Cnet tells users 100% guarantee infection in Security http://www.dslreports.com/forum/r21673856 en Wed, 09 Dec 2009 22:12:22 EDT Wed, 09 Dec 2009 22:12:22 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21685309 ironwalker :
said by Smokey Bear See Profile :

said by DarkSithPro See Profile :

cnet.com
Under lock and key

No matter how savvy of a computer user you are, your computer will be the victim of malware or a virus at some point.

Pretty bold statement from cnet. What do you guys think?
As long people don't download malware from CNET/download.com servers there is a possibilty they remain clean. CNET still offer malware for download.....

Edited: typo
Agreed!
Why people use these 3rd party download offers is beyond me.
I always go to authers site or company's site and if the 3rd party links are affiliated with them I use them, but, only if on the auther/company's site.]]> http://www.dslreports.com/forum/remark,21685309 Mon, 05 Jan 2009 15:38:53 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21681243 Kiwi : I considered the OP topic amusing, as I used to use the CNET downloads to verify new malware, they allowed on their site. Nothing much has changed, it's still malware hell; I suggest they lock their site up and throw away the key.]]> http://www.dslreports.com/forum/remark,21681243 Sun, 04 Jan 2009 19:52:06 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21680374 FunnyBones : I know someone who only uses a live dvd for online with no drives mounted so I agree BS. :)
--
Are you part of the cattle?]]> http://www.dslreports.com/forum/remark,21680374 Sun, 04 Jan 2009 16:43:50 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21680048 kpatz : Of course, how do they define "infection?" Someone could have inactive malware sitting in their browser cache, for example. Does that count as "infection" by CNet?

I for one have never had any of my systems infected, except for one time with adware (due to someone else using the computer). And I've had my AV flag things in my browser cache during a scan, but nothing was active. So, would I be part of that "100%"? :D
--
To ISPs: Leave our ports alone! If I want ports blocked, I'll do it myself, thank you.]]> http://www.dslreports.com/forum/remark,21680048 Sun, 04 Jan 2009 15:36:13 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21679583 VirtualLarry :
said by Woody79_00 See Profile :

The gist of the matter is that the checking of Software Restriction Policy is done in USER MODE in the process which issued the CreateProcess/LoadLibrary call. This means that the current process can patch itself so that SRP isn't correctly verified. Mark did this by intercepting reads to the Registry (where SRP policies are stored) and returning fake results, Didier did this by searching the registry key names and replacing them with bogus ones (so registry reads would fail.

Mark Russonivich wrote a program that would allow the disabling of Software Restiction Policy by a "Limited User" without admin rights required
But how can a process patch itself, if it isn't running? The point is, somehow, code has to execute, in order to patch around, the code that blocks code from executing.
It seems like a catch-22 to me.

If you want to run proof-of-concept code, fine, but that requires a program that is already allowed to run.

Are those programs accessable from the internet in some way that would allow that code to run, when prompted by a remote source? If not, then I would say that SRP is very secure.

For example, assume (I didn't read it) that the program that Mark wrote to bypass SRP was itself an executable. As a limited user running under SRP, how are you going to get that .exe to run, in order to patch SRP, to allow .exes to run? You can't execute it directly out of any directories that you have write access to, and only an admin has write access to the Program Files and Windows directories.]]> http://www.dslreports.com/forum/remark,21679583 Sun, 04 Jan 2009 14:11:56 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21679478 Smokey Bear :
said by dadkins See Profile :

Yes!
Exactly!
Adware, not "dishonest adware", is a part of many people's daily life.
In and of itself, "adware" is not malicious and therefore not malware.

Now, some are more agressive than others, but I am OK with FlashGet as they/it provide(s) a way to turn it off.

Like you say, concerning FlashGet it isn't "dishonest adware" or "unwanted software", especially not because you was informed about the adware in it and accepted it as part of the "deal". :)
--
Smokey's Security Forums »www.smokey-services.eu/forum/
Smokey's Security Weblog »smokeys.wordpress.com/
Site Member ASAP - Alliance of Security Analysis Professionals]]> http://www.dslreports.com/forum/remark,21679478 Sun, 04 Jan 2009 13:52:56 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21679194 dadkins : Yes!
Exactly!
Adware, not "dishonest adware", is a part of many people's daily life.
In and of itself, "adware" is not malicious and therefore not malware.

Adware is more in the class of shareware than anything bad.
Free with advertisements as opposed to popup adware/redirects/hijackers that is only there to deliver ads.

»en.wikipedia.org/wiki/Adware

"Adware or advertising-supported software is any software package which automatically plays, displays, or downloads advertisements to a computer after the software is installed on it or while the application is being used."

Now, some are more agressive than others, but I am OK with FlashGet as they/it provide(s) a way to turn it off.
:)
--
Think outside the Fox... Opera]]> http://www.dslreports.com/forum/remark,21679194 Sun, 04 Jan 2009 12:27:41 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21679188 Nanoprobe :
said by DarkSithPro See Profile :

cnet.com
Under lock and key

No matter how savvy of a computer user you are, your computer will be the victim of malware or a virus at some point.

Pretty bold statement from cnet. What do you guys think?

--
Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. Albert Einstein

]]> http://www.dslreports.com/forum/remark,21679188 Sun, 04 Jan 2009 12:26:26 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21678826 Woody79_00 : No Blackbird, i wasn't directing thart assertion at you in particualr, i just happen to click your name on the reply button. You brought up some very good points blackbird and I don't disagree with them at all.

you smart enough to know that it takes "layers" to do the best you can to prevent it, some folks belive otherwise but you are not 1 of those folks I can clearly tell.

Virtual Larry:

The gist of the matter is that the checking of Software Restriction Policy is done in USER MODE in the process which issued the CreateProcess/LoadLibrary call. This means that the current process can patch itself so that SRP isn't correctly verified. Mark did this by intercepting reads to the Registry (where SRP policies are stored) and returning fake results, Didier did this by searching the registry key names and replacing them with bogus ones (so registry reads would fail.

Mark Russonivich wrote a program that would allow the disabling of Software Restiction Policy by a "Limited User" without admin rights required

»blogs.technet.com/markrussinovic···ser.aspx

Didier Stevens took this to the next level as recently as March of 2008

»blog.didierstevens.com/2008/03/0···disable/

»blog.didierstevens.com/2008/02/2···ool-kit/

»hype-free.blogspot.com/2008/10/l···ion.html

Software Restriction Policies are just a layer..execution prevention is not the end all protection...once it becomes popualr enough that Malware Authors have to take it into account, it can be bypassed like anything else.

even on the Nix boxes I maintain for I know there are ways around the firewalls, no firewall is full-proof, The recent router crash test is an exmaple of this.

I am just saying once you become aware of the realitty of the computer world it gets much easier...

I think the best rule of thumb is to always use your computer with the mindset that you "may" be compromised...this will promote safer computing practices overall. that's the only point I am trying to make.

No matter what OP system you use, you should always use layers...layers are like locks...make them go though a few hoops to get in...but locks on computers are like locks in reali life. Locks only keep honest people out. If some bad guy wants in bad enough, he will get in...its just the nature of the world.

Good reads nonetheless ]]> http://www.dslreports.com/forum/remark,21678826 Sun, 04 Jan 2009 10:47:22 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21678756 Smokey Bear : Wikipedia definition malware:

Malware, a portmanteau from the words malicious and software, is software designed to infiltrate or damage a computer system without the owner's informed consent. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.

Many computer users are unfamiliar with the term, and often use "computer virus" for all types of malware, including true viruses.

Software is considered malware based on the perceived intent of the creator rather than any particular features. Malware includes computer viruses, worms, trojan horses, most rootkits, spyware, dishonest adware, crimeware and other malicious and unwanted software. In law, malware is sometimes known as a computer contaminant, for instance in the legal codes of several American states, including California and West Virginia.

Malware is not the same as defective software, that is, software which has a legitimate purpose but contains harmful bugs.

»en.wikipedia.org/wiki/Malware
--
Smokey's Security Forums »www.smokey-services.eu/forum/
Smokey's Security Weblog »smokeys.wordpress.com/
Site Member ASAP - Alliance of Security Analysis Professionals]]> http://www.dslreports.com/forum/remark,21678756 Sun, 04 Jan 2009 10:23:55 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21678711 33591094 : I haven't been gotten to yet, cnet...]]> http://www.dslreports.com/forum/remark,21678711 Sun, 04 Jan 2009 10:09:29 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21678658 dadkins :
said by james See Profile :

I'd say it's a safe statement to make.
Who here can honestly say they have NEVER had to remove a virus or adware from one of their computers?
If they were claiming that every computer was at this moment infected, then they'd be wrong.
Me! Never had a virus. Period.
Adware? Hell, I have purposely installed adware, some adware is pre-installed by computer manufacturers.

The page doesn't say adware, it's malware.
"No matter how savvy of a computer user you are, your computer will be the victim of malware or a virus at some point."
--
Think outside the Fox... Opera
Click for full size
ONOES!!1 Ads!
Click for full size
Turn off ads and use program anyways. ;-)
]]> http://www.dslreports.com/forum/remark,21678658 Sun, 04 Jan 2009 09:55:30 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21677844 VirtualLarry :
said by Woody79_00 See Profile :

As recently as October of 2008 Windows Software Restriction Policies and Programs like Faronics Anti-Executable can be bypassed by Malware Via "Patching in memory" certain functions and key values in kernel32.dll amongs others, in turn "intercepting" the point of the check and giving errors or "fake values" allowing the executable to run.It still hasn't been patched.
But doesn't it require admin privs for that process, to do the in-memory patching of kernel32.dll?

IOW, if you're running as admin, and malware gets a chance to execute on your machine, you're hosed and likely need a rebuild of the OS to ensure you got rid of it.

But running as a limited user, in conjunction with Software Restriction Polices, can form a virtually bullet-proof shield against malware getting in in the first place. And that's the whole point.

So I think that you are spreading FUD by suggesting that these very valid security procedures are useless.]]> http://www.dslreports.com/forum/remark,21677844 Sun, 04 Jan 2009 01:10:15 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21677687 Blackbird :
said by Woody79_00 See Profile :

No computer is 100% secure... Even though Linux is the most secure of the 3 mentioned, it can be compromised like any other operating system if a person is not careful.

I do find it humerous though how many people believe that Software Restriction Policies, and certain programs like Faronics Anti-Executable and other execution protection softare will protect them from all danger...
If you're directing that latter assertion at me, it's not what I said - or at least, it's not the meaning I intended to convey. My intended point was that there are a number of layered tools and practices (which I consider to fall under the umbrella of "safe hex") that acting together render penetration extremely unlikely... of which using a Deep-Freeze kind of tool happens to be a significant one (but by no means the only one - your Tripwire approach being an alternative case in point). And I don't use either product. Frankly, my core belief is that how a person uses a computer and what he does with it will have far more influence on infectability than anything else. There have been a number of posts in this thread already by users who have used computers for years and never been infected; and there's nothing yet in this thread to cause me to believe that will all suddenly change for them over the next month, or year, or even decade. And it must change if the article's statement is correct.

Stating that users' computers will all eventually be infected (as the article essentially does) is a far different thing from stating, as you did, that "no computer is 100% secure". No car is 100% secure against theft either, yet not all will be stolen. No house is 100% secure against burglary, yet not all will be victimized. No encryption scheme is 100% secure from cracking, yet most encrypted information will not be compromised. What would be an accurate statement is that computers, rarely being 100% secure in and of themselves, are far more likely to be infected than computers operated with knowledgeable and secure methodologies, using a variety of well-reasoned protective tools - either hardware or software.

Terms like never, always, 100%, "will" - these are categorical expressions, and lend themselves more to hype and hysteria than to reasoned comparisons and evaluations. To falsify the article's statement, I need only to place a pristine computer disconnected from any wiring into a sealed container, surround it with concrete, and have somebody dig it up in 100 years... I feel completely safe in stating it will still be uninfected. Absurd? Certainly. But it's all about context, isn't it? And context dissolves and undercuts categorical "certainty"...
--
If God wanted us to work with electrons, He'd make them big enough to see...]]> http://www.dslreports.com/forum/remark,21677687 Sun, 04 Jan 2009 00:25:16 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21677279 EGeezer :
said by HFB1217 See Profile :

A new form of birth control don't let Bill find out or he may charge for it as well.
It could give a whole new meaning to trojans and infections...
--
The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandeis]]> http://www.dslreports.com/forum/remark,21677279 Sat, 03 Jan 2009 22:20:37 EDT Re: Cnet download http://www.dslreports.com/forum/remark,21676831 Its a Secret :
said by Smokey Bear See Profile :

...how many other malicious programs are offered by CNET?
That's a very good question. I haven't DL'd from cnet/ download.com in years, but I know people who do. I'll have to let 'em know.

But it is very irresponsible to allow this to happen.
--
"In the future, that which is not mandatory will be illegal"]]> http://www.dslreports.com/forum/remark,21676831 Sat, 03 Jan 2009 20:37:04 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21676828 Woody79_00 : No computer is 100% secure. Not Linux, not Windows, and not MAC. Even though Linux is the most secure of the 3 mentioned, it can be compromised like any other operating system if a person is not careful.

I do find it humerous though how many people believe that Software Restriction Policies, and certain programs like Faronics Anti-Executable and other execution protection softare will protect them from all danger...when Mark Russonvich proved this not to be the case at all and quite some time ago

As recently as October of 2008 Windows Software Restriction Policies and Programs like Faronics Anti-Executable can be bypassed by Malware Via "Patching in memory" certain functions and key values in kernel32.dll amongs others, in turn "intercepting" the point of the check and giving errors or "fake values" allowing the executable to run.It still hasn't been patched.

you can read bout this here.

»hype-free.blogspot.com/2008/10/l···ion.html

the findings are quite telling...how do you know a piece of malware hasn't done this allready? many keyloggers or postloggers(A key logger that actually takes screen shots of your entire screen) will NOT:

1. slow down your system
2. leave any trace whatsoever they are even present

The malware that Symantec, McAfee and other deem of a quality of "software engineer" are not going to be detected or noticed very easily if at all.

IMO the only way to reliably detect malware on a system is to throw out signatuares and heuristics and go to "port monitoring"

In other words, all maware listens to or talks though a port...the security vendors need to focus on this aspect more than anything...even a rookit malware needs to talk on a port or it is useless

why doesn't Windows have something like Tripwire for Linux? if "anything" has been changed, you will know about it...this is more important then anything else

I run Tripwire and build my hashes

I check them once a day

Before I do a patch update, I run Tripwire and check it

If vlaues come back ok, I patch my system

I then rebuild my tripwire database

this way if "anything" has changed that I did explicitly change, I will know about it....and that is how I can tell if I have been had...Windows has no such thing

When I 1st started using Linux, I got hacked when I 1st started learning Apache Web Server, didn't have it configured correctly....but since then, I run a few of them for folks and have had no such issues, but I do maintain them..but even with it, its a constant battle

It would be nice if windows had something like Tripwire..where you could

1. Install clean OS.
2. Patch and update all apps
3. Build tripwire data base

Every month before patching run tripwire and if all is A ok, patch then rebuild your data base

This would be the 1 sure fire way to be sure your not compromised, not to mention RKHunter and ChkRoot kit also look for ports that are listening and such and give you a good indicator of where you stand

Windows needs something like this! I don't just mean netstat, ipconfig or any of that...but something like Tripwire]]> http://www.dslreports.com/forum/remark,21676828 Sat, 03 Jan 2009 20:35:50 EDT Re: Cnet download http://www.dslreports.com/forum/remark,21676790 Smokey Bear :
said by FiOS Dan See Profile :

Damn disturbing about cnet. I always assuming they screened software before offering it on their site. :mad:
Apparently not. Many people rely on and trust CNET/download.com, obvious all the time they are wrong with their confidence. And now the main question: beside Intelinet Internet Security rogue anti-spyware, how many other malicious programs are offered by CNET?
--
Smokey's Security Forums »www.smokey-services.eu/forum/
Smokey's Security Weblog »smokeys.wordpress.com/
Site Member ASAP - Alliance of Security Analysis Professionals]]> http://www.dslreports.com/forum/remark,21676790 Sat, 03 Jan 2009 20:28:05 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21676760 james : I'd say it's a safe statement to make.
Who here can honestly say they have NEVER had to remove a virus or adware from one of their computers?
If they were claiming that every computer was at this moment infected, then they'd be wrong.]]> http://www.dslreports.com/forum/remark,21676760 Sat, 03 Jan 2009 20:21:29 EDT Re: Cnet download http://www.dslreports.com/forum/remark,21676733 FiOS Dan : Damn disturbing about cnet. I always assuming they screened software before offering it on their site. :mad:
--
Courage is being scared to death but saddling up anyway.
]]> http://www.dslreports.com/forum/remark,21676733 Sat, 03 Jan 2009 20:17:22 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21676723 dadkins : One doesn't need to install more than one AV(it's not wise anyways).
You can run a online scanner like Housecall or Kaspersky without adverse affects to check if your AV is doing it's job - I do occasionallly. ;)

No comment on Norton. :huh:

Worst thing thet gets found here is cookies.
Cookies don't worry me and scanners can remove as many as they see fit - I'll get more! LOL! :o
--
Think outside the Fox... Opera]]> http://www.dslreports.com/forum/remark,21676723 Sat, 03 Jan 2009 20:15:59 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21676012 HFB1217 :
said by EGeezer See Profile :

I didn't see the 100% guarantee thing when I went to the CNet download site.

I did find this interesting story though. :D
A new form of birth control don't let Bill find out or he may charge for it as well.
--
****aka The WIZARD *** A Founding member of Seti BBR Team Starfire***]]> http://www.dslreports.com/forum/remark,21676012 Sat, 03 Jan 2009 17:34:12 EDT Re: Cnet download http://www.dslreports.com/forum/remark,21675924 Smokey Bear :
said by Thug21 See Profile :

I tend to agree - I was being sarcastic with the "cure" part of it. :D
Txs for understanding, because the cure can even be worse than the the infection caused by the downloaded and installed malware... :uhh:
--
Smokey's Security Forums »www.smokey-services.eu/forum/
Smokey's Security Weblog »smokeys.wordpress.com/
Site Member ASAP - Alliance of Security Analysis Professionals]]> http://www.dslreports.com/forum/remark,21675924 Sat, 03 Jan 2009 17:15:38 EDT Re: Cnet download http://www.dslreports.com/forum/remark,21675900 Thug21 : I tend to agree - I was being sarcastic with the "cure" part of it. :D]]> http://www.dslreports.com/forum/remark,21675900 Sat, 03 Jan 2009 17:10:31 EDT Re: Cnet download http://www.dslreports.com/forum/remark,21675840 Smokey Bear :
said by Thug21 See Profile :

Seems to me that CNET can both the cause and cure :D

Pretty cool if you ask me (or even if you don't!). :)
With the cause I agree, regrettably not with the cure: »smokeys.wordpress.com/2008/12/31···ownload/
--
Smokey's Security Forums »www.smokey-services.eu/forum/
Smokey's Security Weblog »smokeys.wordpress.com/
Site Member ASAP - Alliance of Security Analysis Professionals]]> http://www.dslreports.com/forum/remark,21675840 Sat, 03 Jan 2009 16:55:28 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21675764 Blackbird : The statement's too categorical: "No matter how savvy of a computer user you are, your computer will be the victim of malware or a virus at some point". As it stands, I believe it's incorrect. Admittedly, for many folks it will apply, because of their own security (mis?)behavior and/or because of vulnerabilities in their software. But if somebody's using a decent firewall, correctly running something like Deep Freeze or a quality anti-executable program and is applying educated "safe hex" otherwise, it's hard to imagine how that statement could apply to them in actuality.

Of course categorical statements do generate headlines and clicks... and revenue...
--
If God wanted us to work with electrons, He'd make them big enough to see...]]> http://www.dslreports.com/forum/remark,21675764 Sat, 03 Jan 2009 16:33:40 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21675705 Vampirefo : just fud]]> http://www.dslreports.com/forum/remark,21675705 Sat, 03 Jan 2009 16:16:59 EDT Re: Cnet download http://www.dslreports.com/forum/remark,21675700 Thug21 : Seems to me that CNET can both the cause and cure :D

Pretty cool if you ask me (or even if you don't!). :)]]> http://www.dslreports.com/forum/remark,21675700 Sat, 03 Jan 2009 16:16:00 EDT Re: Cnet download http://www.dslreports.com/forum/remark,21675693 EGeezer :
quote:
No matter how savvy of a computer user you are, your computer will be the victim of malware or a virus at some point.


After a quick review of one CNET offering,

»www.download.com/Intelinet-Spywa···927.html

I can see where the statement might be true - if you trust CNET for your downloads.

See »Intelinet Internet Security: definitive malware

;)
--
The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandeis]]> http://www.dslreports.com/forum/remark,21675693 Sat, 03 Jan 2009 16:14:40 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21675673 pandora : I tend to agree with the statement. For years I ran Norton Internet security, and felt it was doing a great job. Then ran trendmicro's housecall and it found stuff.

My guess is we are all infected with something, as there are limits to the number of AV products we can install at any time.

I note another PC which had McAfee scan it as clean, was also found to have malware on it by trendmicro.

IMO the people most likely to be infected are the non-paranoids who feel confident they aren't infected.

If you really aren't going to be infected, you've got to run with scripting disabled, and maybe with a text only browser. Not many will do this, anyone really paranoid probably won't be claiming to have a free from malware PC as they're too busy making sure it is clean.
--
"People demand freedom of speech as a compensation for the freedom of thought which they seldom use."]]> http://www.dslreports.com/forum/remark,21675673 Sat, 03 Jan 2009 16:09:06 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21675604 dadkins : So far, even with countless downloads from Cnet and the like, not one virus.

Now, I have never proclaimed, and I am still not proclaiming, to be a Security Guru of any sort.

:huh:
--
Think outside the Fox... Opera]]> http://www.dslreports.com/forum/remark,21675604 Sat, 03 Jan 2009 15:53:06 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21675543 Jodokast96 : Nothing surprising there. The women weren't having sex anyway, for whatever the reason is this week, while the guys were the ones not having sex with any of those women. The rest of the guys just got some on the side.]]> http://www.dslreports.com/forum/remark,21675543 Sat, 03 Jan 2009 15:39:48 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21675523 Kerodo : Well.... I have been online for over 12 years now, doing all manner of things, unsavory as well, and have never once been the "victim" of malware or a virus. So go figure... :)]]> http://www.dslreports.com/forum/remark,21675523 Sat, 03 Jan 2009 15:35:49 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21675479 EGeezer : I didn't see the 100% guarantee thing when I went to the CNet download site.

I did find this interesting story though. :D
--
The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandeis]]> http://www.dslreports.com/forum/remark,21675479 Sat, 03 Jan 2009 15:26:43 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21675034 Tyreman : Never say never? :D]]> http://www.dslreports.com/forum/remark,21675034 Sat, 03 Jan 2009 13:44:29 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21674451 nwrickert :
No matter how savvy of a computer user you are, your computer will be the victim of malware or a virus at some point.

Pretty bold statement from cnet. What do you guys think?
If I am counting correctly, I have owned 6 different computers (not counting my wife's), and none of them has ever been a victim of malware.

I have probably had at least 10 different desktop computers at work, and only one of them was ever a victim of malware - a minor virus accidently introduced by a department technician working on the machine.

I would say that the claim is a gross exaggeration.

Footnote: if Windows itself is considered malware, then all but three of the machines have had some version of that installed :(
Footnote2: for those who consider linux to be malware, many of the machines have had that installed.
--
AT&T dsl; Westell 327w modem/router; openSuSE 11.0; firefox 3.0.5]]> http://www.dslreports.com/forum/remark,21674451 Sat, 03 Jan 2009 11:15:04 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21674360 VikingBob : Nothing is 100% secure... there is some truth mixed in with the FUD. But if you're "savvy" then the odds are pretty minimal. You probably already have installed/implemented good security already.

For the average user, the odds of being infected are pretty good! I've cleaned a few machines, and the usual cause in the end is the user. Outdated security software, insecure programs and/or OS, and surfing where you should not. Even when you beat them over the head with how to avoid getting infected, they do it again... a lot of people just don't get it. :mad: Too lazy, or just too thick.]]> http://www.dslreports.com/forum/remark,21674360 Sat, 03 Jan 2009 10:50:38 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21673922 Its a Secret : Sounds like CNET needs to make money from clicks. FUD, imo.]]> http://www.dslreports.com/forum/remark,21673922 Sat, 03 Jan 2009 07:32:54 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21673882 Cudni :
said by DarkSithPro See Profile :

No matter how savvy of a computer user you are, your computer will be the victim of malware or a virus at some point.

Pretty bold statement from cnet. What do you guys think?
Farting Under Duvet unless of course they mean when someone not computer savvy steals a computer belonging to a savvy user and goes on to fulfil cnet statement. I'm sure there are more hypothetical situations

Cudni
--
"what we know we know the same, what we don't know, we don't know it differently."
Help yourself so God can help you.
Microsoft MVP, 2006 - 2008]]> http://www.dslreports.com/forum/remark,21673882 Sat, 03 Jan 2009 07:10:38 EDT Re: Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21673876 Smokey Bear :
said by DarkSithPro See Profile :

cnet.com
Under lock and key

No matter how savvy of a computer user you are, your computer will be the victim of malware or a virus at some point.

Pretty bold statement from cnet. What do you guys think?
As long people don't download malware from CNET/download.com servers there is a possibilty they remain clean. CNET still offer malware for download.....

Edited: typo
--
Smokey's Security Forums »www.smokey-services.eu/forum/
Smokey's Security Weblog »smokeys.wordpress.com/
Site Member ASAP - Alliance of Security Analysis Professionals]]> http://www.dslreports.com/forum/remark,21673876 Sat, 03 Jan 2009 07:09:20 EDT Cnet tells users 100% guarantee infection http://www.dslreports.com/forum/remark,21673856 DarkSithPro : cnet.com
Under lock and key

No matter how savvy of a computer user you are, your computer will be the victim of malware or a virus at some point.

Pretty bold statement from cnet. What do you guys think?
]]> http://www.dslreports.com/forum/remark,21673856 Sat, 03 Jan 2009 06:58:11 EDT