Detection vs Threat Prevention

That statement I would disagree with, the data stored on the common pc is an extremely juicy target that is a very high priority for criminals making money everyday harvesting it via spyware infections.

 

I wounder what they use for protection.....maybe heuristic or definitions, maybe it's similar to your model?

I definitely don't want my personal info out there on a maybe I'm secure.

 

groups of PC's are yes, but you as a single PC wont be SPECIFICALLY targeted as the government wuld. ur just another number to the hacker, the government on the other hand is a big entity who are constantly targeted.

 

If people were to not store sensitive data on thier computers, then what would be left to steal other than keylogging for passwords or account numbers? Windows or games keys? If data theft is the issue, is it not resolved by not keeping data?

A simple solution for that seems to be a live cd or sandboxie that deletes traces, or some variation thereof.

Sul.

 

rich, using Opera 10. I'm pretty sure you can configure it on the older version (tools, appearance, buttons, preferences - then drag the feature you want anywhere in the browser). I used to configure the browser, for example, by dragging the full-screen shortcut on to the toolbar, removing the google toolbar, adding the 'tile' feature to the toolbar, or any feature you use, right to the toolbars.

I know Opera 10 has a turbo feature, for slower connections, which can be turned on/off in the bottom left corner. Good for wireless connections. By default it's actually quite safe when browsing, as plugins are deactivated. eg. videos will only load if you click-on the 'Opera play' icon.

So for regular users, I agree javascript should be off with unknown/unsafe surfing.

But at least those using 'Opera 10 - with the Opera turbo feature', although images will be lower quality, this could also be recommended for safer browsing, performing a similar function (but not as effective) to deactivating javascript. You would be better at testing this out though.

Take a look at the images below.

Opera 10 - javascript off



Opera 10 - Opera Turbo on (javascript left at default settings)



Opera turbo can be switched on/off by clicking in the lower left-hand corner. See highlighted arrow.

 

Thanks Saraceno for the screen shots. When you are connected to a site, such as FoxSports, does your javascript button at the bottom function globally, as with the F12 menu?

​

Or does it configure javascript just for that site, as when you bring up the Preferences for that site?

​

thanks,

----
rich

 

rich, functions globally, same as the F12 menu.

In the version you're using, you able to drag additional buttons from the appearance (shift+F12) menu to the statusbar?

Regarding Opera turbo, with it activated, it still allows say the 'manage attachments' on wilders to open in a popup, but if I uncheck javascript, 'manage attachments' obviously doesn't popup at all.

Nevertheless, when I used to use k-meleon, best feature I found was that it had an additional menu to deactivate javascript etc from the taskbar - a little ugly for my liking though. But deactivating javascript from Opera, most of the junk trying to open I don't need, and pages load faster now. Thanks.

 

While an alert user might be able to keep track of this, I would not recommend it for the average user. With javascript enabled globally, there is the danger of going to another website with js enabled unawares, only to be redirected to a malware site with js enabled.

It is an extra r-click to bring up the site Preferences, but time well spent to insure safety.

Thanks for the clarification.

----
rich

 

Here's an interesting one, my first Windows based PC was Windows 1.0 on a Commodore Colt with a blazing 4.7Mhz CPU a little over 20 years ago.

In all these years, i've had more damage done to my system by Antivirus/Malware "Solutions" than i have by Malware itself. I've had Norton 03, AVG in about 06 and just a few weeks ago GesWall brick my machine and render it unbootable/unrecoverable and a few fixable corruption issues in between.

My current system is focused on prevention with a secure browser, behind a HW firewall, HIPS controlling what apps do and connect to. If i do get infected the malware can't do a lot, no passwords in my browser and virtually no personal info just sitting on my PC. Most my applications are portable and synced to another drive, so a copy/paste of my portableapps folder will have over 100 programs "installed" on a fresh OS and i'm largely back in business.

So detection, and virtually eliminating harm caused and recovery time plus redundancy in the event of a failure (not just malware) is where i've invested the most time.

 

on the matter of lines of defense, application whitelisting really makes more sense near the end. it can only be the first line of defense if you're neglecting other preventative opportunities.

http://anti-virus-rants.blogspot.com/2009/05/defensive-lines-in-anti-malware.html

actually the statement applies to companies that provide not just the whitelisting software but the whitelist itself - if they have a comprehensive whitelist then they don't reverse engineer everything they add to their whitelist. and when you consider the size of some of those whitelists (bit9's database of safe programs numbers in the billions of records, and growing by millions each day) it makes perfect sense. it's infeasible to reverse engineer that many programs.

 

It seems that you did not understand what I am telling you. Why are you testing your "security" application on VM systems if new malware coming out is coded to sniff them out and wait until they hit a non-VM system? If you really wish to "test by fire" your "security" application then I recommend that you do so on a non-VM environment. If you do not do so, I can confirm that your "security" application does not secure current and future threats.

 

data is not the only resource an attacker may be after. cpu cycles and bandwidth are also of great benefit to attackers.

 

Are you referring to hijacking a server and using it to host files and such? Or using cpu cycles to do things like the SETI research, albeit with a more malicious nature?

Are these types of activities really common on home pcs? I know they can be on servers. I have not really heard much in that line on home computers though.

Sul.

 

i'm referring to fast flux botnets - which i'm sure you have heard of on home computers.

 

conflicker?

 

Why is the screen so compressed in the video?

 

Wow, more things to learn. Got to google that. It sounds interesting.

 

http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=211201257