Seriously, has anybody ever seen a serious virus problem in Windows when using AV protection?
in [Home Built PC]
|
From: RayLopez99 on 26 Mar 2010 20:20 On Mar 27, 12:50 am, "FromTheRafters" <erra...(a)nomail.afraid.org> wrote: > "RayLopez99" <raylope...(a)gmail.com> wrote in message > > news:ee8d20b6-4ef5-4df9-995b-6753c88a81cf(a)z35g2000yqd.googlegroups.com... > > [...] > > But the bottom line is that AV vendors have an incentive to hype up > lack of security, and i've not seen it done, ergo,there's no problem > to hype. > > *** > Yes, but the existance of today's AV was born from the real need to be > able to detect *viruses*. The fact that it has become perverted into > what we see today does not negate that actual need (in *any* general > purpose computer running any OS). Yes, they expanded their role to guard > against threats that they should never have gotten the opportunity to > scan, they should have been excluded from the local environment by > policy. Users liked to use these scanners so that they could ignore > policy (my AV program will save me, that's what it's for). Enforcing > policy through software led to the concept of privilege escalation to > circumvent policy - and worms usually attack software vulnerabilities > that result in circumventing policy enforcement. Generally, (true) worms > make holes in the boundaries with which we try to enforce policy. > *** That's all very well and theoretical, and it appears to argue that Linux is superior because of the way it handles file extensions, not "autorunning" them? Or something more "fundamental" to the Linux architecture kernel? I doubt it, but I'm not an authority. My argument, based on simple logic, is that Linux viruses are nonexistent probably not because of any architectural advantages to Linux/Unix, but because of the less than 1% market share that Linux has on the desktop. I would ask the Linux advocates, but they're so brainwashed I don't know if I believe them (not that they know themselves--COLA is more or less just a 'fun' place to go insult people rather than learn anything). Anybody? RL
From: RayLopez99 on 26 Mar 2010 20:24 On Mar 27, 1:04 am, "FromTheRafters" <erra...(a)nomail.afraid.org> wrote: > > Obviously the CRC checker software would have to have to be locked > > down > > tight to prevent it from becoming the target of attacks. > > Yes! I assumed a somehow magically protected change detection scheme (it > could happen). I'm not following your technical points since it's beyond me, but I just want to mention that my firewall, Look 'n Stop, a lightweight rules based firewall for Windows, does have some sort of hash function to detect when a program it monitors has been changed, and pops up to ask that you re-approve the program in question when the program attempts to connect to the internet. I would imagine most other firewalls also have this feature as well. Apparently Linux has this "built into" the kernel (if I understood another post correctly), but add-on vs built-in is no big deal to me, and de facto seems the same. RL
From: FromTheRafters on 26 Mar 2010 21:12 "David W. Hodgins" <dwhodgins(a)nomail.afraid.org> wrote in message news:op.u964etqia3w0dxdave(a)hodgins.homeip.net... > On Fri, 26 Mar 2010 18:10:42 -0400, FromTheRafters > <erratic(a)nomail.afraid.org> wrote: > >> "ToolPackinMama" <philnblanc(a)comcast.net> wrote in message >> news:hohd1r$ndr$1(a)news.eternal-september.org... >>> In Windows, yes, AV is absolutely necessary. Some people seem to be >>> asserting that it is not necessary with Linux. Is that true? >> >> It is needed in Linux to the same extent that it *should* be needed >> in >> Windows. That is to say it would be needed to protect against the >> slight >> chance that a *virus* could invade. If you discount exploit based > > What av scanner for linux are you thinking about? None in particular, I am trying to dispel the myth that AV (for *viruses*) can be done completely without in *any* OS that happens to get targeted by them. Malware in general can exist because the environment is insufficiently hostile to prevent it. You can build fortified OSes and make it sufficiently hostile to avoid malware generally. Any additional hostility will affect the user as well as the virus - when it is suficiently hostile to prevent viruses, it prevents the use the users are accustomed to. In short, it becomes a special purpose computer as opposed to a general purpose computer. > As far as I know, the only av scanners that run under linux, are > there only to detect windows viruses. Well, *mostly* there to detect Windows viruses (since most viruses are Windows viruses, why would it be any other way?) Sure, a Linux AV is most likely not there to protect the local machine, it is there to protect client machines and other recipients of its programs (and data). There aren't very many Linux viruses. > This is only useful if you > are using the linux system as a file/email server for a windows > client. True, for those or something similarly communicative. > Linux does have intrusion detection systems, and rootkit scanners. > It does not have any antivirus scanners looking for linux viruses. ....and they won't, until they (viruses) become a real threat to Linux. > If you are not using the linux system as a server for windows > clients, there is no point in running an antivirus program on it. I agree, in fact I even said so myself in another part of this thread.
From: FromTheRafters on 26 Mar 2010 21:31 "RayLopez99" <raylopez88(a)gmail.com> wrote in message news:a1eba70c-f3f3-4e4a-81a6-440451109400(a)b33g2000yqc.googlegroups.com... On Mar 27, 12:50 am, "FromTheRafters" <erra...(a)nomail.afraid.org> wrote: > "RayLopez99" <raylope...(a)gmail.com> wrote in message > > news:ee8d20b6-4ef5-4df9-995b-6753c88a81cf(a)z35g2000yqd.googlegroups.com... > > [...] > > But the bottom line is that AV vendors have an incentive to hype up > lack of security, and i've not seen it done, ergo,there's no problem > to hype. > > *** > Yes, but the existance of today's AV was born from the real need to be > able to detect *viruses*. The fact that it has become perverted into > what we see today does not negate that actual need (in *any* general > purpose computer running any OS). Yes, they expanded their role to > guard > against threats that they should never have gotten the opportunity to > scan, they should have been excluded from the local environment by > policy. Users liked to use these scanners so that they could ignore > policy (my AV program will save me, that's what it's for). Enforcing > policy through software led to the concept of privilege escalation to > circumvent policy - and worms usually attack software vulnerabilities > that result in circumventing policy enforcement. Generally, (true) > worms > make holes in the boundaries with which we try to enforce policy. > *** That's all very well and theoretical, and it appears to argue that Linux is superior because of the way it handles file extensions, not "autorunning" them? *** No, I made no mention of file extensions at all. I mean policies, like not downloading programs from anywhere but a known trusted source (this one alone will avoid a very large percentage of malware. Maybe a software restriction policy that prevents certain filetypes from executing from certain locations or from executing at all until certain requirements are met? *** Or something more "fundamental" to the Linux architecture kernel? I doubt it, but I'm not an authority. My argument, based on simple logic, is that Linux viruses are nonexistent *** They're not "nonexistant". *** probably not because of any architectural advantages to Linux/Unix, but because of the less than 1% market share that Linux has on the desktop. I would ask the Linux advocates, but they're so brainwashed I don't know if I believe them (not that they know themselves--COLA is more or less just a 'fun' place to go insult people rather than learn anything). Anybody? *** It always comes back to you trying to troll the Linux group doesn't it? ***
From: trigonometry1972 on 27 Mar 2010 00:21
On Mar 24, 5:29 pm, Leythos <spam999f...(a)rrohio.com> wrote: > In article <Xns9D45D0D01A125HHI2948AJD...(a)69.16.185.250>, > bughunter.dus...(a)gmail.com says... > > > I removed the problem, fixed the system up as best as I could; and > > explained how to keep himself a little safer. As the customer is > > unwilling to obtain a legitimate copy of windows, I explained that either > > myself would be back or you'd be calling another person, but either way, > > your going to pay for the problems of a non updatable copy of windows. > > If I have serious reason to believe a computer is using pirated software > I won't touch it - I provide a signed statement of the work we do, > including anything we suggest, it would leave us liable in the case of > an audit. > > -- > You can't trust your best friends, your five senses, only the little > voice inside you that most civilians don't even hear -- Listen to that. > Trust yourself. > spam999f...(a)rrohio.com (remove 999 for proper email address) I'd touch it on a home machine. My cure would be some flavor of linux plus a bit of wine provided the desperate sap doesn't have an AMD CPU. Then I'd try to install her old issue windows office 2000 at least in theory. Then again I've got enough wine on board, I am not legal to drive..............Trig "I admit to being a complete jackass." |