Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
How Antivirus Companies Are Hacking the Truth -- and Making Us All More Vulnerable
Message
<blockquote data-quote="artek" data-source="post: 770495" data-attributes="member: 22897"><p>I'm not really certain a default deny setup adds anything to the security of my systems. I am not running scripts, files, word documents, etc., that I don't either expect to be recieving or hav enot been downloaded from legitimate websites. I could of course be wrong, but there's two primary ways I can see myself getting infected - the first being a flaw in the browser combined with a flaw in the OS. The second being something that I believe to be safe that I'm going to run anyway. CCleaner for example, or some other kind of file that wouldn't typically be used to deliver malware that has a flaw in it which leads to system compromise. </p><p></p><p>Would a default deny setup stop the first kind of issue? Possibly. One of the most recent times I've been compromised was using a default deny setup. The second issue a default deny setup would do nothing because I believe the file to be safe, so I'm going to allow it anyway. Default deny works wonders for less knowledgeable users, one only needs to look at iOS to see an example of that, but I belive it needs to be combined with some sort of authoritative mechanism to verify the non-malicious nature of applications users install. Apple does this a bit better than Google, but there have still been cases where someone has managed to sneak a malicious application onto the iOS appstore. If you were to put a default deny/containment setup on a windows machine it needs to be combined with some sort of a whitelist or the novice user is going to be annoyed to the point of allowing everything thus defeating the strengths of a default deny system.</p></blockquote><p></p>
[QUOTE="artek, post: 770495, member: 22897"] I'm not really certain a default deny setup adds anything to the security of my systems. I am not running scripts, files, word documents, etc., that I don't either expect to be recieving or hav enot been downloaded from legitimate websites. I could of course be wrong, but there's two primary ways I can see myself getting infected - the first being a flaw in the browser combined with a flaw in the OS. The second being something that I believe to be safe that I'm going to run anyway. CCleaner for example, or some other kind of file that wouldn't typically be used to deliver malware that has a flaw in it which leads to system compromise. Would a default deny setup stop the first kind of issue? Possibly. One of the most recent times I've been compromised was using a default deny setup. The second issue a default deny setup would do nothing because I believe the file to be safe, so I'm going to allow it anyway. Default deny works wonders for less knowledgeable users, one only needs to look at iOS to see an example of that, but I belive it needs to be combined with some sort of authoritative mechanism to verify the non-malicious nature of applications users install. Apple does this a bit better than Google, but there have still been cases where someone has managed to sneak a malicious application onto the iOS appstore. If you were to put a default deny/containment setup on a windows machine it needs to be combined with some sort of a whitelist or the novice user is going to be annoyed to the point of allowing everything thus defeating the strengths of a default deny system. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
