Beginning to wonder "why bother".....

FranknFurter

*Sigh*

http://www.zdnet.com.au/news/security/soa/Eighty_percent_of_new_malware_defeats_antivirus/0,2000061744,39263949,00.htm

80%,

And yet still, certain anti-virus progs claim a 90% success rate, :rolleyes:

Makes me glad I've been running several smaller ones along with two of the more "known" ones, (and people still wonder why I won't touch Norton with a barge-pole huh).

Even if you "uninstall" Norton, run a basic search on your HD even just for the word "norton" or "Symantec" and see what comes up. lol

b

Ruu_Old

*sets fire to Norton AV* They all lie!





*I don't use that bloated piece of sheet.

Karoma

Wrong forum.

certain anti-virus progs claim a 90% success rate

Source?

The Bollox

security ftw

FranknFurter

Sorry if this is in the wrong forum, mods feel free to move it if you want.
I just figured its non-work related and an interesting peice of info, for me thats the kinda surfing I find "general interest", I know I must be a bit weird lol

Karoma, I provided a link. If you look at the bottom of the page you will see links to various stats in the other complete articles, also look at the sites that sell some of ths programs and their claims. (or simply google).

b

Karoma

I read the article - no mention of those stats.
I read two articles beneath without finding that statistic (Granted, I got a bit distracted).
I got bored reading this rubbish. (not aimed at your post, the articles are just sensationalist tripe)

Ruu_Old

I read about an "80 percent miss rate" but thats about all.

FranknFurter

OOPS!
I think I mis-read that.
But still, the fact that most anti-virus programs are missing 80-90 percent of virus's is pretty astonishing to me.

Karoma, there is plenty of info supporting this, try googling "Antivirus programs + missing 80 percent" (Without the comma's) and see what comes up
Apparently, its down to the fact that most of the ones its missing are being created by users who run it through the antivirus program first and change the parts that are dectectable.

b

Black Swan

This should be over under Comp/Security were more would respond? Furthermore, the OP should consult other sources, including PC MAGAZINE regarding how they rank security suits? Just a thought.

\m/_(>_<)_\m/

one word.....APPLE

28064212

\m/_(>_<)_\m/ wrote:

one word.....APPLE

Because who would bother to write a virus for those.

Of course most new malware defeats antivirus software, what's the point of writing it if it doesn't. The fact remains that if you keep your protection up-to-date, there's a good chance that it'll be fixed in a very short space of time

Sam Vimes

\m/_(>_<)_\m/ wrote:

one word.....APPLE

yes, the one benefit of the fact that nothing works on the mac. the virus writers don't care enough to write code for the mac just like everyone else.



and there's been loooooads of security holes found in macs in the last few months

\m/_(>_<)_\m/

Commander Vimes wrote:

and there's been loooooads of security holes found in macs in the last few months

i don't think so... but i may stand corrected. could you please forward on where this was reported or reference a link where i can read more on this please.

and as for the " nothing works on a Mac" here is another word for you "bootcamp".

now can you pass on the links where you read about the security holes please.
I am checking and cant see anything...
thanks again.

Terry

what is it with people who own macs?

Dooom

julep wrote:

what is it with people who own macs?

Emperor's new clothes thread tbh.

biko

julep wrote:

what is it with people who own macs?

That's Sir "people who own macs" to you.

Caliden

From the title I thought you were suicidal.

It would have made better reading material thats for sure...

WhiteWashMan

it would be good if there was a person version of CSA from Cisco.
its a day zero anomoly detector and will not allow anything to install itself without the specific go ahead from the user.
so spyware and worms cant propogate.
its pretty cool. but of course, its for corperate use.

anything that needs to be updated to work against something that came out 48 hours ago is pretty useless in my opinion. i dont use an anti virus. theres no point. all it does is take up resources.

but then again, i dont go around downloading lots of crap on my pc

\m/_(>_<)_\m/

Commander Vimes wrote:

and there's been loooooads of security holes found in macs in the last few months

can you pass on the links or any reference to what you say...
i would like to read about these please.

or could it be that your speaking through your...... Na i give you the benefit of doubt.

na seriously, i would love to read about these so called security holes.
thanks.

WhiteWashMan

from AH by the way,please move if this is the wrong forum. now i vaguely recall something about anti virus not being allowed on some forum. if its this one, then apologies to mods.

Dooom

\m/...I'm not even going to type the rest of that name (why couldn't you have picked a name like Tony or something?), google.

Thomas_S_Hunterson

\m/_(>_<)_\m/ wrote:

one word.....APPLE

linux ftw

TomCo

\m/_(>_<)_\m/ wrote:

one word.....APPLE

Anyone else hate this guy yet?

NutJob

Its ok Macs are getting popular again so expect some proper worms and trojans to start appearing. Especially now that the instruction set is more familure its only a little bit of API learning.

Besides arnt Macs now just PCs with nice covers and expensive price tags and a unix based OS.

Woopie lets buy a mac:D

EDIT:

no hes not talking out his arse Macs are a target now (there just hard to find to target)
Plus last year a mac was rooted at defcon.

Quick Google:
http://news.bbc.co.uk/2/hi/technology/4739432.stm
http://news.bbc.co.uk/2/hi/technology/3741871.stm
http://www.zdnet.com.au/news/security/soa/Ancient_flaws_leave_OS_X_vulnerable_/0,2000061744,39234678,00.htm
http://www.linuxforums.org/forum/coffee-lounge/55988-mac-virii-experiance.html
http://www.techworld.com/opsys/news/index.cfm?newsid=2493&page=1&pagepos=1
Have herd of alot more than this but too lazy to google more


Rootkit anyone:
http://www.securemac.com/defcon9macosx.php

Run mac OSX on a PC :
http://wiki.osx86project.org/wiki/index.php/Vmware_how_to


At least linux has sudo + tripwire + clamav all packaged in Debian reposotories so when the sh** hits the fan Linux has a chance. (eventually it will)

One word HA!

mickoneill30

FranknFurter wrote:

But still, the fact that most anti-virus programs are missing 80-90 percent of virus's is pretty astonishing to me.
b

It doesn't seem astonishing to me at all. By the way it's 80 - 90% of NEW viruses. Not CURRENT viruses.

It's normal. No virus checker is going to detect all new viruses without you updating your virus definition file.

New virus comes out.
On average about 1 - 4 hours later (but can be up to 20 hours later) the vendor releases an updated definition file. - I read that statistic somewhere (not a vendors site) a couple of days ago. I've no idea where though so I can't link to it.
Your virus checker updates itself.
You're then protected against the NEW virus and all the old viruses.

Viruses either exploit vulnerabilities in your OS. Your OS does need to be available to the internet for that. You can protect yourself from these by OS patching and using a NAT router. A firewall would be nice too.
or
require you to visit a dodgy website with a browser that is configured insecurely (IE is getting better but is still pretty insecure by default, it can be tweaked to make it pretty secure though).
You can protect against this by configuring IEs security strongly or even better, use Opera or Firefox.
or
download an app and run it. Simple one this, don't download apps from dodgy websites.
or
stupidly open attachments in emails. Your email server hopefully scans for viruses so a virus infected attachment shouldn't get to you. If it does, just don't open it.

None of this is rocket science.

The chances that you are going to get hit in the window before you update your virus checker are small. For example how many people here have been infected by a virus in the last few years, or ever. If the percentage really was 80-90% of all viruses we would all have been hit.

This looks like the stupid scaremongering by a site that needs to justify itself. Keep people scared and you can get them to do whatever you want.

Cake Fiend

I don't see how this is news. Anyone who knows much about security knows that antivirus software is rarely effective against new threats, most of its strength lies in detecting signatures of known viruses.

\m/_(>_<)_\m/ wrote:

and as for the " nothing works on a Mac" here is another word for you

"bootcamp".

So your solution for getting things to work on a Mac is to run Windows on it?

:rolleyes: :rolleyes: :rolleyes:

Martyr

\m/_(>_<)_\m/ wrote:

one word.....APPLE

IMHO, there are a number of reasons why there has been little or no malicious software development for the APPLE platform.

MACs until recently ran on PowerPC RISC architecture.(initially better performance, but cost more than early Intel X86 CISC CPUs.Obviously this is not the case anymore.)

PowerPC & X86 Intel instruction sets are completely different, emulators or hardware probably wasn't available to malicious programmers to test code on.(most of which were assembly programmers in the early days of malicious code research)

Early malicious software development began with x86 assembly, interrupts, MS-DOS..the COM/PE format..etc, that legacy continued with the release of win32 operating systems like NT4 & win2k/xp.

A multi-platform virus was probably too much hard work, & if it could have been done easily, it would have ..years ago.

Now that MACs run on X86, don't be surprised to see in the media (if you haven't already) malicious, universal binaries appearing all over the place, & working quite well, perhaps even more effectively against MAC's than Windows.

When EFI is fully implemented with X86 CPUs, MACs will take a backseat..& maybe even disappear altogether, who knows.

I don't own a MAC, & see no point in getting one today, maybe years ago if you're working in music production or multimedia, yes, MAC's were better, but not anymore.

the fact that MAC's will use Intel CPU's from now on, speaks for itself.

As for Linux, 2 words: File Permissions

it is possible to secure a windows operating system just as well as linux, if not better, you just need to know how to do it, & what tools to use.

there is no advantage of linux as a desktop over windows if you ask me.
on the other hand, as a server, linux probably is a better solution to a business because of cost..etc not necessarily any more secure.

Also, there are plenty of tools available that can help you decide what is a "good" binary & what is not.
most malicious software is compressed or encrypted to hide its real purpose, some things like PEID can detect this.

but to be safe, why do so many people insist on using their computer under an administrator account?
surely, this can be the cause of most infections, rather than buffer overflows.

windows has automatic updates now, there are no excuses people!! stop bashing windows!!

Cake Fiend

Average Joe wrote:

windows has automatic updates now, there are no excuses people!!

That's not much good if the patch is only made available a month after the vulnerability is published!

[/devil's advocate]

Martyr

That's not much good if the patch is only made available a month after the vulnerability is published!

yes, thats true..windows is very complex, so they need time to test solution to a problem aswell as co-ordinate with all the developers.

but say if it were an IE bug, just running as normal user account can limit
the damage it could do to a computer, but many people using windows still use internet under Admin account, why?

how many people you know using *nix systems browse the internet under root account? not many i would say.

Cake Fiend

Average Joe wrote:

how many people you know using *nix systems browse the internet under root account? not many i would say.

These operating systems are designed from the beginning to be run as non-administrative users. Unfortunately, Microsoft have yet to make it as easy to run Windows as a non-admin user (hopefully this will change with Vista?). Just as much to blame are moron developers (WHY do I need to be an Administrator to install a fecking game??). The blame can not be squarely and solely placed on the shoulders of the user (even as ignorant as most are).

layke

After working in the IT security industry for some time I can tell you. Pc Magaines give the awards to whoever gets the author the most pissed on the night. The majority of AV engines are based on a single one orignally created by kasparsky.

As for the apple comment, it will be a cold cold day before I touch one of that over priced speak and spell.