appear intelligent. That's the state of "Ai" everything these days. To even remotely have something close to Ai you need a quantum computer which works closer to how brains of intelligent organisms operate and you'd need it on a local level and not in the cloud.
So what's the best security for someone who is annoyed by default/deny, and doesn't want to trust Ai, which lacks common sense?
 
  • Like
Reactions: oldschool
L

Local Host

I dunno about that. I just saw a video re US Navy drone with AI that takes off from aircraft carrier, flies a mission, returns to the aircraft carrier and lands, all using AI, NOT remotely controlled by a human. AI is happening and getting better. Beware the Terminator. :eek:
There's a fine line between AI and VI, and we're nowhere near an AI.
Everyone is using VI, and advertising as AI (it sure fools the less tech savvy users, which is exactly what they want).
So what's the best security for someone who is annoyed by default/deny, and doesn't want to trust Ai, which lacks common sense?
He should use something like Kaspersky and stop being paranoid, is more than enough to stop the threats Home Users face.
 
D

Deleted Member 3a5v73x

Some gibberish is written here about AI, but I won't go there, public is made to believe it works that way or doesn't exist at all. Secret agencies already are using models and preparing world for next tech leap, masses are already becoming more dumb and controlable staring at phones all day, AI will be unavoidable thing in future. Best thing you can do for now is to change your mindset, for PC protection use some default-deny or SRP software. It's not paranoid at all, if you fail to understand it or willing to learn, that's a different problem.
 
Last edited by a moderator:

RejZoR

Level 15
Verified
Top Poster
Well-known
Nov 26, 2016
699
I dunno about that. I just saw a video re US Navy drone with AI that takes off from aircraft carrier, flies a mission, returns to the aircraft carrier and lands, all using AI, NOT remotely controlled by a human. AI is happening and getting better. Beware the Terminator. :eek:

Just because something does something on its own, that doesn't make it "Ai". If you pre-program a drone to fly a certain path to x-y coordinates where it strikes with a bomb and returns it's not exactly what I'd call an "Ai". We've had that for ages. What constitutes as "Ai" would be directing a drone in certain direction and ordering it to target everything that looks like terrorist operations and the drone would spot and differentiate between what looks like a civilians, friendlies and targets with high enough confidence it could be compared to a human doing the same with similar level of confidence and accuracy identifying targets (knowing even humans sometimes fire at civilians or friendlies because of an error).

Sure there can be some machine learning so that drone identifies colors and shapes that are meant to be targets, but that's basically again just a very advanced IF based on pre-programed rules. I won't deny it, our mind works similar, we take pat encounters, experiences and visuals as pre-programing and we make decisions based on that, but you also branch out with new IF's on per case basis all on your own. I'm not aware of any Ai systems in existence capable of doing that. Certainly not one that could be doing calculations locally. Everything currently revolves around sending data to compute culsters where stuff is processed and returned. Local compute power just isn't fast enough quite frankly.
 
D

Deleted member 178

Sure, in practice, Default Deny works. Unless you happen to be a beta tester, someone who always updates things to latest versions on day zero or happens to be a developer. Then they are all absolute nightmare to work with. They keep on limiting and buggering you so much you most likely disable them quite soon. Some of these systems are pretty good for casual users (particularly avast! Hardened Mode in Aggressive setting), but as soon as you step outside of casual expectations, it becomes a huge inconvenience.
if you are a professional tester/QA, you would have a dedicated testing machine, which is obviously barebone OS at default settings, unless you test something specific.
Don't compare public testers with professionals.

However, unlike my testing system, my personal system is static, it is compartmentalized and locked down so tight, you can't install or execute anything not in the policy i created via some apps (Appguard Enterprise, NVT ERP/OSA, etc...)

I used to use Secure Folders, excellent tool, but I ditched it because I have apps that have same functions/mechanisms but made in a better way.

So the inconveniences you mentioned in the quote doesn't apply to me.

About Ai, those are just marketing gimmicks, There is no such thing (yet), those just function from elaborated algorithms trying to flag specific markers/criteria.
 
Last edited by a moderator:

ChemicalB

Level 8
Verified
Sep 14, 2018
360
I think the point is that the artificial intelligence is not a magic wand for sure. AI systems will not allow you to understand how the machine comes to its conclusions ( due to self-learning algorithms) but we consider that today no matter how you are good in writing security code, because the malware always will be one step ahead.
If and when AI will replace our minds as well as machines have replaced our muscles for decades now, then maybe something will change.
 

RejZoR

Level 15
Verified
Top Poster
Well-known
Nov 26, 2016
699
if you are a professional tester/QA, you would have a dedicated testing machine, which is obviously barebone OS at default settings, unless you test something specific.
Don't compare public testers with professionals.

However, unlike my testing system, my personal system is static, it is compartmentalized and locked down so tight, you can't install or execute anything not in the policy i created via some apps (Appguard Enterprise, NVT ERP/OSA, etc...)

I used to use Secure Folders, excellent tool, but I ditched it because I have apps that have same functions/mechanisms but made in a better way.

So the inconveniences you mentioned in the quote doesn't apply to me.

About Ai, those are just marketing gimmicks, There is no such thing (yet), those just function from elaborated algorithms trying to flag specific markers/criteria.

Because someone apparently can't be a professional doing work on a personal system...
 
D

Deleted member 178

Because someone apparently can't be a professional doing work on a personal system...
If you are a professional tester, you won't like to test security (or others) software on your personal system...unless you like to corrupt your personal datas or crash it and make the system unbootable? right?

In case you do malware testing on you personal system where all your personal/financial files are, please make a video, so i can have a good laugh when they get encrypted LOL

itwt
 
Last edited by a moderator:

Kuttz

Level 13
Verified
Top Poster
Well-known
May 9, 2015
625
However, unlike my testing system, my personal system is static, it is compartmentalized and locked down so tight, you can't install or execute anything not in the policy i created via some apps (Appguard Enterprise, NVT ERP/OSA, etc...)

I used to use Secure Folders, excellent tool, but I ditched it because I have apps that have same functions/mechanisms but made in a better way.

So the inconveniences you mentioned in the quote doesn't apply to me.

Asking just for clarification no offense intended even remotely. First of all you need to create various rules of your liking in order to locked down your system so tight. Secondly if you need to install new apps you are required to add exclusion to the apps. Before adding exclusion you need to verify the app you wanted to install is malicious or not (How do you ascertain a file is 100% safe ?).

The whole process is cumbersome for all most all PC users because of practical reasons. Those who have noting important to do with their PC and have ample time to waste can try various time killing activies like implementing multi layered lock down configurations. If any other person other than you try to use your PC especially elderly people they will be devastated by its restrictions you imposed by way of lock down configuration. I won't say a lock down configuration is bad but one cannot argue that it is better than default allow or Anti Virus configured PCs. Both have its pros and cons. All people in MT is aware of both configurations.
 
Last edited:
D

Deleted member 178

Asking just for clarification no offense intended even remotely.
1- First of all you need to create various rules of your liking in order to locked down your system so tight.
2- Secondly if you need to install new apps you are required add exclusion to the apps.
3- Before adding exclusion you need to verify the app you wanted to install is malicious or not (How do you ascertain a file is 100% safe ?).
hahaha i was expected this question :)

1- yes
2- yes or disable it temporarily and install the app once point 3 is confirmed.
3- many options like checking the hash, Virus Total, etc...also most malicious files will use another process/interpreter or run from known areas so if those are also blocked the malicious file is obviously harmless.
There was a video made by @cruelsister installing Appguard (default setting) on an infected system, then the malware was blocked.
1-whole process is cumbersome for all most all PC users because of practical reasons. Those who have noting important to do with their PC and have ample time to waste can try various time killing activies like implementing multi layered lock down configurations.
2- If any other person other than you try to use your PC especially elderly people they will be devastated by its restrictions you imposed by way of lock down configuration.
3- I won't say a lock down configuration is bad but one cannot argue that it is better than default allow or Anti Virus configured PCs.
4- Both have its pros and cons. All people in MT is aware of both configurations.
1- Indeed, i don't force lockdown setups upon noobs, i just say that there is no better way to protect a system.
2- if they use my pc, they can still watch videos, browse, works on office; the only thing they can't do is install software or run stuff they are not supposed to.
3- in term of security it is definitely better, there is no place for unknown/unwanted stuff, now about convenience obviously it is more restrictive.
4- most lockdown setup's users come from corporate environment, there you just can't let stuff running around as a home user system would. Most have already the skills to handle such setups but home users if trained and interested can handle it too.
 
Last edited by a moderator:

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
You can check installer files with Windows Smartscreen, it's pretty good. Windows will do that by default for .exe installer files downloaded from the Internet. But if they came in a zip file, then you need the forced Smartscreen feature of Hard_Configurator, which adds an option for that to your right-click context menu.

VirusTotal can be misleading, if the file is relatively new. You need to check the details and see when the file was first uploaded. If it is new, and there are no detections, maybe it is a zeroday!! It can take up to a week until you start to get an accurate reading from VirusTotal, so don't rely just on that.
 

Kuttz

Level 13
Verified
Top Poster
Well-known
May 9, 2015
625
hahaha i was expected this question :)

1- yes
2- yes or disable it temporarily and install the app once point 3 is confirmed.
3- many options like checking the hash, Virus Total, etc...also most malicious files will use another process/interpreter or run from known areas so if those are also blocked the malicious file is obviously harmless.
There was a video made by @cruelsister installing Appguard (default setting) on an infected system, then the malware was blocked.

1- Indeed, i don't force lockdown setups upon noobs, i just say that there is no better way to protect a system.
2- if they use my pc, they can still watch videos, browse, works on office; the only thing they can't do is install software or run stuff they are not supposed to.
3- in term of security it is definitely better, there is no place for unknown/unwanted stuff, now about convenience obviously it is more restrictive.
4- most lockdown setup's users come from corporate environment, there you just can't let stuff running around as a home user system would. Most have already the skills to handle such setups but home users if trained and interested can handle it too.


Ok now its all clear to me (y)
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top