In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks

[blackice]

Even that you cant trust it anymore.

True, but if Microsoft or Valve deliver me a malware (and Valve has, not me personally) that’s on them. Not poor habits.

Now if we are talking about my kids computers when they get old enough, I’m locking that down until they can act responsibly...so basically when they move out.

 

[93803123]

I think that @Raiden was coming at it more from a home user prospective. I work for the US Govt. our computers are locked down and we aren’t able to do much of anything outside the scope of our work, as it should be. But when I go home, I don’t need the hassle of default deny since I am cautious about what I install and rarely download much of anything that’s not from an official store or site. Not that I won’t get infected, but I don’t need enterprise level restrictions on a personal device. On the enterprise side I totally agree, the device and network belong to the company and as such it is their prerogative to protect it.

I know that @Raiden means for the home user. However, home users are to a large extent one of the primary security problems. Complete system lock down needs to be especially enforced on home user systems. Lock down should not be reserved only for organizations where there is an admin to lock down the system.

Apple has the best system - only allow home users to do what it says they can do.

Consumer devices should not allow consumers to do much of anything other than what is already built into the system. And even then, what consumers can do needs to be tightly controlled.

Some will argue that this will kill says. Nope. Ain't true. People are so addicted to the internet and digital devices, that they will accept what they are given if the entire industry made the effort to work as a unified front. But that won't happen because OEMs use new features to out-best their rivals. The whole "new feature" thingy is the plague of consumerism.

 

[blackice]

I know that @Raiden means for the home user. However, home users are to a large extent one of the primary security problems. Complete system lock down needs to be especially enforced on home user systems. Lock down should not be reserved only for organizations where there is an admin to lock down the system.

Apple has the best system - only allow home users to do what it says they can do.

Consumer devices should not allow consumers to do much of anything other than what is already built into the system. And even then, what consumers can do needs to be tightly controlled.

Some will argue that this will kill says. Nope. Ain't true. People are so addicted to the internet and digital devices, that they will accept what they are given if the entire industry made the effort to work as a unified front.

How very totalitarian of you.

 

[93803123]

it is why the model adopted by Chromebook or Apple is better security-wise than MS, people are restricted (or have nothing to modify) hence less infections.

Because of Android apps on Chromebook, Apple is the better choice of the two.

I am thinking another MacBook Pro 15 and iPhone are in my future. Those two work well together. And sure there are problems with them, yet those problems aren't anywhere near the same problems I encounter on Windows and Linux systems.

 

[oldschool]

How very totalitarian of you.

 

[93803123]

How very totalitarian of you.

People can't handle security. It's like driving a car. If a person cannot drive the car safely, then the driving privilege needs to be or is taken away from the person.

It's not totalitarian. It is practical. It is common sense. It will also protect people from liability.

You have no right to infect my system through your carelessness, ineptitude or negligence in exercising your options. You need to be held accountable. The way users are held accountable is via the legal system.

In places like this forum, people think that the they should be able to do whatever they want, and if there are bad consequences for their actions then it isn't their fault. They blame everyone else for the failure. It's always the security software publisher's fault. And that publishers need to fully accommodate the end users' way of thinking.

The alternative is to raise prices for everything in the digital space to compensate for\cover the costs of all the problems and damages that users create.

The needs of the many need to come before consumer demands and expectations. People cannot protect themselves from themselves. So for their own good it needs to be forced onto them. It's the reason that Microsoft forces Windows updates on Windows 10, with little opt-out even for enterprises.

 

[Handsome Recluse]

Apple has the best system - only allow home users to do what it says they can do.

Vista's UAC backlash tho.

 

[93803123]

Vista's UAC backlash tho.

UAC is pretty much worthless for security. Users do not heed UAC. Only geeks and those that prioritize security use UAC.

Apple has much better software and hardware execution than Microsoft. Apple very smartly limits what users can do.

 

[Handsome Recluse]

People can't handle security. It's like driving a car. If a person cannot drive the car safely, then the driving privilege needs to be or is taken away from the person.

What are the risk factors for unsafe driving though?

 

[93803123]

What are the risk factors for unsafe driving though?

Death & Damages for unsafe driving.

Users cause damages totaling in the many billions due their inability to operate their systems safely.

 

[Burrito]

How very totalitarian of you.

Exactly.

Spanks is getting a little ridiculous in all this.

What he's talking about is called 'negative externalities' in economics.

So when we (the state, country..) allow consumers to purchase and use equipment that negatively affects others, they should pay a price for it to cover the costs of the negative effects of others, or the government should regulate the negative externality out of existence.

I agree with the concept totally.

So in the USA, where we have the negative externality of over 30,000 gun deaths annually because people cannot use and protect weapons in any sort of legit way, there is a resulting huge death toll every year. And this is hugely wrong.

So when we start the door-to-door gun roundup to mitigate the annual USA gun slaughter, we can also start the roundup of all computers that might infect our neighbors.

Yeah, that's it. That's the answer.


,

 

[Venustus]

Apple has the best system - only allow home users to do what it says they can do.

...which is why I will never use it!

 

[Handsome Recluse]

Death & Damages for unsafe driving.

Users cause damages totaling in the many billions due their inability to operate their systems safely.

I meant possible causes of unsafe driving, not possible effects.

 

[93803123]

Exactly.

Spanks is getting a little ridiculous in all this.

What he's talking about is called 'negative externalities' in economics.

View attachment 227202

So when we (the state, country..) allow consumers to purchase and use equipment that negatively affects others, they should pay a price for it to cover the costs of the negative effects of others, or the government should regulate the negative externality out of existence.

I agree with the concept totally.

So in the USA, where we have the negative externality of over 30,000 gun deaths annually because people cannot use and protect weapons in any sort of legit way, there is a resulting huge death toll every year. And this is hugely wrong.

So when we start the door-to-door gun roundup to mitigate the annual USA gun slaughter, we can also start the roundup of all computers that might infect our neighbors.

Yeah, that's it. That's the answer.


,

I'm not being ridiculous about anything. It is fact that companies are becoming increasingly litigious over breaches, employees that infect systems because they did not adhere to safe practices, and those companies want the parties responsible to pay for the damages. Non-business users are increasingly pursuing remedy in courts as well. All one need do is look up the plethora of court cases in this area.

I am not for gun nor computer confiscation. However, I do think people should be held accountable when they cause others damages. That is the entire basis of torts.

Just try to take guns from Texans. There are 3 million Texans, but 5 million registered guns in Texas. Good luck with that.

The answer is not better software. The software today is better than it ever has been, yet we are in the worst security situation of all time. Behavioral change is the answer. The whole paradigm of "it's my system and I should be able to do with it as I wish - regardless of any consequences" is the same as "it's m car and I can do whatever I want with it - including driving recklessly." Computers and digital devices result in huge financial losses. Those losses should be tracked, and all parties that are careless and negligent should be held accountable.

The courts have held that parents can be held civilly liable a criminally culpable for their children's' online behavior. Parents have gone to jail and paid huge fines or reimbursements for damages. The courts have also held that a person who misuses a computer - even out of ignorance - can be held liable. That includes minors.

So it is a concepts I am talking about are well-established and accepted.

 

[Burrito]

I'm not being ridiculous about anything. It is fact that companies are becoming increasingly litigious over breaches, employees that infect systems because they did not adhere to safe practices, and those companies want the parties responsible to pay for the damages. Non-business users are increasingly pursuing remedy in courts as well. All one need do is look up the plethora of court cases in this area.

I am not for gun nor computer confiscation. However, I do think people should be held accountable when they cause others damages. That is the entire basis of torts.

Just try to take guns from Texans. There are 3 million Texans, but 5 million registered guns in Texas. Good luck with that.

The answer is not better software. The software today is better than it ever has been, yet we are in the worst security situation of all time. Behavioral change is the answer.

But you are being ridiculous.

So "good luck with" the regulation of guns in Texas that contribute to actual deaths.

But we can regulate the behavior of all computer users because my neighbor might get a virus.

 

[93803123]

But you are being ridiculous.

So "good luck with" the regulation of guns in Texas that contribute to actual deaths.

But we can regulate the behavior of all computer users because my neighbor might get a virus.

The courts say it isn't ridiculous. It is a well established matter of law. People get hauled into court because of what they did or did not do on digital devices all the time. And it is becoming more and more prevalent.

Regulation of guns in Texas ain't ever gonna happen. That is a constitutional matter whereas damages from digital space is a matter of torts.

Negligence or carelessness using a computer, using a gun, or driving a car are all the same if they result in damages to others.

If your system is infected by a bot, and even though you are unaware of that fact, you can be held liable for any damages that arise from your system. There have been multiple court cases involving this exact scenario. And the system owner has been held liable.

 

[Burrito]

The courts say it isn't ridiculous. It is a well established matter of law. People get hauled into court because of what they did or did not do on digital devices all the time. And it is becoming more and more prevalent.

Regulation of guns in Texas ain't ever gonna happen. That is a constitutional matter whereas damages from digital space is a matter of torts.

Not exactly.

The court system is not full of cases where ignorant users caused others to become infected -- which was the basis of the earlier discussion.

And guns... while not really topical to the thread... that issue is not really resolved in terms of torts. As you are probably aware, there was a recent notable case pertinent to this exact topic. But it's surprising how willingly you cede that to some Constitutional ideal when people die... but cling to torts when some suffer digital inconvenience.

 

[93803123]

Not exactly.

The court system is not full of cases where ignorant users caused others to become infected -- which was the basis of the earlier discussion.

And guns... while not really topical to the thread... that issue is not really resolved in terms of torts. As you are probably aware, there was a recent notable case pertinent to this exact topic. But it's surprising how willingly you cede that to some Constitutional ideal when people die... but cling to torts when some suffer digital inconvenience.

There are court cases where a user who did not know their system was being used as a bot was held liable. The owner of a system is always responsible for what is on it and what it does. For example, if child porn gets downloaded to your system and you aren't aware of it, guess what - you are going to be prosecuted if the authorities find it. You will not be able to claim ignorance. The defining factor as far as torts is if there is a party that presses the issue in a legal forum.

All damages are resolved via torts. Regulation is not the domain of courts. It is legislatures that handle those issues. And it is a Constitutional matter so that legislatures cannot do whatever they want willy-nilly. Damages resulting from firearms are handled in the civil courts.

Guns, cars and software - the person is responsible for the operation.

 

[Burrito]

There are court cases where a user who did not know their system was being used as a bot was held liable. The owner of a system is always responsible for what is on it and what it does. For example, if child porn gets downloaded to your system and you aren't aware of it, guess what - you are going to be prosecuted if the authorities find it. You will not be able to claim ignorance. The defining factor as far as torts is if there is a party that presses the issue in a legal forum.

All damages are resolved via torts. Regulation is not the domain of courts. It is legislatures that handle those issues. And it is a Constitutional matter so that legislatures cannot do whatever they want willy-nilly. Damages resulting from firearms are handled in the civil courts.

Guns, cars and software - the person is responsible for the operation.

I agree with much of what you say on this topic and others -- in theory.

But you are off base here.

You make broad sweeping statements about computer usage and the courts and torts that just have no basis in reality.

The owner of the system is NOT always responsible, and in fact is rarely responsible in reality in the case of "pwned" machines. All the computers that are controlled by others (zombie computers) and used for attacks --- can you show me one case where an individual owner was held responsible? You can search and search... but I'll save you the time. You won't find it.

Even your child porn example is incorrect. There has already been at least one instance where it was shown that one person placed child porn on another person's computer. And yes, the computer owner was not held responsible.

And you speak of torts in a cyber world as if everybody worldwide is within the legal jurisdiction of one system. Of course that is not the case. All great theory. Just not reality.

 

[ErzCrz]

*searching for the original topic* So, do you think home users will get better protection or will we all stay as nodes like Free Avast? I think better education to users and more of a default deny solution would be the best. For example, Macs are more locked down in general (from what I understand) less room for user error affecting security.

Erz