Advice Request If you pay for malware protection, who's at fault if you get infected?

Please provide comments and solutions that are helpful to the author of this topic.

codswollip

Level 23
Content Creator
Well-known
Jan 29, 2017
1,201
It's like sunscreen. Buy the cheap stuff and stay out all day, you'll get burned.

But even the best products won't protect you from hours in the tanning bed.

wWylWt9.png
 

danb

From VoodooShield
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,742
I forgot to mention that in the near future since all of the kids growing up are familiar with tech, most users will soon know basic stuff like what "apps are" and will have a basic understanding of cybersecurity.

In other words, allow-by-default will soon be dead and the fault of malware infection will rely solely on the end user.
 
F

ForgottenSeer 89360

I forgot to mention that in the near future since all of the kids growing up are familiar with tech, most users will soon know basic stuff like what "apps are" and will have a basic understanding of cybersecurity.

In other words, allow-by-default will soon be dead and the fault of malware infection will rely solely on the end user.
Default-deny is not a bad concept, but users expect more than just that. Users want less prompts. If you bombard them with alerts they will kiss your product goodbye. So default-deny can be used as a companion under some circumstances, but it can't be a universal solution, waiting to replace everything else.

Why exactly is that? Because users don't need the perfect security, in the current situation they are just fine. Just like with that Galaxy Fold phone... it's great, but doesn't sell. Android is designed to work great with one screen and two screens don't make any good.
 

danb

From VoodooShield
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,742
Default-deny is not a bad concept, but users expect more than just that. Users want less prompts. If you bombard them with alerts they will kiss your product goodbye. So default-deny can be used as a companion under some circumstances, but it can't be a universal solution, waiting to replace everything else.

Why exactly is that? Because users don't need the perfect security, in the current situation they are just fine. Just like with that Galaxy Fold phone... it's great, but doesn't sell. Android is designed to work great with one screen and two screens don't make any good.
I respect your opinion, but please keep in mind that if a user installs VS, they will receive an order of magnitude less affirmative prompts from VS compared to the number of affirmative user prompts they receive browsing the web and clicking NO to receiving the newsletter. ;)
 
F

ForgottenSeer 89360

I respect your opinion, but please keep in mind that if a user installs VS, they will receive an order of magnitude less affirmative prompts from VS compared to the number of affirmative user prompts they receive browsing the web and clicking NO to receiving the newsletter. ;)
Your statement is not incorrect, but believing that a user can always answer prompts correctly is not great. There is a reason why NortonLifeLock, Trend Micro, Bitdefender and some other vendors won't implement a prompt whether to remove high-confidence detections, though users have asked since forever. Sometimes an additional poka-yoke is needed.
 

danb

From VoodooShield
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,742
Your statement is not incorrect, but believing that a user can always answer prompts correctly is not great. There is a reason why NortonLifeLock, Trend Micro, Bitdefender and some other vendors won't implement a prompt whether to remove high-confidence detections, though users have asked since forever. Sometimes an additional poka-yoke is needed.
iOS and Android are deny-by-default and they work great for all users, including novices. VS users do not have to answer prompts at all, unless it is blocking something they are trying to install.

I forgot to mention... the reason why the big players have not implemented deny-by-default is because their focus is allow-by-default. They simply have not spent time developing deny-by-default tech that is usable for everyone.
 
Last edited:

Eggnog

Level 3
Verified
Well-known
Mar 21, 2018
108
No AV company is going to be held liable for the piddly amount we pay for AV products. I mean get real. They don't, and can't, guarantee you will never get infected. They also can't guarantee how the product is being used, or even the level of competence of the user. Stupid will always find a way.
 

DDE_Server

Level 22
Verified
Top Poster
Well-known
Sep 5, 2017
1,173
No AV company is going to be held liable for the piddly amount we pay for AV products. I mean get real. They don't, and can't, guarantee you will never get infected. They also can't guarantee how the product is being used, or even the level of competence of the user. Stupid will always find a way.
I completely agree with that opinion and you sumarized what was in my mind.alwayes cybercrime depend on social engineering attacks to trick the user to allow infection this would help the attacker a lot to bypass the complex protection mechanism and tools and save them a lot of time in developing their malware .that confirms what you said and what I would quote it again :
"Stupid will always find a way."
 

DDE_Server

Level 22
Verified
Top Poster
Well-known
Sep 5, 2017
1,173
Your statement is not incorrect, but believing that a user can always answer prompts correctly is not great. There is a reason why NortonLifeLock, Trend Micro, Bitdefender and some other vendors won't implement a prompt whether to remove high-confidence detections, though users have asked since forever. Sometimes an additional poka-yoke is needed.
Default deny I think it most comprehensive protection way as it depends on simple concept in cyber security world which is "reducing the attack surface " the less you permit the less you vulnerable to attack and less to be infected.however the approach of some developer such as @danb is to make that concept more usable to novice and less experienced user and easy to digest and deal with by representing simple software with simple yet effective default deny baseline and that what I think the best protection Philosophy and hardest to bypass but need to be easy to be used ☺️☺️
 
Last edited:
F

ForgottenSeer 89360

Default deny I think it most comprehensive protection way as it depends on simple concept in cyber security world which is "reducing the attack surface " the less you permit the less you vulnerable to attack and less to be infected.however the approach of some developer such as @danb is to make that concept more usable to novice and less experienced user and easy to digest and deal with by representing simple software with simple yet effective default deny baseline and that what I thing the best protection Philosophy and hardest to bypass but need to be easy to be used ☺️☺️
I'm not commenting on any specific product or feature, just saying how the "let me ask the user instead" philosophy is normally treated. Security enthusiasts may be happy with that but majority of users will ask you "I'm paying you, you are the expert. Why can't you take a decision instead of me, but I have to waste time answering prompts...?"

That moment you'll realise why the whole market hasn't pushed harder for default-deny, but has rather stayed as it is now.
 

DDE_Server

Level 22
Verified
Top Poster
Well-known
Sep 5, 2017
1,173
I'm not commenting on any specific product or feature, just saying how the "let me ask the user instead" philosophy is normally treated. Security enthusiasts may be happy with that but majority of users will ask you "I'm paying you, you are the expert. Why can't you take a decision instead of me, but I have to waste time answering prompts...?"

That moment you'll realise why the whole market hasn't pushed harder for default-deny, but has rather stayed as it is now.
Most vendors put it with different names especially enterprise solutions for example :trusted application module in kaspersky or solid core in mcafee epo some also integrated it in their consumer product line yes they didnot make it obligatery but it is included which means it is one of good protection mechanisms however it could push as main protection layer as this would not acceptable by users who want silent and very low interactive users which may represent large part of home consumer
 
Last edited:

mlnevese

Level 28
Verified
Top Poster
Well-known
May 3, 2015
1,763
Most vendors put it with different names especially enterprise solutions for example :trusted application module in kaspersky or solid core in mcafee epo some also integrated it in their consumer product line yes they didnot make it obligatery but it is included which means it is one of good protection mechanisms however it could push as main protection layer as this would not acceptable by users who want silent and very low interactive users which may represent large part of home consumer


The users who WANT to be prompted about everything are a minority. As @McMcbrad said the vast majority of users want things to be automated, trusting the service providers as experts. That's the reason we see Autopilot in Bitdefender, or cloud automatically setting trust levels in Kaspersky, for instance. Full automation is the way most home products will follow.
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top