Full Disclosure mailing list archives

Re: No anti-virus software? No internet connection

From: Bipin Gautam <bipin.gautam () gmail com>
Date: Wed, 23 Jun 2010 21:28:22 +0545

Cor ,

Sometimes you need anarchy to spread awareness! Which is primary
priority... Rest are secondary issues.

What next? Government should keep an updated statistic of antivrus
software that can survive the "wild" (well most of the time) and those
softwares that fail to do so at largest occasions. A public, unbiased
statistics should be published about it for the welfare of the
"consumers". Freedom of information act?

The product that fail miserably, throughout the year(s?) should be
declared "unfit for purpose" .......like an expired food which is
harmful for health.

If its a "technological problem" overall, maybe they should move to
application white-listing or something better.......

thanks,
-bipin


On 6/22/10, Cor Rosielle <cor () outpost24 com> wrote:

Believe it or not, I do use anti virus on my Windows machine at home and
even accept automatic updates (although MacAfee proved this is a serious
threat). But anti virus is only the second line of defense or the third. The
first line of defense is to "think before you launch a file". If a file is
unexpected, then I simply don't trust it. On several occasions this
prevented virus infection with an up to date AV-scanner (Symantec - I put
the file in a folder to further explore it after some days and then the
AV-scanner did recognize the virus). AV software does fail too.

For any home user who doesn't think or doesn't care, AV-software is probably
a good starting point to give some limited protection for Windows systems.
But such an home should realize he/she also runs risk when running
AV-software and might experience a false sense of security. And if they
don't think or don't care, they should think twice before complaining when
it turns out bad.

For any home user who do think or do care, AV-software can be a good
addition to protect Windows systems, but that is not guaranteed. Realize
that sometimes the cure is worse than the disease and also that malicious
"anti virus software" does exist. Anti virus is not bad by definition. It is
neither good by definition.

And I repeat: Tom has a point that end-users must take some responsibility
for their own computer. I just regret politicians make a lot of fuzz about
legislation that only helps a bit in some cases and invite civilians to lean
backward and believe they are secure because they have followed the rules.

Cor

-----Original Message-----
From: full-disclosure-bounces () lists grok org uk [mailto:full-
disclosure-bounces () lists grok org uk] On Behalf Of Tom Grace
Sent: dinsdag 22 juni 2010 11:29
To: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] No anti-virus software? No internet
connection

What would you advise a typical home user do to stay virus/trojan/other
shit free ? Working on the assumption that they can't tell the
difference (and really, shouldn't have to) between dangerous and safe
files.
AV software is pretty lacking, and the best advice I can think to give
users is that "everyone on the Internet is out to get you"

Tom

On 06/22/2010 10:11 AM, Cor Rosielle wrote:

Brilliant thinking. Let's install anti virus and increase the

computers

attack surface without further thinking. That must be safe because
politicians tell us to do so. And we all know that politicians always

tell

the truth and happen to know a lot about PC's an security.

Sigh. Tom has a point that end-users must take some responsibility

for their

own computer, but that doesn't mean that anti virus is the one and

only

solution. But if you think anti virus is the silver bullet to make

this

world saver, then dream your dreams and I'll dream mine.

Cor



From: full-disclosure-bounces () lists grok org uk
[mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of

Christian

Sciberras
Sent: dinsdag 22 juni 2010 10:56
To: Tom Grace
Cc: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] No anti-virus software? No internet
connection

I completely agree with Tom. A good fraction of all vulns out there

rely on

the user taking the wrong action, and it's way common (just face the

truth).


How many people install cracked OSes? I was once incredulous that a

person

willingly installed a virus because he claimed it was harmless (while

the

anti-virus shouted "trojan").

Sometimes I get to fix people's computers. I'm always amazed by the

amount

of crap I get in contact with.  Hundreds of browser toolbars,

antiviruses,

shareware, adware, trials, torrent clients, media players etc.
That not counting the local IT shops which format PCs replacing

(typically)

Windows OS with a cracked one.



On Tue, Jun 22, 2010 at 9:42 AM, Tom

Grace<tom () deathbycomputers co uk>

wrote:
In a way having a requirement that end-users take some responsibility
for their own computer is a good thing.
Similar to prosecuting people for fraud if they fall for one of the

cash

scams.

On 06/22/2010 05:37 AM, Ivan . wrote:

yep, your tax $$$ at work....

Don't forget there Internet filter as well.. With these rocket
scientist running the show, what's there to worry about

http://blogs.news.com.au/techblog/index.php/news/comments/finally_there
s_pro

tection_against_spams_and_scams


On Tue, Jun 22, 2010 at 2:32 PM, Jubei Trippataka
<vpn.1.fanatic () gmail com>    wrote:

They had a committee working on this for a year and that's the best

they

could come up with? HAHAHAHA.

Belinda Neal - With idiots like you and your colleagues tackling

this

issue,

tax payers deserve to burn you at the stake. BTW... are you really

du0d?


--
ciao

JT


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

No anti-virus software? No internet connection Ivan . (Jun 21)
- Re: No anti-virus software? No internet connection Jubei Trippataka (Jun 21)
  - Re: No anti-virus software? No internet connection Ivan . (Jun 21)
    - Re: No anti-virus software? No internet connection Tom Grace (Jun 22)
    - Re: No anti-virus software? No internet connection Christian Sciberras (Jun 22)
    - Message not available
    - Message not available
    - Message not available
    - Re: No anti-virus software? No internet connection Bipin Gautam (Jun 23)
    - Re: No anti-virus software? No internet connection Cor Rosielle (Jun 24)
    - Re: No anti-virus software? No internet connection Walter van Holst (Jun 24)
    - Re: No anti-virus software? No internet connection Valdis . Kletnieks (Jun 24)
    - Re: No anti-virus software? No internet connection Walter van Holst (Jun 24)
    - Re: No anti-virus software? No internet connection T Biehn (Jun 24)
- Re: No anti-virus software? No internet connection William Warren (Jun 22)
  - Re: No anti-virus software? No internet connection Romain (Jun 22)
- Re: No anti-virus software? No internet connection Valdis . Kletnieks (Jun 22)
  - Re: No anti-virus software? No internet connection Christian Sciberras (Jun 22)
  - Re: No anti-virus software? No internet connection quispiam lepidus (Jun 22)

(Thread continues...)