funsec mailing list archives
Re: No AV? Shock, horror!
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Tue, 29 Sep 2009 08:50:39 +1300
Blanchard_Michael () emc com to Dan Kaminsky:
Is there a source of data showing 10,000 machines with AV are less likely to be infected than 10,000 machines without?I'm sure there is, ...
I'm not so sure there is -- in fact, I'm fairly sure there is no such study.
... but I would have to say that machine platform would play a major factor for infection along with user.
If you treat "infction" as a purely binary state, then maybe not so much... If you count each instance of "different" malware per machine, then probably so...
If we're talking 10,000 windows home users without A/V, VS. 10,000 Windows home users with AV, I'd say for certain that those without are more likely to become infected. Would be interesting to see a formal study on this though....
As I said, the results are much less certain depending on how you define "infected".
For *nix platforms there is a greater chance of having a file that is infected stored on it waiting for a vulnerable box to grab it and run it than the *nix box itself getting infected.
But if we add "owned" to the things we count as "infected"... Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- No AV? Shock, horror! Rob, grandpa of Ryan, Trevor, Devon & Hannah (Sep 25)
- Re: No AV? Shock, horror! Valdis . Kletnieks (Sep 25)
- Re: No AV? Shock, horror! Drsolly (Sep 25)
- Re: No AV? Shock, horror! Blanchard_Michael (Sep 28)
- Re: No AV? Shock, horror! Dan Kaminsky (Sep 28)
- Re: No AV? Shock, horror! Blanchard_Michael (Sep 28)
- Re: No AV? Shock, horror! Nick FitzGerald (Sep 28)
- Re: No AV? Shock, horror! Michael Collins (Sep 29)
- McAfee really DOES write new Malware! Wholey Moley! Blanchard_Michael (Sep 29)
- Re: McAfee really DOES write new Malware! Wholey Moley! Rich Kulawiec (Sep 29)
- Re: McAfee really DOES write new Malware! Wholey Moley! chris (Sep 29)
- Re: McAfee really DOES write new Malware! Wholey Moley! Blanchard_Michael (Sep 30)
- Re: McAfee really DOES write new Malware! Wholey Moley! Rich Kulawiec (Sep 30)
- Re: No AV? Shock, horror! Blanchard_Michael (Sep 28)
- Re: No AV? Shock, horror! Dan Kaminsky (Sep 29)
- Re: No AV? Shock, horror! Blanchard_Michael (Sep 29)
- Re: No AV? Shock, horror! Kenneth L. Bechtel, II (Sep 29)
- Re: No AV? Shock, horror! Blanchard_Michael (Sep 29)