Seriously, has anybody ever seen a serious virus problem in Windows when using AV protection?
in [Anti-Virus]
|
Prev: AVG with Google Chrome
Next: Seriously, has anybody ever seen a serious virus problem inWindows when using AV protection?
From: FromTheRafters on 27 Mar 2010 16:36 "ASCII" <me2(a)privacy.net> wrote in message news:4badc952.882265(a)EDCBIC... > FromTheRafters wrote: >>It is possible >>for viruses to invade without either exploited software >>vulnerabilities >>or lapse in strict adherence to policy. > > I don't believe you! I know that, we've been down this road before. Believe or not - your choice. I may be wrong, but if I am, at least I'm in good company considering the authors of the references I've posted are leading scientists in the field (and are the ones responsible for coining the term "virus" in the first place).
From: FromTheRafters on 28 Mar 2010 19:20 "ASCII" <me2(a)privacy.net> wrote in message news:4baec33f.784765(a)EDCBIC... > FromTheRafters wrote: >>"ASCII" <me2(a)privacy.net> wrote in message >>news:4badc952.882265(a)EDCBIC... >>> FromTheRafters wrote: >>>>It is possible >>>>for viruses to invade without either exploited software >>>>vulnerabilities >>>>or lapse in strict adherence to policy. >>> >>> I don't believe you! >> >>I know that, we've been down this road before. Believe or not - your >>choice. I may be wrong, but if I am, at least I'm in good company >>considering the authors of the references I've posted are leading >>scientists in the field (and are the ones responsible for coining the >>term "virus" in the first place). >> > > OK I'll cut some slack, > when you said "strict adherence to policy" I had assumed that to be a > safe-hex... I try to avoid the term "safe-hex" because I am not thoroughly versed in its particulars. If it says anything about not opening attachments from strangers - I'd have to speak up in support of removing that item because it is a dangerous halfway measure IMO. I usually (though I may occasionally slip-up) use the term "best practices" in its place (I may not be thoroughly versed in that either) . By policy I meant such things as *only* getting new programs from places where there is accountability (contactable, reputable, etc...). This all but cuts off completely the "trojan horse" vector (the main exception being the virus which, from a trusted source, presents itself to the user in a way indistinguishable from a trojan). > policy but in reality there could be gaping vulnerabilities that even > if > strictly adhered to might result in running an infectious application. Even if you completely discount the exploitation of software and of the user, the virus can still have its *own* vector by running within the trusted software channel. Even if you elect to hide away all program files (including source code files, scripts, etc...), you can't control what the previous environment for that stored program allowed to happen. You trust the program because you trust the place that you got it from - transitive trust - the previous keeper (the author?) may be trusting his webmaster who in turn trusts his personal version of safe-hex. > Of course it wouldn't be exactly safe-hex but you did leave that slot > open. Even so, I suspect that you *still* disagree with me. :o) Anyway, the way your system makes virus propagation difficult is irrelevant. It is the path your trusted programs travel to get to you that makes them possibly not trustworthy. If a virus runs on Linux but is not fully able to replicate on an individual's Linux machine, it may just decide to "do stuff" instead of replicate - just because it can't "virus" doesn't mean it can't bomb. The Linux user would still have a reason to want the ability to detect a virus in a program from a trusted source. ....and I said "program" instead of "executable" for a reason. :oD
From: RayLopez99 on 29 Mar 2010 04:50 On Mar 29, 1:20 am, "FromTheRafters" <erra...(a)nomail.afraid.org> wrote: > > Anyway, the way your system makes virus propagation difficult is > irrelevant. It is the path your trusted programs travel to get to you > that makes them possibly not trustworthy. If a virus runs on Linux but > is not fully able to replicate on an individual's Linux machine, it may > just decide to "do stuff" instead of replicate - just because it can't > "virus" doesn't mean it can't bomb. The Linux user would still have a > reason to want the ability to detect a virus in a program from a trusted > source. Here's what I understand about Linux so far: With the exception of a handful of programs--and Mozilla's version of Linux being one of them, perhaps OpenOffice and Thunderbird being others (close enough for most people to Microsoft Office as to not really matter if not 100% compatible with Office): ALL OF LINUX PROGRAMS ARE DE FACTO VIRUSES BECAUSE THEY *bomb*! ;-) RL
From: FromTheRafters on 29 Mar 2010 06:26
"RayLopez99" <raylopez88(a)gmail.com> wrote in message news:f5226342-100e-4571-aa66-518e67abf1e8(a)30g2000yqi.googlegroups.com... On Mar 29, 1:20 am, "FromTheRafters" <erra...(a)nomail.afraid.org> wrote: > > Anyway, the way your system makes virus propagation difficult is > irrelevant. It is the path your trusted programs travel to get to you > that makes them possibly not trustworthy. If a virus runs on Linux but > is not fully able to replicate on an individual's Linux machine, it > may > just decide to "do stuff" instead of replicate - just because it can't > "virus" doesn't mean it can't bomb. The Linux user would still have a > reason to want the ability to detect a virus in a program from a > trusted > source. Here's what I understand about Linux so far: With the exception of a handful of programs--and Mozilla's version of Linux being one of them, perhaps OpenOffice and Thunderbird being others (close enough for most people to Microsoft Office as to not really matter if not 100% compatible with Office): ALL OF LINUX PROGRAMS ARE DE FACTO VIRUSES BECAUSE THEY *bomb*! ;-) *** They're viruses only if they self-replicate and infect in order to do so. Logic bombs are not viruses. *** |