Re: [Full-disclosure] No anti-virus software? No internet connection



Cor ,

Sometimes you need anarchy to spread awareness! Which is primary
priority... Rest are secondary issues.

What next? Government should keep an updated statistic of antivrus
software that can survive the "wild" (well most of the time) and those
softwares that fail to do so at largest occasions. A public, unbiased
statistics should be published about it for the welfare of the
"consumers". Freedom of information act?

The product that fail miserably, throughout the year(s?) should be
declared "unfit for purpose" .......like an expired food which is
harmful for health.

If its a "technological problem" overall, maybe they should move to
application white-listing or something better.......

thanks,
-bipin


On 6/22/10, Cor Rosielle <cor@xxxxxxxxxxxxx> wrote:
Believe it or not, I do use anti virus on my Windows machine at home and
even accept automatic updates (although MacAfee proved this is a serious
threat). But anti virus is only the second line of defense or the third. The
first line of defense is to "think before you launch a file". If a file is
unexpected, then I simply don't trust it. On several occasions this
prevented virus infection with an up to date AV-scanner (Symantec - I put
the file in a folder to further explore it after some days and then the
AV-scanner did recognize the virus). AV software does fail too.

For any home user who doesn't think or doesn't care, AV-software is probably
a good starting point to give some limited protection for Windows systems.
But such an home should realize he/she also runs risk when running
AV-software and might experience a false sense of security. And if they
don't think or don't care, they should think twice before complaining when
it turns out bad.

For any home user who do think or do care, AV-software can be a good
addition to protect Windows systems, but that is not guaranteed. Realize
that sometimes the cure is worse than the disease and also that malicious
"anti virus software" does exist. Anti virus is not bad by definition. It is
neither good by definition.

And I repeat: Tom has a point that end-users must take some responsibility
for their own computer. I just regret politicians make a lot of fuzz about
legislation that only helps a bit in some cases and invite civilians to lean
backward and believe they are secure because they have followed the rules.

Cor

-----Original Message-----
From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx [mailto:full-
disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of Tom Grace
Sent: dinsdag 22 juni 2010 11:29
To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] No anti-virus software? No internet
connection

What would you advise a typical home user do to stay virus/trojan/other
shit free ? Working on the assumption that they can't tell the
difference (and really, shouldn't have to) between dangerous and safe
files.
AV software is pretty lacking, and the best advice I can think to give
users is that "everyone on the Internet is out to get you"

Tom

On 06/22/2010 10:11 AM, Cor Rosielle wrote:
Brilliant thinking. Let's install anti virus and increase the
computers
attack surface without further thinking. That must be safe because
politicians tell us to do so. And we all know that politicians always
tell
the truth and happen to know a lot about PC's an security.

Sigh. Tom has a point that end-users must take some responsibility
for their
own computer, but that doesn't mean that anti virus is the one and
only
solution. But if you think anti virus is the silver bullet to make
this
world saver, then dream your dreams and I'll dream mine.

Cor



From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of
Christian
Sciberras
Sent: dinsdag 22 juni 2010 10:56
To: Tom Grace
Cc: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] No anti-virus software? No internet
connection

I completely agree with Tom. A good fraction of all vulns out there
rely on
the user taking the wrong action, and it's way common (just face the
truth).

How many people install cracked OSes? I was once incredulous that a
person
willingly installed a virus because he claimed it was harmless (while
the
anti-virus shouted "trojan").

Sometimes I get to fix people's computers. I'm always amazed by the
amount
of crap I get in contact with. Hundreds of browser toolbars,
antiviruses,
shareware, adware, trials, torrent clients, media players etc.
That not counting the local IT shops which format PCs replacing
(typically)
Windows OS with a cracked one.



On Tue, Jun 22, 2010 at 9:42 AM, Tom
Grace<tom@xxxxxxxxxxxxxxxxxxxxxx>
wrote:
In a way having a requirement that end-users take some responsibility
for their own computer is a good thing.
Similar to prosecuting people for fraud if they fall for one of the
cash
scams.

On 06/22/2010 05:37 AM, Ivan . wrote:
yep, your tax $$$ at work....

Don't forget there Internet filter as well.. With these rocket
scientist running the show, what's there to worry about



http://blogs.news.com.au/techblog/index.php/news/comments/finally_there
s_pro
tection_against_spams_and_scams

On Tue, Jun 22, 2010 at 2:32 PM, Jubei Trippataka
<vpn.1.fanatic@xxxxxxxxx> wrote:
They had a committee working on this for a year and that's the best
they
could come up with? HAHAHAHA.

Belinda Neal - With idiots like you and your colleagues tackling
this
issue,
tax payers deserve to burn you at the stake. BTW... are you really
a
du0d?

--
ciao

JT



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • Re: [Full-disclosure] No anti-virus software? No internet connection
    ... But anti virus is only the second line of defense or the third. ... a good starting point to give some limited protection for Windows systems. ... Tom has a point that end-users must take some responsibility ... users is that "everyone on the Internet is out to get you" ...
    (Full-Disclosure)
  • Re: pop up warning
    ... Personal Firewall, but it is harder for some people to understand; ... You probably can find anti virus products easily ... place should you go back to the Internet. ... Once back online, get all of the ...
    (microsoft.public.security)
  • Re: I want my SSA
    ... Tom, you make a eloquent argument against the "edifice complex" that has ... Broadband internet makes communication and ... on a year-'round world class soaring site near some international crossroads ... reasonable cost. ...
    (rec.aviation.soaring)
  • Re: Do antivirus programs work with all browsers
    ... software will work with all Internet Browsers. ... Nowhere in my statements have I said anything about some middleware in the anti virus ... they should use a Proxy Server on the LAN/WAN Interface and include ...
    (alt.comp.anti-virus)
  • Re: Anti-Feminists Unite!...A Call To Action
    ... Tom is known mainly as a schizophrenic who takes wildly ... his abuse of drugs and alcohol. ... What Thomas's brand of "masculism" actually is, ... on poor Tom, or stops offering public Internet access, it's going to be ...
    (soc.men)