Good lightweight anti-virus?

[Don Kelloway]

Art wrote:
[snip]
You're not safe, but you're ignorant if you take hits. Do yourself a
favor and learn "safe hex" :
false premise leads to false conclusion... safe hex does not guarantee
one won't take hits, therefore the fact that he has taken hits does not
imply that he wasn't following safe hex nor that he was ignorant...

The false premise too many users seem to operate on is the
inevitability of taking hits. Obviosly there are no guarantees. It's
all a matter of reducing the likelyhood of taking hits to such a small
anount that in practice it may never happen. Also, the plural "hits"
is even more unlikely. I expect I might take a hit sooner or later but
I would be surprised if I ever take two

since there are no guarantees, taking a hit *is* inevitable... just as
inevitable as losing money at the casino... in the long run you always
lose...

Lousy analogy. In this game we can stack the deck in our favor.

your only real hope is to quit while you're ahead...

More bullshit. You're dealing here with probabilities, not
certainties. It's quite possible that some of us will never take a
single hit.

Art
http://home.epix.net/~artnpeg

I certainly can't be the only one, but I will chime-in and state for the
record that in my 20+ years of computing, including two-thirds as many years
involving the Internet, I have *never* been hit. Though I've been privy to
fixing many other people's computers who have. The funny thing is that in
almost all instances, each were using some sort of AV product.

Do I run AV software real-time? No.
Have I always practiced Safe-Hex? Absolutely!
Has my ability to perform my job been hindered by the practice of Safe-Hex?
Not in the least.

 

[kurt wismer]

Lousy analogy. In this game we can stack the deck in our favor.


More bullshit. You're dealing here with probabilities, not
certainties. It's quite possible that some of us will never take a
single hit.

if you go for long enough the probability of not getting hit at all
approaches zero no matter how much you stack the deck in your favour (i
can explain the math if it's necessary)... that's why i said your only
real hope is to quit while you're ahead...

 

[edgewalker]

I certainly can't be the only one, but I will chime-in and state for the
record that in my 20+ years of computing, including two-thirds as many years
involving the Internet, I have *never* been hit. Though I've been privy to
fixing many other people's computers who have. The funny thing is that in
almost all instances, each were using some sort of AV product.

Too many people use AV as an alternative to safe hex instead of a part
of it. They want to be able to execute every program they find, and use
AV as an enabler.

 

[Art]

if you go for long enough the probability of not getting hit at all
approaches zero no matter how much you stack the deck in your favour (i
can explain the math if it's necessary)... that's why i said your only
real hope is to quit while you're ahead...

If go long enough the sun will burn out. I don't think anyone is
interested in your asbsurd misapplication of mathematics, Kurt.

Art
http://home.epix.net/~artnpeg

 

[* * Chas]

I certainly can't be the only one, but I will chime-in and state for the
record that in my 20+ years of computing, including two-thirds as many years
involving the Internet, I have *never* been hit. Though I've been privy to
fixing many other people's computers who have. The funny thing is that in
almost all instances, each were using some sort of AV product.

Do I run AV software real-time? No.
Have I always practiced Safe-Hex? Absolutely!
Has my ability to perform my job been hindered by the practice of Safe-Hex?
Not in the least.

In late August, 1995 I found that I had the first 2 Word macro viruses
on my WFWG 3.11 PC. I wasn't running a full time scanner but I did have
Norton AV 3.0, McAfee, MSAV and Central Point AV installed an updated.

I scanned every floppy and DL file and practiced a paranoid level of
safe hex. There was no way of knowing or protecting my PC from this
infestation because it wasn't until MS released a Word Macro scanner
that week that anyone knew of the threat!

At that point I switched to Dr Solomon's running as a full time scanner.

Chas.

 

[Don Kelloway]

Too many people use AV as an alternative to safe hex instead of a part
of it. They want to be able to execute every program they find, and use
AV as an enabler.

Very true. It's almost as if some persons believe that because they have an
AV solution, it should excuse foolishness.

 

[Art]

In late August, 1995 I found that I had the first 2 Word macro viruses
on my WFWG 3.11 PC. I wasn't running a full time scanner but I did have
Norton AV 3.0, McAfee, MSAV and Central Point AV installed an updated.

I scanned every floppy and DL file and practiced a paranoid level of
safe hex. There was no way of knowing or protecting my PC from this
infestation because it wasn't until MS released a Word Macro scanner
that week that anyone knew of the threat!

AV researcher Sara Gordon is credited with finding the original
Concept macro virus in the wild, presumably alerting av vendors to
this "new" kind of virus. This was in the summer of 1995. So obviously
it was known by some before any scanner had detection, and a "early
warning" may have been issued on the internet before scanners had
detection.

When you say you practiced paranoid safe hex, I hope that means you
waited a few days on any new files of any kind before scanning and
using them. It may be that there was a unusually long time lag in this
case for av vendors to react since this was a entirely new kind of
virus at the time. I don't know. But my point is that it's a important
part of safe hex to wait awhile for av vendors to release updates.
This is a reason why those who use and trust realtime scanning
exclusively are at high risk.

Today, the best av vendors have honypots and human monitors all
over the world using wideband. Reaction times to previously "unkown"
malware have dropped significantly since 1995.

Art
http://home.epix.net/~artnpeg

 

[kurt wismer]

if you go for long enough the probability of not getting hit at all
approaches zero no matter how much you stack the deck in your favour (i
can explain the math if it's necessary)... that's why i said your only
real hope is to quit while you're ahead...

If go long enough the sun will burn out. I don't think anyone is
interested in your asbsurd misapplication of mathematics, Kurt.[/QUOTE]

if you estimate that a person has a 99.99% chance of not getting hit on
any given day, the probability of never getting hit drops to no better
than 50/50 in less than 19 years... hardly comparable to waiting for the
sun to burn out... i don't know about you but i've been using a pc for
nearly that long - pretty soon i'm going to be tossing coins...

 

[* * Chas]

AV researcher Sara Gordon is credited with finding the original
Concept macro virus in the wild, presumably alerting av vendors to
this "new" kind of virus. This was in the summer of 1995. So obviously
it was known by some before any scanner had detection, and a "early
warning" may have been issued on the internet before scanners had
detection.

When you say you practiced paranoid safe hex, I hope that means you
waited a few days on any new files of any kind before scanning and
using them. It may be that there was a unusually long time lag in this
case for av vendors to react since this was a entirely new kind of
virus at the time. I don't know. But my point is that it's a important
part of safe hex to wait awhile for av vendors to release updates.
This is a reason why those who use and trust realtime scanning
exclusively are at high risk.

Today, the best av vendors have honypots and human monitors all
over the world using wideband. Reaction times to previously "unkown"
malware have dropped significantly since 1995.

Art

That was the era of 14k dialup CompuServe, AOL, BBSs and snailmail
floppies. MS sat on the info for over a month. They finally released
detection, cleaning and immunizing programs although if I remember
correctly at first they were not all in one package.

When I read about Word Macro viruses in the old CompuServe Antivirus
forum, out of curiosity, I DL the MS detection file and found 2 infected
Word .DOCs.

I used to receive a virus infected floppy at least once a month and the
principle at a company that I worked for used to Email me macro infected
Excel files all of the time. They were using Norton Enterprise AV
software and were still getting clapped up at least once a month.

Aside from the Macro virus problem I never had another infection on any
of my PCs but I have been attacked by a number of exploits and other
malware while surfing.

Since I use the web for business surfing and Email, I don't have the
luxury of waiting a few days before opening a file. That's why I depend
on AV software with heuristics. It's a necessary evil..... Life is hard,
then you die!

Chas.