Re: How should I interpret these virus statements by F-Prot

RedForeman wrote:

On May 4, 10:18 am, "Sebastian G." <s...@xxxxxxxxx> wrote:
RedForeman wrote:
I got it, I just don't believe it...
Hm... seems you like have a problem with reality.

and don't want to argue about it because I don't know as much about the
> subject as you...

Well, let me rephrase this: You don't know what a virus scanner works like,
where its limits are and how to use it correctly. Yet you want to use it to
increase the security of your computer system. May I call BULL***?

I used to love playing that game.... Bulllll ***....

Virus scanners work on signatures... signature based scanners see the
'signature' of the virus in a file, thus reacting to the file's finger-
print on/in the file. right or wrong?


Which has two trivial implications:

- a malware whichs signature is not in the list will slip by
- attack vectors not involving files (f.e. exploiting webbrowsers) can't be checked either

Thus, in general virus scanners fail and therefore don't protect. They can't replace safe hex and keeping the system up-to-date and well-configured.

(However, they might be usable as intrusion detection system)

Ok, a fully patched OS, sitting behind a firewall, with properly setup
ACLs and firewall rules will be as protected from the external world
as a pc with virus scanners, sitting behind the same firewall... that
much I agree.... both machines are protected by inbound rules, access
list, and packet rules.... if the perimeter had AV scanning there,
then you wouldn't need a desktop AV solution...


You don't need any virus scanners, especially if a system is protected that well (according to your description). Heck, it simply won't change anything, except for possibly creating new security holes.

Well, my web saavy friend likes to get on the web and look at old car
pictures.... one day his friend sent him a link that sent him to a
page that he downloaded... and the rest is history....


Your point being?

The fact remains, security is a state of mind, and is relative to the
situation, the setup, configuration, etc....

While I agree with the latter, the first one is bull***. Security is an objective property of a system (wrt. to some criteria) and must be well measurable, calculable and reliable to a certain anything. Just believing in security ("state of mind") won't change anything.
.