Hello Wilders, Earlier this year, I was searching for something on the forum and this thread showed up in the results, it includes posts by active forum members, while others haven't been active in a long time. And I thought it would be fun to post this now at the end of 2014. Though, it's a shame that some talked more about the human race and other stuff than about what you expected it would be like 6yrs later. But some guessed pretty good as well. "Anti-Virus in year 2015?" that is the title of the thread created in 2009. The TS was asking the following........... https://www.wilderssecurity.com/threads/anti-virus-in-year-2015.236627/ @TonyW @Fly @xxJackxx @larryb52 @steve1955 @Firecat There may not be much to discuss about it, but no harm in posting it so take it for what it is.
Well so far 2014 was the year for malware with more than 43% of all malware since 1984 and 2015 doesn't look like it's going to slow down! TH
Working today in the lab on malware removals and knocking some hackers off some client servers... So far, it certainly does appear that 2014 was a banner year in malware! Just pulled a machine with this;
Anyone wants to say what to expect from AV software in 6 years from now? I expect firewall and sandbox become standard features.
AV with no slow downs either in bootup or browsing yet feature much more highly advance heuristics and/or behavioral detection. Plus protection for Wi-Fi connection for privacy related issues.
i just am shocked its been almost 10 years since i signed up. i just dont know where the time went. it feels like just last year. it sucks as you get older how much faster time skirts by you.
I would expect cloud scanning to become very sophisticated, as a result AVs will have no impact in terms of performance. I also think a form of sandboxing and/or white-listing might be implemented.
Yea my 10 year anniversary just pasted in November it's hard to believe and the time has flown by made many good friends and remember all the old vendors over the years that were hosted here and most of them are gone bye, bye!
I was of the impression that firewalls were pretty standard now. I expect sandboxing to become much more common.
Sandboxing is on the way out. I think largely because malware has become sandbox aware. Reputation/Insight systems seem to be what protects the best now, and I think as they evolve along with ATP those will be the predominate technologies
No, Sandboxing is not on the way out and there are still approaches that are not vulnerable to "detection" by malware; rather it is the current computing platforms that are changing with some being able to see the end of their time in the sun. Regardless of where the data is stored, you will still require some form of end-point to access and interact with that data and the concepts developed in the era of the personal desktop/workstation will still be valid well into the future.
Old methods are becoming relegated to more basic layers, while advancing malware - largely because of state sponsored malware being in the hands of malware authors - are forcing a rapid evolution with technologies.
Being sandbox aware will what, stop it from executing because it detects a sandbox? There is no problem there. As for escaping the sandbox, I doubt most malware is on that level. I think sandbox technology will improve, not disappear.
this is true as the end-point becomes a more simplified tool to access the data that will not be stored on the local device. The focus going forward will be to provide strong security and privacy for the end-point while the more traditional solutions will be more efficiently applied at the cloud/data storage level. Think of the near future as an exciting time as our tools evolve to meet the new reality of ubiquitous, on-demand mobile computing rather than the "chained to the desktop" model we have had for the last 25 years...
I think that is where Bit Defender is going with 'The Box', potentially effective protection not chained to one location, or one desktop. However the 10/100 restriction on it is ludicrous, so it will likely die pretty quickly. I can't even buy one to test it because I am moving to 150/150 or so in a few weeks. But their idea is sound - I think.
To think it's been ten years since I joined this forum, it's been a crazy journey growing up from the age of 12 to 22. I was right though, anti-malware still exists - though evolving.
Okay let me list up anything I think of regarding security affairs in 6 year from now. -Sandboxing function in AV/IS stays only for geek's AV such as Avast or Comodo and will not be standard or prevalent except for safepay-like feature. -More AV/IS will implement behavior-based anti-exploit and more and more heavily rely on cloud, including adoption of general hush (like ssdeep) for cloud-based signature detection. -Some AV/IS company move their machine learning system in cloud to neural-network based system if not yet done. -Testing organization will refine their scheme again, that includes new real-world test which take post-infection security into account, and test against APT scenario. -Microsoft will implement mitigation against kernel attack into future EMET. -Windows will lose it's popularity on desktop PC more and more, and other OS will continue to grow up. -We will see the first iOS malware which eihter escaped Apple's audit or exploited Safari or email client or other software bug. -We will see the first ITW exploit against Chrome. -Ransomware will not be major role anymore. -We will see new tendency in malware which has legitimate function (not simple function such as displaying image, but complicated function such as office suite) to deceive user and hide its true purpose. -More adoption of HTML5 and also IPv6 will introduce new attack vector besides already known ones. -IoT malware will attract more and more attention, and boundary btwn physical security and cyber security will become less and less clear. -We will see the first large scale attack against SCADA system and will be frightened. -Another more practically useful vuln will be found in AES. -Practically useful vuln will be found in SHA1 and it will die as a hash algorithm to check modification. -Another vuln will be found in TLS1.2. -Some service or product will adopt quantum communication to secure its communication. -Info on biometrics will be abused, and discussion about privacy of it will raise much. -Some governments and civic group claim and actually try mess in TOR to "prevent" crime or child porn. -Bitcoin will concede its place as the most adopted online currency to new currency. -More country will make law to justify counter-cyber-attack against cyber attack from other country. -China gov will finally give up its internet restriction IF more people continue to resist it.
All very interesting predictions, particularly the two that I quoted from you. It would be great to see EMET get even stronger and since Microsoft has the upper hand, they would have the potential to take things deeper into the kernel because they have access to many internal specifications that have not been made public with APIs and such. Also, I can imagine that happening to Chrome some day as well. The Chrome Security team is also thorough and fast when it comes to patching vulnerabilities. But imagine, as you suggested, if malware devs were able to find an exploit and take advantage of that quickly and efficiently, but also at the same time render Chrome's built-in updating mechanism useless by disabling that so that users could not get the patch when it is released. Between exploit spreading ITW on massive scale and Chrome dev team releasing patch, there may only be a small window of opportunity of, for example, 8-24 hours, for the the exploit to spread across Chrome user base and disable all users auto-update abilities prior to patch being pushed out. But it is certainly a possibility. Your predictions have opened my mind up a bit. As a matter of fact, this whole thread has. Makes you think ahead for the "what if?" security scenarios that could happen sometime in the near future.
I joined 2 days after my birthday. Yes time does pass by faster once you have more days behind you than you have ahead of you. OMG! I have socks older than you! What I would give to turn the time back and be young again.
Couldn't agree more, which is why I risked controversy by saying sandboxing isn't part of the scope of new technologies we are seeing. I wonder if thin clients may become more prevalent in the home? I doubt it, but interesting to think about it as a way of securing the home. Blended threats seem to be the elephant in the room. I discovered Tivo was leaving Series 3 systems unpatched, and vulnerable. Since you aren't installing anti-exploit software on Tivo, that leaves the UTM/NGFW as your exclusive protection. My prediction is within 5 years almost all homes will have UTM/NGFW type appliances to cover blended threats, and the wide array of attached devices. I think it is pretty bad some companies (like D-Link) express no interest in offering at least basic UTM functionality for the home on their latest equipment. Why not get ahead of the game? Right now I only recommend SOHO UTM's, Distro-UTMs, and ASUS routers to consumers because of the blended threat situation.
I was not clear, but I think real Chrome exploit will occur firstly on targeted attack. I'm quite not sure if we will see mass attack against Chrome within 6 years. Simply that is not cost-effective to common criminal. Also, disabling Google Update requires admin right as recent Chrome register it as a service (if you installed Chrome under AppData, it's not the case), though attacker might got the right during procedure of sandbox bypass. I admit in this regard (preparing next IoT era and blended threats) Trend went/go ahead, and somewhat worry about Symantec as they still don't publish any actual product or service (except for Norton Connect Safe and that they integrated mobile protection into main product line, that is no more sth special) while their "Norton Everywhere" plot sounds decent.