Trend Micro 'in the cloud' technology

Looks alot like Mcafee new technology to me. Maybe it's the future of anti-malware fight.

http://news.cnet.com/8301-10789_3-9971915-57.html?part=rss&subj=news&tag=2547-1_3-0-5

 

It makes sense. Heuristic technology is more or less at its limit now, since they can't further develop any new, significant mechanisms without starting to increase their FP rate as well, and heuristics algorithms are beginning to prove more and more helpless against the mechanisms and techniques designed to defeat them. Odd as it seems, the solution is to go back to signature-based scanning, which can provide accurate detection with less chance of FPs.

Companies who rely heavily on heuristics are going to find themselves outgunned, since heuristics are essentially computer recognition algorithms that are inherently bypassable, and the malware industry has more than ample time, manpower, and incentive to do just exactly that. The vendors who will successfully fend off this new onslaught are the ones who have the manpower to take the bad guys head on.

 

Not good news to some av makers

 

First Google buying greenborder, Now Trend Micro, may be a new trend?

https://www.wilderssecurity.com/showpost.php?p=1156260&postcount=1

Besides Norman, now Rising also using virtualisation and behavior analysis, ThreatFire free checking its AV data base . . .

Okay the cross over of HIPS/FW and Threat mitigation was not mentioned, but then I asked for it my self, https://www.wilderssecurity.com/showpost.php?p=1270824&postcount=14 so that is half correct

 

The price is also in-the-clouds : one-time fee of $40,000 and an annual fee of $20,000 for the first suite, the price of second suite is still unknown. Let's hope it works.
http://uk.trendmicro.com/uk/about/news/pr/article/20080619173220.html

 

you forget this is the American dollar we are talking about. 40,000 US is now .50 cents in some Countries. hell we love paying 5$ for a gallon of gas now

 

Uh, lol, no, we don't love paying 5 bucks a gallon for gas, though by the end of the year I would not be shocked if that was what we were paying. Besides, 40k is 40k in America, we don't care what it is in other countries, lol. Personally I don't see where this program is so different and spectacular that it deserves the 20-40k per year.

 

Where I currently Live in the US. gas is at 4.54 a Gallon and yes 40k is still 40k but let me tell ya a Million dont go as far as it used to. give them 10 years it wont be over priced anymore

 

dont worry in a few months all av vendors will create a similar technology with a different name and the price will go down very quickly.

to get back on topic. im trying to understand how this works.

 

I have a pretty bad feeling that in 10 years this new technology will be about as effective against attacks as a potato gun in a nuclear conflict. I don't get this either, unless I missed a paragraph or two this looks like Trend Micro doing the job of the IT guys and nothing more, and charging 20-40k a year for doing it.

 

Think about it pay a tech 100K + a year to maintain the network or pay Trend 20k a year.... I see some tech's moving to welfare now

 

You make a good point, though IT guys will still have their use I'm sure, oh, like, let's say snooping on co-workers, http://www.reuters.com/article/technologyNews/idUSL1911968220080619. Hehe.

 

Do you seriously believe that anti-malware technologies from 10 years ago are of any use today?

Threats evolve, and so do protection mechanisms. There's no point in looking for a miracle cure that will provide everlasting protection today and forever.

 

I have beaten Trend Micro Security already, so I'm not exactly waiting for the "in-the-cloud" technology. Eva Chen should better concentrate on "whitelist" technology, instead of running after the bad guys and pick up their droppings in the clouds.
If you want to win the war, you don't run after the bad guys, you run faster than the bad guys.

 

isnt white listing harder than black listing?
how many legitimate applications would you have to say yes its fine?
and everytime they update they have a new installer etc.

 

I'm talking about whitelisting based on your computer, not world-wide, file integrity checking, ... whatever it takes to remove any change immediately that doesn't belong to your original system.

 

oh right that way.
as said before not many people can work like that.

 

I'm not sure I get your point? My comment was that this new "in the cloud" thing won't be very useful 10 years from now, so of course I don't believe anti-malware tech from 10 years ago (as if we truly needed it back then) is of much use today, hell, 2 years ago Spybot and Ad-Aware were top dogs, look at them now.

 

My point is that virtually nothing today will be useful 10 years from now, so saying that Trend's new technology won't be seems like a rather redundant statement.

 

And I agree with your point, it wasn't redundant though, it was just an opinion I stated along with what else I was saying

 

Yes they like to spend alot of time on cleaning their computer with many security and cleaning softwares, the classical way.

 

ErikAlbert,

May I quote some excellent advice that you are in dire need of taking attention of.

Enjoy.

 

White-listing ala Anti-Executable (if that's what you refer to?) is useless for regular users. I would also question the need for such a program at all, because it's only usable for advanced users, and they can achieve similar security by using LUA+SRP. No need to buy third-party apps

The problem is that you seem to believe regular John Does want a computer that's in a completely frozen state. But in reality most people would like to install software/games every now and then, or do other changes to the system. And if you really don't want to be able to install anything, I would rather recommend using a stripped down linux distro instead of Windows - it's cheaper and more secure.

So if the 13 year old kid in the house likes to download games from the internet, a white-listing approach is of absolutely no use. The reason is it can't differentiate between new legitimate programs and malware. And quite often malware is hidden inside other legitimate software. And when you install it, you have to somehow shut off the white-listing program, or manually approve that you want to run a new app. So if it contains malware, you pretty much f#%& without antivirus or other security apps

 

I completely agree here. A frozen snapshot/boot-to-restore setup is pretty darn sweet and I'm sure it works beautifully. BUT, if anyone out there is like me, their systems are getting things installed/uninstalled left and right and just plain being used ALL the time. I download things every day, and, if I don't like something, I get rid of it, so frozen systems (besides a Returnil type of approach) just aren't suitable for me. As far as whitelisting, well, there's just no way now that blacklisting can keep up anymore, so whitelisting CLEAN files/processes or whatever is a good thing.

But the key term here is CLEAN, prior to whitelisting, or whitelisting won't do a bit of good. As far as installing programs, any whitelisting app worth its salt should be catching anything that isn't up to any good. The anti-malware/antivirus apps should be used to scan whatever file you're messing with before you even think of clicking on it. Both pre-scanning and whitelisting a clean system should prevent the biggest majority of problems. Cleaning up the mess that software leaves behind is a different thread.