Re: AV Firms Scrambling to Keep Up in Security http://www.dslreports.com/forum/r20212122 en Tue, 02 Dec 2008 05:53:17 EDT Tue, 02 Dec 2008 05:53:17 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20234526 lorennerol :
said by mikenolan7 See Profile :

Yet the ads usually tout detection rates of over 90%. I wonder where the unrealistic expectations come from?
Bingo. Ignorant users are a problem perpetuated by the industry. If MS, Dell, HP, etc came out and said, "Hey, a computer is like your car: It needs to be used with some training and requires routine maintenance.", we'd all be better off.]]> http://www.dslreports.com/forum/remark,20234526 Thu, 27 Mar 2008 12:34:27 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20234448 mikenolan7 : Interesting statistics in that article. These really caught my eye:

""The problem is that we have this ongoing, unrealistic expectation that somehow we are going to detect 100 percent of the malware out there, when in fact what we have today is slightly less detection than we did, say, in the mid-1990s, when we were actually catching 70 to 80 percent of the new threats," said AVIEN's Harley."

"For security researchers on the bleeding edge of defending information networks, even those less-than-stellar numbers may be seem a bit inflated. Jerry Dixon, director of analysis for Team Cymru, a security research firm in Burr Ridge, Ill., said his team recently submitted more than 1,000 samples of brand new malware for scanning by 32 different commercial anti-virus products from around the globe. The result: Only 37 percent of the programs were detected as malicious by any of the products."

Yet the ads usually tout detection rates of over 90%. I wonder where the unrealistic expectations come from?]]> http://www.dslreports.com/forum/remark,20234448 Thu, 27 Mar 2008 12:25:08 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20233969 The Snowman :
Don't have much to say on this....its like singing the same old song over and over...it hasn't changed in twenty years.

Ironicaly people spend $20,000 on a car or truck that uses $2500 a year in gasoline......but wont spend $30 for a decent security program......an who can blame then considering all the fud programs out there in the wild.....maybe they should start locking up a few of those crapware vendors......now that would indeed be an enlightened moment. Of course it wont ever happen...the situation is much to far gone for that.......to much graft being spread around.

Wont be much longer before all we have is each other....helping one another.....very near that point now. In the mean time.....Users better damn well wake-up.]]> http://www.dslreports.com/forum/remark,20233969 Thu, 27 Mar 2008 11:16:40 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20233732 Cabal :
said by daveinpoway See Profile :

Regarding your last sentence: Perhaps you have forgotten (understandable, since it has been a few years), but Mr. Gates himself assured us (sometime around 2002, if I recall correctly) that security is Job #1 at Microsoft.
:D
--
Interested in open source engine management for your Subaru?]]> http://www.dslreports.com/forum/remark,20233732 Thu, 27 Mar 2008 10:38:54 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20232989 daveinpoway : Regarding your last sentence: Perhaps you have forgotten (understandable, since it has been a few years), but Mr. Gates himself assured us (sometime around 2002, if I recall correctly) that security is Job #1 at Microsoft. ]]> http://www.dslreports.com/forum/remark,20232989 Thu, 27 Mar 2008 06:12:01 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20232048 anon : Yeah, you can continue worrying about these "2,000 to 3,000" viruses per hour, or you can just stop using Windows and sleep a lot easier.

Of course, the average Joe computer user can hardly even use Windows, so we can't expect him to use *nix, and probably not even OS X, without problems.

I agree that security = user education. But education can only go so far with Windows. Even tech savvy Windows users can't keep up with the flood of malware out there, so it is virtually guaranteed you will get some sort of malware every so often. It may take a while for the paranoid users, but it will happen. You also have to consider how many malware scripts your AV software is not detecting. There are a lot of folks who write their own trojans for their own personal use (AV will never detect them) or who sell them to criminals. Your chances of being targeted by such individuals is low, but possible.

And anyone who thinks that there will ever be a day when "we will never have to worry about grandma being flooded with malware" is totally naive and unrealistic.

--Stating the obvious alert for text below--

Computers, by their very definition, take instructions from code. The HTTP, and every other aspect of the online world, operates via code. Therefore, code will always be present on the Internet. The Internet works by computers communicating with a bunch of other computers -- as in no central location. This means your computer will always be running code from a string of unknown computers. Since your computer is designed to run code, this means anyone who can write code can infect your computer. Therefore, malware can't be stopped while computers are connected to the Internet as we know it. Simple syllogism.

You can avoid a lot of this trouble IF your computer has proper user access rights set-up (Vista's UAC is very unpopular, and most users will simply turn it off. Even if they did use it, it isn't as comprehensive as other OS's and not as effective).

I really see no reasonable solution to stopping malware without completely overhauling the definition of a "computer" or creating a completely new protocol for computer communication. TCP/IP was not created for security. It's creators never foresaw the explosion of the public Internet back in the late 60's (when the first packet switching connection was made).

IMO, in the interim, one thing should be done: stop using OS's that have a low priority on security (read: Windows).]]> http://www.dslreports.com/forum/remark,20232048 Wed, 26 Mar 2008 23:20:23 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20229823 antdude : jram: Computer users who click on everything and don't care about security.]]> http://www.dslreports.com/forum/remark,20229823 Wed, 26 Mar 2008 16:57:19 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20225786 NanDog :
said by jram See Profile :

They want you to think that to justify to price raise. The only scrambling their doing is trying to figure out how to install more bloat. Whens the last time you had a virus or know anyone that has one? To me some of the AV programs slow you down and do worst things to your machine than a virus.
Judging by the amount of spam that's been generated in the last few years there's obviously lots of boxes that are owned. Just read about the small number of botnets that have been busted and taken down and see how many machines they controlled.

That's a very small percentage of the total!

It's no longer just bored scriptkiddies doing this stuff. It's cybercriminals making so much money from their nefarious activities that it would blow your mind!
--
See ya across the Rainbow Bridge, my good and faithful friend!]]> http://www.dslreports.com/forum/remark,20225786 Tue, 25 Mar 2008 22:06:56 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20221092 daveinpoway : Here's someone who recently got a virus: » Cleaning mom's machine remotely]]> http://www.dslreports.com/forum/remark,20221092 Tue, 25 Mar 2008 05:18:30 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20215966 TonyKlein : Here's some more reading on the subject (not sure whether it has been mentioned here before, but it is certainly very much on topic):

Kaspersky Security Bulletin 2007: Malware evolution in 2007
--
Tony - CLSID List]]> http://www.dslreports.com/forum/remark,20215966 Mon, 24 Mar 2008 09:28:08 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20215653 jram : AV Firms Scrambling to Keep Up
___________________________________
They want you to think that to justify to price raise. The only scrambling their doing is trying to figure out how to install more bloat. Whens the last time you had a virus or know anyone that has one? To me some of the AV programs slow you down and do worst things to your machine than a virus.]]> http://www.dslreports.com/forum/remark,20215653 Mon, 24 Mar 2008 06:51:16 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20215609 daveinpoway : Perhaps I, too, am naive, but, with technology advances, this could come into existence: a Unified Threat Management appliance (like a Fortigate) on a single chip. This would update itself automatically without user intervention, and would also incorporate advanced heuristics (which would actually work, unlike the crude heuristics we have these days) to tackle threats it hasn't received updates for yet. With mass-production, these could be produced cheaply enough that every motherboard could incorporate one. To make this work, the subscription cost for the update service would have to be built into the price of the equipment, so that nobody would have to remember to renew their subscription. Basically, the user would not even be aware (nor would he/she need to be aware) that this chip was present- everything would be done silently in the background.

With this "Security Chip" filtering out malware, life on the Internet would become much safer. Probably not 100% safe, of course, but way better than today's situation.]]> http://www.dslreports.com/forum/remark,20215609 Mon, 24 Mar 2008 06:16:36 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20212122 simmery : In my naive dreams, I see a world that isn't divided into stupid users and smart users. I see a world that cares more about eradicating the sources of malware so that the internet is a safer place.

We have come to the point where we simply accept the idea that the internet is a cesspool and that there are ways to swim in it that are safer than others. We also blame users who expect to swim in a chlorinated pool and don't know that they should only swim in certain parts or have special swimming equipment to keep from catching diseases. We support an entire security industry as a fact of life because we're afraid that if we clean up the cesspool, we might have to spend money or we might intrude on someone's "rights."

Someday, people will wake up and realize how completely insane this whole deal is. Grandma should not have to remember a hundred rules about what to click on or how many security programs to use or setting up limited accounts and messing with policies. She should be able to use her email without wondering whether she's going to get infected or ripped off by criminals.

Yes, this is all very naive and the internet is what it is, but I still marvel at how we continue to accept it and do nothing more than apply band-aids and divide ourselves into users with "common sense" and users who are "clueless." This does nothing more than reinforce the idea that criminality is normal. Instead of bemoaning the idea that people don't want to -- or can't -- exercise what we think of as common sense (and really is nothing of the sort), we should be putting our money and voting power into demanding a better place to swim. ]]> http://www.dslreports.com/forum/remark,20212122 Sun, 23 Mar 2008 12:24:27 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20210629 NanDog : For me, the most telling statement in that Washington Post article was this one: "Experts say PC users shouldn't depend on anti-virus software to save them from risky online behaviors, such as clicking on Web links included in unsolicited e-mail and instant messages."

So true, so true!

Safe hex is more about behavior than programs but so many users think that their pre-installed AV is all the protection they need. They'll click on any link or attachment and surf to any site knowing that nothing can harm them. :huh:

My state has just instituted a licensing program for the operation of watercraft. Perhaps a license for operating a computer should be required? I dislike that sort of control and intrusion but........?
--
See ya across the Rainbow Bridge, my good and faithful friend!]]> http://www.dslreports.com/forum/remark,20210629 Sun, 23 Mar 2008 01:25:34 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20210145 antdude :
said by Psicop See Profile :

Yes, the future looks grim, basically like this:



:o

That graph looks scary. OMG!

I wonder if eventually malware writers are going to launch a global attack against other OS, namely Linux and Mac.

Thanks for the link, SUMware.
That graph is scary indeed. Here comes SkyNet (Terminator screen capture fits well)! :(
--
Ant @ »antfarm.ma.cx and »aqfl.net. Please do not IM/e-mail me for technical support. Use the forum! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer]]> http://www.dslreports.com/forum/remark,20210145 Sat, 22 Mar 2008 23:06:10 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20201436 visormiser : getting waaaaay OT now, but I can't help it:

Man, 81, Kills Himself with Shot from Suicide Robot
»www.timesonline.co.uk/tol/news/w···1734.ece]]> http://www.dslreports.com/forum/remark,20201436 Fri, 21 Mar 2008 10:19:16 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20200825 daveinpoway : Always possible that other operating systems will be targeted, as well, but I believe that they will be easier to clean up than Windows, since they do not use a registry (which offers a great hiding place for all sorts of bad stuff). In my opinion, at least, the Registry was not one of Microsoft's better inventions. ]]> http://www.dslreports.com/forum/remark,20200825 Fri, 21 Mar 2008 06:18:06 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20199186 Psicop : You mentioned that (I saw it already and it's awesome) but I need to mention this as well:

»www.ted.com/index.php/talks/view/id/162

Sorry for going OT. :p]]> http://www.dslreports.com/forum/remark,20199186 Thu, 20 Mar 2008 21:56:28 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20199155 SUMware : Not to get OT, but the future, as depicted above, may not be as far off as we think. Take a look...
BigDog Quadruped Robot]]> http://www.dslreports.com/forum/remark,20199155 Thu, 20 Mar 2008 21:47:37 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20199042 Psicop : Yes, the future looks grim, basically like this:



:o

That graph looks scary. OMG!

I wonder if eventually malware writers are going to launch a global attack against other OS, namely Linux and Mac.

Thanks for the link, SUMware.]]> http://www.dslreports.com/forum/remark,20199042 Thu, 20 Mar 2008 21:28:51 EDT Re: AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20198792 KoRnGtL15 : Crazy stuff out there now. ]]> http://www.dslreports.com/forum/remark,20198792 Thu, 20 Mar 2008 20:50:31 EDT AV Firms Scrambling to Keep Up http://www.dslreports.com/forum/remark,20198362 SUMware : Anti-Virus Firms Scrambling to Keep Up
March 19, 2008 -

An overview on how bad, and getting worse, things are...
quote:
"Back in 1990 we were seeing a handful of new viruses each week," said David Perry, global director of education for Trend Micro, an anti-virus company headquartered in Japan. "Now, we're having to analyze between 2,000 and 3,000 new viruses per hour."
]]> http://www.dslreports.com/forum/remark,20198362 Thu, 20 Mar 2008 19:36:23 EDT