Andy Ful

Level 52
Verified
Trusted
Content Creator
Practice, practice, practice...

You wouldn't believe how many people install a security software, but don't know what it will do when it encounters a malicious action on their system. Some people sit there and... allow, allow, allow, allow in each notification,... and just keep going. They never investigate a thing or ask anyone a single question. It never occurred to them that maybe all those alerts meant something was wrong - let alone all the red colors and not even mentioning the wording "Danger ! Danger... Will Robinson !"
From my experience, most people behave like tourists in the jungle. All they can see is the green color, they cannot recognize the danger. And of course, they do not want to learn from bushmen.
 
5

509322

From my experience, most people behave like tourists in the jungle. All they can see is the green color, they cannot recognize the danger. And of course, they do not want to learn from bushmen.
That's because they don't know any better. And I think that not knowing isn't their fault. If you know better - and still do it - then it's your fault. YOUR FAULT.

When the first multi-billion dollar whopper comes along - and politician bank accounts get wiped-out and financial markets begin to wobble - only then *** perhaps *** things will begin to change. I doubt it. Mankind will blow itself up before any real change comes about. It's the human way...

Someone said "And we all know users want to use things" and my reply to that is "Then they get what they get." No current IT security technology can solve this particular problem 100 %. The industry cannot protect users from themselves.
 
Last edited by a moderator:

Serious Noize

Level 5
Verified
Seems like most antivirus software's are trying to legitimize themselves by saying they use "THE CLOUD" to detect the latest new viruses. But based on reading the article, that too is ineffective.

Not sure if it helps, but I make sure I turn my internet connection off when not in use and I am the only one using my PC and I don't introduce new software's to my PC unless I know exactly who and where the software is coming from.

I'm left to wonder just how secure Microsoft updates are though. And I wonder, if it's not out there already, or when there will come a time when a virus will be introduced by pieces at a time making it virtually undetectable and activated upon some action or trigger. Probably already out there, at least reading the article that's what it sounds like or will be here soon.

I've used computers for years and know a bit, but I'm no programmer, I only have experience writing .Bat files and I am old school in that respect to such things.

I would like to ask : "Does this mean that encrypting your hard drive would provide you more protection from viruses?" It sounds in some ways it might? If so what about using TrueCrypt or something along those lines to encrypt the entire hard drive. I have no need for personal information protection or privacy concerns because I simple don't allow nothing on my PC that I would be concerned with someone seeing or knowing or any information that could be used against me.

Just wondering about that? I'm sure some of you who program and script and know more would know the answer to that.

But then again, after reading the article, encrypting the whole hard drive with a well known encrypting software wouldn't that possibly make your PC vulnerable to more specific type of attacks? Or is the threat out there already where using that type of software is something that viruses my be custom written to target because they may figure if someone is using crypting software then there might be something more valuable to find and target?

Oh well, lot of questions. I think I'll just stick to the old plan of connecting to sites I know are safe, not installing nothing that I don't know where it comes from, using my Antivirus and try to avoid as much as I can viruses.

[EDITED TO SAY A SPECIAL THANKS TO THE OP FOR SHARING THIS!] I really enjoyed reading the article and it opened my eyes to a lot of things I was unaware of. Thank you Antreas for sharing this!
 
5

509322

It is time to go back to the topic.:)
I vote for : You can depend on Antivirus Software in some way, but do not be blind and deaf. Do not forget to think and learn.
AV is reliable up to a point - some more than others. That's the reality of it.

A lot of AV unreliability can be mitigated by educating users. But you can't make them disciplined users. You can't make them use a solution that will work 99 %. Put SRP on all systems and the outcry would be deafening "We are users ! We want to use stuff !" OK... have it your way... go jump off a cliff.
 
W

Wave

And I wonder, if it's not out there already, or when there will come a time when a virus will be introduced by pieces at a time making it virtually undetectable and activated upon some action or trigger. Probably already out there, at least reading the article that's what it sounds like or will be here soon.
If your system becomes infected by a sophisticated sample then they can download other components of the malicious software which should work together one piece at a time over a long duration to prevent high network activity (meaning you won't notice too much suspicious traffic and therefore won't investigate).

This is what an advanced enterprise threat could do though, however it's rare to bump into sophisticated malware like this for home user target's because malware authors will make more money investing time into enterprise-level threats. Most home-user targeting malware in the wild is buggy/pile of rubbish though IMO, there are exceptions though, such as Spora ransomware... and Petya isn't too bad since it modifies the MBR and that is too advanced for a lot of malware authors out there as it'll require knowledge with Assembly (since the MBR is a boot sector, it has the boot signature at the end of it - 55 AA so the BIOS knows it's bootable, and it's written in 16-bit ASM and when malware is written in ASM for Windows it's usually 32-bit or 64-bit as opposed to 16-bit).

I really wouldn't worry about advanced attacks, just make sure you have a backup and if you get infected then roll-back (and in the case of MBR infection then use a boot repair disc and then use your backup).

Windows XP is junkware in comparison to all modern operating systems. Good riddance that browsers and security software will stop supporting aging technology.
I personally 100% agree with that. I am glad Emsisoft dropped support for XP... I wish other people do as well, the OS is insecure itself and the update support has been obsolete for awhile now. I guess the problem is businesses still use it if they don't have the funding to update the software to work on a newer OS version, or they don't want to use the money for that... :/
 

DJ Panda

Level 29
Verified
I am never fully depended on an AV for my protection. I am sure to be careful when I download. It may be a minor inconvenience to some but using a SAU can help you know what wants access to those admin privileges.. Tweaking can be pretty good, pretty novice at that though and find tinkering can cause more harm than good. :)
 

Axelrod Sven

Level 3
Antivirus is definitely obsolete. Few years ago, we used to hope on Antivirus software being proactive. Now the onus has turn on us to be Reactive and respond to changing threats and landscape. That said...

I just want to add an input that I hope, will get kind responses.

I'm just speaking out against a few (excessively critical) statements against other people. I'm not politically correct - It is easy to hoot and snicker and be patronizing towards the average user because unlike us (and in case of most of us, like me, we learned after joining Malwaretips) normal people don't know better - whether they are not cyber savvy, or uneducated, or stupid, or don't care, or don't have time to learn, or hundreds of other reasons (both real and stupid reasons)...

We live our life living as normally as possible. Then something happens. We get sued. Or pay an incorrect amount of tax. Or fall sick. Or are made redundant. Or an accident - fire, vehicle, whatever. I think all of us has faced one or more of these situations. Then we face the same kind of patronizing attitude by professionals (like doctors or CPAs or Insurance people or startup entrepreneurs) who know better. They're not stupid, they're not aware about Cyber security. And the fault lies with the dominant force in the Cyber Security: Antivirus vendors, are at fault here, for claiming in one large consensus that antivirus = safety.

Until that unique moment where some software - Appguard, HIPS, whatever - (similar to the Norton wave of 2004 and Kaspersky wave of 2009) gets a ground-breaking amount of publicity, we'll make hundreds of threads with thousands of posts criticizing "stupid non-cyber savvy" people. But unfortunately for the world, antivirus sales, like their users are only increasing exponentially. This is an argument that will continue 200 years later. Even with computers in our heads, like @Andy Ful said, the argument of antivirus in our brain vs hips in our brain will exist, but the basic argument will remain.
 

Paul123

Level 4
Guess we need the equivalent of white blood cells to attack and destroy viruses. The bodies antibodies do not have a list of templates of hostile viruses, but they 'learn' to recognise and destroy viruses, and seem to do a pretty good job. If we could figure out how they do it I guess we'd be on to a winner as regards computer viruses. I guess behavioral antivirus systems are the start of this. We can still learn a lot from nature.

I still think the best antivirus is the user's own brain. If you avoid situations where you are likely to encounter computer viruses (such as avoiding suspect sites, not downloading pirated software) you can cut the chance of getting a virus considerably.
 
Last edited:

Handsome Recluse

Level 22
Verified
Guess we need the equivalent of white blood cells to attack and destroy viruses. The bodies antibodies do not have a list of templates of hostile viruses, but they 'learn' to recognise and destroy viruses, and seem to do a pretty good job. If we could figure out how they do it I guess we'd be on to a winner as regards computer viruses. I guess behavioral antivirus systems are the start of this. We can still learn a lot from nature.
The fact that it essentially exists everywhere means it must be effective but consider that the immune system still has variance among people, some are hyperactive with lots of false positive. That must be taken into account. Pathogens change and so does the immune system. I guess the only answer is keep changing or maybe worse, just an inevitablity.
 
Last edited:

Paul123

Level 4
I guess the only answer is keep changing.
I guess that is probably part of the answer. Virus makers have created viruses that change and evolve, I guess antivirus makers need to do the same. I seem to remember an article years ago about circuit makers using software that evolved circuits, to create the optimum circuit pathways. If a mutation gave a path that was shorter, it was chosen in preference over one that was slower, and replaced it and this occurred again and again until the optimum circuit was created. It seemed to work for that.

Virus makers seem to be a nasty bunch, but Ive often wondered if maybe some virus maker could make a benign virus (much like we have bacteria in our gut which are helpful). One that protected us against other malicious viruses, in exchange for maybe some CPU time to carry out some distributed task (such as the SETI program you could download did a while back). We might end up with a whole eco system on our computers one day:confused:
 
Last edited:

erreale

Level 8
Verified
Content Creator
Malware Hunter
In my opinion anyone that can use security solutions beside antivirus doesnt need security solution at all (HIPS/Sandbox/ANTI EXEC and etc users), thats why there isnt comercial viability for something like System Safe Monitor or Online Armor in 2017, they are just for geek fun.
But it is sad that good Hips as System Safety Monitor, ProSecurity, Malware Defender, EQsecure or Online Armor we had no commercial attention and which have been closed or failed. It is equally sad that people entrust their safety only to antivirus. Using programs such as those I have learned so much.
 

vemn

Level 6
Malware Hunter
Guess we need the equivalent of white blood cells to attack and destroy viruses. The bodies antibodies do not have a list of templates of hostile viruses, but they 'learn' to recognise and destroy viruses, and seem to do a pretty good job. If we could figure out how they do it I guess we'd be on to a winner as regards computer viruses. I guess behavioral antivirus systems are the start of this. We can still learn a lot from nature.

I still think the best antivirus is the user's own brain. If you avoid situations where you are likely to encounter computer viruses (such as avoiding suspect sites, not downloading pirated software) you can cut the chance of getting a virus considerably.
Yeah that's where UBA is on the rise now.
But will it work on consumer space?

There again, user education is a Long journey and I guess there's also situations where no matter how cautious we are, we may still fall for the attacks. And we have already witnessed times where virus attacks are beyond how well We protect ourselves. A simple manufacturer overlook landed laptops all preloaded with Trojans. We like IoT and that's where we assumed the future is to be and everyone's moving there. That opens up another giant can of worms.
 

Handsome Recluse

Level 22
Verified
I guess that is probably part of the answer. Viruses makers have created viruses that change and evolve, I guess antivirus makers need to do the same. I seem to remember an article years ago about circuit makers using software that evolved circuits, to create the optimum circuit pathways. If a mutation gave a path that was shorter, it was chosen in preference over one that was slower, and replaced it and this occurred again and again until the optimum circuit was created. It seemed to work for that.

Virus makers seem to be a nasty bunch, but Ive often wondered if maybe some virus maker could make a benign virus (much like we have bacteria in our gut which are helpful). One that protected us against other malicious viruses, in exchange for maybe some CPU time to carry out some distributed task (such as the SETI program you could download did a while back). We might end up with a whole eco system on our computers one day:confused:
Woah there. Wouldn't expect them to be called the enemy. This is the realm where economics and marketing are significant.
 

Handsome Recluse

Level 22
Verified
But it is sad that good Hips as System Safety Monitor, ProSecurity, Malware Defender, EQsecure or Online Armor we had no commercial attention and which have been closed or failed. It is equally sad that people entrust their safety only to antivirus. Using programs such as those I have learned so much.
But is there any empirical evidence that no antivirus actually makes sense. Maybe we're just safe because others are easier targets. It doesn't matter if you're slow if you're faster than the slowest in the group.
 

Paul123

Level 4
Woah there. Wouldn't expect them to be called the enemy. This is the realm where economics and marketing are significant.
Well virus makers have done some good too. They've probably reduced piracy much more than any lawyer or DRM did (by ensuring any pirated software has a 99% certainty of containing a Trojan) and they've also created a million dollar industry designed to combat them in terms of security consultants, anti-virus makers etc. creating lots of jobs.
 
Last edited:

_CyberGhosT_

Level 53
Verified
Trusted
Content Creator
I have not used traditional AV software in over a year, a test here and there maybe,
but you have to admit this is something I brought up a long time ago back when I
switched to Sig-free, and I remain steadfast in the belief that I simply don't need it.
I can, and have secured my system just fine without it. ;)
 

Paul123

Level 4
Maybe we're just safe because others are easier targets. It doesn't matter if you're slow if you're faster than the slowest in the group.
I always remember a quote by someone, saying 'if you are running away from an angry bear, you dont need to run faster than the bear, you just need to run faster than the person behind you, also being chased by the bear'. I thought it was a good analogy, and its true, regarding privacy and security.

Some protection is better than no protection
 
Last edited: