P
plun
Bitman
The only way I can see is to use Firefox with Adblock including
Filterset G, every "damned" banner is removed and all stupid ads.
ActiveX is also "out of order" with Firefox
The bad guys using exactly the same tactics as Google and MSN to
catch users. Maybe they can clean up this junk yard ?
I don´t believe any longer in security applications for this junk
which the bad guys now rolling out in thousends of dirty sites.
I only believe that EDUCATION can save us and especially one user group
which soon are totally lost. This group doesn´t understand how the bad
guys works. This group lives in this swamp and also uses a PC for
online banking. Crazy....
We also have young users which are totally trapped within this mess
with
junk.
IE7 and Windows Defender doesn´t solve this large user groups trouble
with risky sites.
Maybe it´s also time for ISPs to block malware traffic from "dirty
sites".
So it´s tragic to see all users which searches for "Nirvana" with
security applications and then goes to prOn or gambling sites and
believes that they are protected. They are probably not.
But this is about money, big money how to make a "illusion" that
a user is protected...
"Mission impossible" without education....
regards
plun
The only way I can see is to use Firefox with Adblock including
Filterset G, every "damned" banner is removed and all stupid ads.
ActiveX is also "out of order" with Firefox
The bad guys using exactly the same tactics as Google and MSN to
catch users. Maybe they can clean up this junk yard ?
I don´t believe any longer in security applications for this junk
which the bad guys now rolling out in thousends of dirty sites.
I only believe that EDUCATION can save us and especially one user group
which soon are totally lost. This group doesn´t understand how the bad
guys works. This group lives in this swamp and also uses a PC for
online banking. Crazy....
We also have young users which are totally trapped within this mess
with
junk.
IE7 and Windows Defender doesn´t solve this large user groups trouble
with risky sites.
Maybe it´s also time for ISPs to block malware traffic from "dirty
sites".
So it´s tragic to see all users which searches for "Nirvana" with
security applications and then goes to prOn or gambling sites and
believes that they are protected. They are probably not.
But this is about money, big money how to make a "illusion" that
a user is protected...
"Mission impossible" without education....
regards
plun
Plun,
The problem I see is how to get any of these into the hands of the users who
need them. Though many could use the education, I don't see how we can 'force
feed' this without any control.
This is why I see value in the direction that Defender and other similar
anti-malware are taking, even if it does still need improvement. At least
they may learn something from using it as it prompts and informs them about
changes to their own PC.
It's always helpful to offer such tools to others when they show an
interest, but as I've seen from my own monitoring of manual malware removal
sites, most don't have this interest, even after they've had a major
infection and cleanup experience.
With the free availability, marketing and distribution that Defender will
have, it has the most likely potential for wide deployment, so its
development has the greatest future potential to aid the user population.
Being negative about its abilities without aiding in its improvement is
pointless, unless you happen to be a malware purveyor and wish to see it
fail.
I believe that the combination of Internet Explorer 7 and Windows Defender
running on Windows XP Service Pack 2 has the potential to bring things back
in control for those who eventually install it. I only hope that those with
some knowledge can see past their personal prejudice and preferences to the
larger picture and help those around them see the value in these free options
if they have nothing else.
Bitman
plun said:Hi
Users understands it if they sees that prOn sites is spreading malware.
Gambling sites also, if you download or use a serial or crack it is
often prepared with the bad guys stuff.
Show users banners with for example Errorsafe/Winfixer, Aha they say.
Siteadvisor is also really good to learn users, Aha again
http://www.siteadvisor.com/
If you also clicks on every file with MSN Messenger and opens mail
attachments you are often a big looser....
I have tested this within a swedish forum and IT IS a BIG, Aha !
-------------------------------------------------------------------
But.... !
Maybe it´s better that MS opens the curtain and shows us TPM, Intel
shows us La Grande and IBM shows us Blue chip. Opens up Windows Vistas
secret with software control with a chip or a USB stick.
And the Trusted Computing Group shows us how they can control every bit
and byte with security chips.
Windows Vista with todays configuration and UAC is a big joke....IMHO.
The bad guys can easily plant a rootkit but with a TPM chip WITH
security checks it is real security.
Done ! Thats it.... Slaves to MS and TCG and all mega company....
Or maybe this is the solution...?! Remove Security Vendors market and
no need for a cleaning community.
And no "market" for p2p file sharing...
regards
plun
Plun,
You're missing an important point, most users will never understand these
things by themselves. It's nice to believe you can educate everyone to the
level of understanding required, but it's fairly obvious it will never
happen.
What is required instead is that the Real-time protection of both browser's
(Phishing, Add-ons) and antimalware (Processes, Registry changes, etc) must
become more informative and easier to understand so the user can learn 'on
the fly' as the issue presents itself. Most people don't wish to take time
to learn, so where the decision can't be made automatically for them, they
need the best information possible in the fewest words to help them make
the best decision.
This is the direction that Defender has taken, though to some extent I
think it's one of the few important things that Microsoft AntiSpyware Beta
1 (Giant) did better. The clarity of the colors and simple explanations of
it's pop-ups was more helpful than the terse and technical format of the
WD ballons and dialogs.
Technically, Defender is a much better written application for protection
of the system and it's own self-preservation. From a user standpoint,
however, it lacks some of the simplicity of use and presentation of
information to the user, which are more important when the user must be
involved in the final decision of an action to take.
With the proper combination of current Windows Updates, strong
high-security configuration of Internet Explorer, and properly configured
Windows Defender and anti-virus, I can wander through whatever malware
delivery sites I wish and not 'catch' anything. I wouldn't recommend it,
since new exploits are found regularly, but the issue is less
understanding then application of that knowledge. This is the direction
that Vista is taking, by forcing or warning heavily of any
mis-configuration or risks, both internal and external.
Bitman
:
Hi
Well, I can only see what I see within
all cleaning forums today including forums within my own country.
I do know Eric L Howes excellent work with Spywarewarrior and also
about his work at Sunbelt Software. After his Spywarewarrior period I
can see a dramatically changed situation from stupid commercial vendors
hijack to real "bad guys" hijacks.
Maybe if all users read Sunbelts blog there where no victims....
It IS impossible to protect users today and ALL users must learn about
"risky sites"....
This is a challenge beacuse of all Security Vendors and also a big
community around this mess...
Websense showed how to perform a Google search with a special syntax
and
it´s rather funny to see all junk... !
I can say that Adaware, Spybot and WD is useless for users frequently
visting risky sites ie prOn, gambling, warez, p2p, hackz, serialz.
Thats it....! And users MUST learn that !
So I believe that the test result is OK....
regards
plun
Alan,
You are asking the 'Holy Grail' question in the Spyware world today. As
you've seen from the other answers in this and other threads, there is no
simple single answer.
You'll note that Samplas has indicated in his other posts that they don't
have a truly representative set of malware to test and in fact don't even
know what it should be. I actually give him credit for making this
statement since it at least shows that he understands the difficulties
of ever managing to perform tests that will result in useful
information, let alone are truly 'accurate'.
To understand the problem better, see 'The Spyware Warrior Guide to
Anti-Spyware Testing by Eric L. Howes'. Eric is a highly respected member
of the anti-malware community and is well known for his 'Rouge/Suspect
Anti-Spyware Products' and IESpyAds lists, among others. Among his
conclusions the following is probably the most important, and why many
here have told you repeatedly that turning off Real-time protection
makes it pointless.
"Prevention is always preferable to scanning and removal, and users
should securely configure their PCs and install anti-malware protection
to prevent the installation of spyware and adware in the first place."
http://spywarewarrior.com/asw-test-guide.htm#conclusions
You'll note that everyone in this thread has made one or more of the same
points included in Eric's conclusions, probably because most have read it
or learned from someone who has. They're very like the 'Top Ten list of
[Anti-]Spyware'.
This is the key, which is what Defender was designed to do, not simply
clean up after the fact. It's actually not as good at clean-up as some
others, but combined with IE 7 and a good anti-virus will stop or warn
of most attacks before they can become installed. Samplas' tests assume
the malware are already installed, so that assumption explicitly denies
the ability to block the installation in the first place, which is the
strength of many current anti-malware applications.
Also, note that Eric never attempted another set of tests, likely because
as he indicated the tests themselves have limitations.
http://spywarewarrior.com/asw-test-guide.htm#disclaimers
Bitman
:
:
Cleanup Success Rate for Entry-based Viewpoint:
‧ewido anti-malware: 28.66%
‧Microsoft Windows Defender: 24.84%
‧Lavasoft Ad-Aware: 14.65%
‧Spybot S&D: 12.74%
If we take these figures at face value, then I'd have to conclude:
1. The millions of people continuing to use Adaware and Spybot are
wasting their time (it can't be a cookie issue because they both detect
them) 2. My recent visit to the ewido online scanner was probably
pointless 3. Defender is making very little impact despite all this
effort.
It looks like a battle completely lost. Or have the figures been biased
in some way?
