J
JamesJ
I'm not sure if I'm ready to have a system without anti-virus software.
What a concept!!
James
What a concept!!
James
J
JamesJ
So what you're saying is if I follow your suggestions (which by the way are
logical)
I have no chance what-so-ever of contracting a virus? 0
James
logical)
I have no chance what-so-ever of contracting a virus? 0
James
J
Jesper Ravn
JamesJ said:
Maybee. If you want to pay for a product, that in the end only will give you
more problems than it solves, then is your choice.
I just tried to give you a more simple and free solution to the malware
problem.
/Jesper
K
Ken Blake, MVP
Yes, and other forms of malware. I completely disagree with Jesper
Ravn.
Certainly you can and should follow safe computing practices. But
relying on them is foolhardy. No matter how careful you think you are,
you are always susceptible to making a mistake, particularly on a day
when you are tired, upset, had a fight with your wife, etc. Backing up
those safe computing practices with security software is another layer
of protection, and that layer is good to have. In fact, I think it's
foolhardy to not have it.
J
JamesJ
You definitely opened my eyes to a few things.
I know these suites do eat up resources and of course I do
appreciate your ideas regarding security.
James
I know these suites do eat up resources and of course I do
appreciate your ideas regarding security.
James
J
JamesJ
Thanks much for the insight.
Let me sleep on this. It's starting to boggle the little mind I do have.
James
Let me sleep on this. It's starting to boggle the little mind I do have.
James
J
JamesJ
More than 2¢ to me.
Thanks
Thanks
Dave said:
J
Jesper Ravn
Ken Blake said:
Please think out of the box, and stop put fear into peoples mind.
I could give you a lot of other reassons why you should not use a security
suite + security utilities.
Slow computer
Computer crashes (no backup)
Slow internet
Waste of mony and time
Poor detection rate (false security)
A lot of support calls/noice in all the security forums today
etc.
Educate the users (secure standard setup + backup) instead of giving them a
lot of junk applications.
/Jesper
J
Jesper Ravn
JamesJ said:
I have made this setup on many private computers without any problems
(family, friends, nabo, etc)
No more support calls, no more malware period.
/Jesper
J
Jesper Ravn
FromTheRafters said:
And here we go again, right back to the all the problems.
Next step will be to install Ccleaner 2009 + RegCleaner 2009 + Virtual
Sandbox 2009 + SuperDuperAnti 2009.
Just give the young people what they want "fancy and cool removal tools and
most importent dont think.
/Jesper
J
JamesJ
Most of that sounds familiar.
Jesper Ravn said:
J
Jesper Ravn
Dave said:
Hi Dave
I almost agree with you
. keep it simple and do your backup./Jesper
F
FromTheRafters
Jesper Ravn said:
When did we start talking about online scanners and trojans? I was
talking about *viruses* and local antivirus (detection) scanners.
I agree wholeheartedly! That is why I said the suggestions were
excellent. My disagreement is with your statement that antivirus was not
needed given the proposed scenario.
Yes, the security suites become "enablers" for the sloppy security
practices it is human nature to engage in.
Wrong again - malware needs neither admin rights nor to be "installed"
in order to function. Viruses, in particular, only need to do what the
user is able to do.
Trusted sources can be infected too. You should get your programs only
from trusted sources *and* scan them for viruses.
This assumes bad behavior (not thinking) is the only way to allow
"slipping through" - that is not the case. Even with good behavior
viruses can slip through, Also - patches often get applied *after* an
exploit has been circulating for some time. If such an exploit carries
with it a virus, then you are back to scanning as the only option to
detect it.
How hard can it be
Harder than you think it is.
F
FromTheRafters
JamesJ said:
No!
Vulnerabilities should get patched no matter what other security
measures are in place. All of the suggestions in Jesper's post are
good...but you *still* need antivirus. Security suites are often not
"best in class" for each class of malware they address. Many features in
suites are "fluff" and give you a false sense of security which is bad
because you start to feel you can do all kinds of really stupid things
and your suite will protect you. *You* should protect you - and use
software to do the things that you cannot do yourself (like searching
through prospective programs for viruses).
F
FromTheRafters
Jesper Ravn said:
No, I'm talking about scanning before executing a program.
I drove a Ford Pinto who's gas tank never blew up. What's your point?
)Google cannot tell you if a trusted program from a trusted source is or
is not infected with a known virus. Only AV can do this with any
reasonable success rate (unless you can read code and recognize viruses
within programs).
J
Jesper Ravn
FromTheRafters said:
#Ok, lets call it malware, it does not change anything.
# I also asume that your system its up-to-date. But even if its not SRP
should prevent any code from executing, please see below.
#Example of software restriction policy in action:
#http://www.wilderssecurity.com/showthread.php?t=233899
#Yes and my house and computer could blow up, but that is one of the risk im
willing to take.
#Do remember, I have a backup for these disasters.
#Security is a process, not the right set of tools.
#What are the chances that my AV will detect it within the right timeframe?.
#You can always read about the worst scary senarios, But then again, do the
best you can and then forget about it.
#No at all.. keep it simple and you will be ok.
/Jesper
J
Jesper Ravn
FromTheRafters said:
Also did you see this?.
Removing admin rights stymies 92% of Microsoft's bugs
http://www.pcworld.idg.com.au/artic..._rights_stymies_92_microsoft_bugs?fp=2&fpid=1
/Jesper
J
Jesper Ravn
Why do I want that. SRP will prevent the malware from executing in my
userprofile.
LUA will prevent it execute in programfiles and system area.
Catch-22 situation.
My point is that the chances are very low for you to get infected from
trusted sources.
Also, normal "mr and mrs" do not intstall applications every day.
Ok, then do the damn online-scan. Here you have 20-30 AV scanners and not
just one.
http://virusscan.jotti.org/
http://www.virustotal.com/
That could be point 7 on my list. Is it ok with you now.
/Jesper
userprofile.
LUA will prevent it execute in programfiles and system area.
Catch-22 situation.
No, I'm talking about scanning before executing a program.
I drove a Ford Pinto who's gas tank never blew up. What's your point?
My point is that the chances are very low for you to get infected from
trusted sources.
Also, normal "mr and mrs" do not intstall applications every day.
Ok, then do the damn online-scan. Here you have 20-30 AV scanners and not
just one.
http://virusscan.jotti.org/
http://www.virustotal.com/
That could be point 7 on my list. Is it ok with you now
./Jesper
G
Guest
I think when Windows Vista detects a third party firewall, it will
automatically turn off its built-in firewall to avoid conflict.
Maybe a security suite is not the best solution for personally computer, but
it is not something bad from my point of view.
So you can ignore Windows Firewall if you have already had your own firewall
product.
automatically turn off its built-in firewall to avoid conflict.
Maybe a security suite is not the best solution for personally computer, but
it is not something bad from my point of view.
So you can ignore Windows Firewall if you have already had your own firewall
product.
F
FromTheRafters
Jesper Ravn said:
Yes, it does. Viruses don't often appear as stand alone program files,
they appear as code attached to preexisting (perhaps trusted) programs.
It is easy to decide not to execute some new and untrusted program. Not
so easy to determine if a trusted program has been infected. AV is also
useful in detecting non-viral malware that modifies (infects or
'trojanizes') programs by adding malicious functions.
[snip]