Far too many new Arrivals

Discussion in 'other anti-virus software' started by DVD+R, Feb 28, 2013.

Thread Status:
Not open for further replies.
  1. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    There are no silver bullets when it comes to security. One hundred percent security doesn't exist, and no one really pretends otherwise. Security does not exist in black and white terms, and the statistical majority of infections happen on systems without proper protection and updates. Antivirus remains an important aspect to a multi-pronged/layered defense, and AV apps/suites include more protection features than pure scanning; some are documented and some are not. However, consumer security solutions will continue to be marketed as "antivirus" because that's what the average user understands; even Gratis Software (RegRun and UnHackMe) takes this tact.

    When it comes to commercial malware protection, it's also important to keep perspective on the fact that security software vendors direct the resources they have to minimize as much risk as they can for many thousands of users with unique needs and environments. That is to say that uncommon malware (zoo malware) and individualized targeted attacks are generally out of scope, for the most part, although they do still help and make it that much harder -- which is all that any vendor can do. To say that a company has failed because of things that happen outside the scope of their protection is hubristic at best. Security is about assessing risk and mitigating the greatest amount of risk possible with the resources available -- to try to make it harder than it's worth. Ultimately organizations are responsible for developing a thorough security strategy tailored to their unique environment and needs, which requires knowledgeable personnel (which may be a consultant) that can develop and deploy a tailored security strategy, adapt and update defenses as required, and respond to threats as they arise. To point to one feature of one component of one product within a larger security strategy and declare failure is missing the forest for the trees; it's like pointing to an oil filter in a car engine and declaring the entire automobile transportation industry an abject failure because the filters occasionally need changing.

    The bad guys will always be there as long as there is money to be made and/or secrets to be learned, and they will always find ways to adapt to the security methods of the day, and in targeted attacks (a completely separate issue, really) the human factor will play a large part. Having more companies join the fray is ultimately a benefit; it will provide competition that drives innovation, and it will spread the bad guys' resources thinner. Smaller companies also tend to be more nimble, and it increases the chance that you will be able to find something that more closely suits your preferences. Yes, there will be some vendors that don't really care about security and are just trying to make a quick buck, but making and maintaining a viable security solution is going to be too resource intensive to really make a quick buck, so they'll either get serious or move on. The exception here is vendors that make small solutions that offer to fill a niche in larger existing solutions with the purpose of licensing the product or selling the company to larger vendors, but even these companies are generally run and/or operated by knowledgeable and passionate security people because that kind of elegant innovation does not come easy.

    As far as people here getting excited to try out new things; you realize that this is a forum for security software enthusiasts, right? That's basically what this forum is all about. Maybe your perspective and interests aren't the same, but I think that deriding people for installing and exploring software that interests them is uncalled for. Challenge the philosophy, talk about your own strategy, discuss the relative effectiveness, but don't put people down for using their computers in the way they enjoy when it doesn't hurt anyone. Anyone with any amount of disposable income and/or leisure time is going to spend time and/or money on things that all but a relative few will consider frivolous (except maybe charity work, but even then you'll have detractors, just maybe millions instead of hundreds of millions or billions).
     
  2. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    :thumb: :thumb: :thumb:

    It's also silly to pick out pure signature detection when current products offer much more than that. As an example, I just recently found out that BitDefender prevents you from seeing the Firefox window over a remote connection, and that's not to mention behavioral detection/prevention, web filtering, and so much more that we aren't privy to. Webroot SecurityAnywhere is another good example. But even the signature detection mechanisms have changed considerably over the last 10 years.

    It's a cat and mouse game that will never end; just like any other kind of crime.
     
  3. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    As long as they don't negatively affect the threat landscape, there's nothing to fret about. If they're successful and innovative, great, we got another viable choice. If they fail, no one, but themselves, really cares.
     
  4. atomomega

    atomomega Registered Member

    Joined:
    Jul 27, 2010
    Posts:
    1,292
    I'm recruiting programmers to release my antivirus company too. lol
    With computers being sold so cheap in emerging markets, any of us can make the big buck in 1-2 years. Who's in?
    ;)
     
  5. Kyle1420

    Kyle1420 Registered Member

    Joined:
    May 27, 2008
    Posts:
    490
    sandboxie
     
  6. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    From a technical angle, it is a fact that the antivirus industry has failed.
    By design pattern file detection is an indecidable problem demostrated in a mathematical way years and years ago (i not link again the various sources as they do not have a lot of echo on a board where Software as Security is a kind of religion).
    But on the other hand, the security industry has no better way to protect average users: as advanced/experts users represent only a small part that can use an HIPS or alternative OS like Linux, then AV appears as the easisest solution devoted to recognize and block known threats.
    As ineffective as they are, there is a market for theses products.
    That is why antivirus is a dynamic market, from legal to fake AV!
    And no new AV will solve the problem, as malware/exploit/threat pattern detection is an equation witout solution.
    As new avs, there is Nano av, FSB av ( https://www.wilderssecurity.com/showthread.php?t=295009 ) and many others...
    An open source av? join the Davfi project http://www.davfi.fr/

    Want to build your own av like atomomega http://zillyaoem.com/index.html

    Like the first post, i guess that this question should be taken with a minimum of humour http://securityerrata.org/errata/

    My Antivirus, VB100 certified, Advanced +++++++++++ at AV Comparatives, used by the N S A and the F S B, detect HPA and PCI card rootkit before they install! https://www.wilderssecurity.com/attachment.php?attachmentid=225305&stc=1&d=1298338621

    rgds
     
  7. AVusah

    AVusah Registered Member

    Joined:
    Dec 24, 2012
    Posts:
    274
    The antivirus industry has not "failed."
    Just because most antiviruses aren't capable of detecting all new threats the minute they are created doesn't mean they're not a decent security layer. Something is better than nothing.
     
  8. marc57

    marc57 Registered Member

    Joined:
    Aug 15, 2006
    Posts:
    83
    Location:
    St Marys,WV. U.S.A.
    I haven't changed, I've been with MSE since it's first beta.
     
  9. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    I didn't say any HIPS or BB on the market is good enough. I don't think there's any satisfactory piece of security software out there that's as ambitious as antivirus.

    People call security a "cat and mouse" game, but that's only because we've let it become that way. There are very few proactive features in AV, mostly different types of heuristics. It stops being cat and mouse when you take real proactive steps - and then it's finally just a matter of patching. Eventually, a long long ways away, we'll have actual secure systems, not written in C/C++, and with application based security models. Until then we're relying on incredibly backwards methods of protection.
     
  10. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    Hello,

    I think that is one of the most important point, that should be written more often. Very well said Notok :)

    Usually it's easy to reach X% security, let's say 80-90%. Then, for each more %, it costs a lot more money and time to increase a bit of security. A corporation with a lot of money will eventually reach 99% (if it's possible...).

    However, no one can reach 100%. It may requires a targeted attack with many 0-days exploits, but at the end nothing is unbreakable. Antivirus are no exception to the rule. They cannot provide 100% protection, but they don't "fail" because of that.

    They are just part of the security process.

    Regards,
    Guillaume.
     
  11. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    Hello,

    May be whitelisting is a solution ?

    Regards,
    Guillaume.
     
  12. jna99

    jna99 Registered Member

    Joined:
    Apr 18, 2012
    Posts:
    94
    Location:
    127.0.0.1, Netherlands
    I'm going to be very honest here, so please take this as a very personal opinion or view.

    I'm very interested in computer security and if you take a step back, malware shows what programs are potentially capable of. I mean, I hate malware, but the knowledge gained from observing what malware could cause or do is immense.
    It is sad that 100% protection or security isn't available, but so it is with everything else in life.
    Cars are supposedly safe but you could get car trouble or even a accident. I mean nothing is 100% sure or guaranteed.
    you could get seriously ill, you could lose your job, you could get into financial trouble, etcetera.....
    A burglar or other criminal decides that your home is a better place to shop than the mall.......

    It is so double faced.. theres two sides of a story to everything.
    We can be never really really sure of anything in life if you think about it.
    Statistics and experience with troubles in the past prepares us better in the future. maybe so it is also with AV signatures.

    TL:DR knowledge gained from observing what malware could cause or do is immense. And perhaps it is better that alot of people decide to get into this business.. even when the prime objective is making money, they still need to make their product work as good as possible to keep making money and keep customers. Better too many companies doing what they can than just a few or even one.

    Sorry for the wall of text. But the race can't be won by neither side (good or bad) I think, but I can't be sure of that as well.
     
  13. DVD+R

    DVD+R Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    1,979
    Location:
    The Antipodes

    Want a Beto_O :cautious: It's 100% sure and guaranteed that I will NEVER! give you any Money :shifty:
     
  14. ght1

    ght1 Guest

    I second that, I wouldn't use or recommend a dubious AV software. :doubt:
     
  15. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    862
    I can't remember the last time I actually needed an antivirus to prevent an infection.

    For that matter, I've never had a challenge to my sandboxie protected applications either.

    A smart user with minimal browser plugins, behind a simple modem/router, can go for years without ever having an infection event.
     
  16. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    The Marketing of the Antivirus industry has claimed so many miracles since 30 years,
    A product that does not do what it claims can be considered as failed,
    As the history of Insecurity has shown serial av ineffectiveness,
    Then AV industry has failed.

    Sorry for this sophism, but it represents what most independent minds think, and this from average user who has experiemented malware infection to Mikko Hypponen http://www.wired.com/threatlevel/2012/06/internet-security-fail/

    "Security is a process", this is well known.
    As we can not control each part of this process, therefore we can not eliminate all potential Insecurity riks.
    The Firewallleaktester has mentioned whitelisting as a possible solution.
    But...in most cases, what is not whitelisted is often automatically blacklisted...and this is here a cheaper solution by design for campanies as there is no need to employ an army of virus analysts.
    Mix solution is offered by Lumension wich integrates an AV to provide more accurate black/whitelist filtring http://www.lumension.com/Solutions/Intelligent-Whitelisting.aspx
    Not the panacea too...of course, as for instance many APT based intrusions are commited via doc files exploits.
    In this case, every opened doc file on the gateway should be opened on a sandbox area...which is impossible in pratise for the sysadmin.
    At last ressort, this guy would guive more admin and network rights to the busty secretary...and the potetential security breach is done (more than machines, the human factor is often the weak part of the process).
    For more about the av industry http://www.softpanorama.info/Malwar...iew/brief_history_of_antivirus_industry.shtml

    And to guive more accurate answers to the original toppic (too many new arrivals), i list here a few ones, that with no doubt will have a real hit career "Anyone tried X antivirus" on this board:)
    On western world, outside a short list of 10 or 15 well established AV campanies, choosing an exotic one is a very risky value for money investissment...
    Twister http://www.filseclab.com/en-us/products/twister.htm
    Smart Cop http://www.s-cop.com/scopnew/SmartCOPDesktopEdition.htm
    Thyrtyseven4 http://www.thirtyseven4.com/products.html
    Neo Security http://www.neotechnology.com.mx/en/
    Zoner av http://www.zonerantivirus.com/
    Max Secure (coming soon Max anti-social engineering and Max anti-Bimbos) http://www.maxpcsecure.com/maxsecureantivirusplus.htm
    The "veterans" Abacre http://www.abacre.com/antivirus/ and Invircible the behavioural based AV http://www.invircible.com/
    And many more...

    So in a business way, we can not stop someone to launch its start up, to promise miracles against internet threats, to sell ineffective and placebo solutions and to have the cash flow back...
    For the rest, no one has the solution...Justin Bieber excepted of course.

    Rgds
     
  17. Wroll

    Wroll Registered Member

    Joined:
    Nov 29, 2011
    Posts:
    549
    Location:
    Italy
    As long they don't force me to use their products I can't see the problem. 1000 manufacturers are better any day than a single one.
     
  18. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,201
    What if ... there were no AVs.

    Then the default OS and computer configuration would have to be a lot more secure.

    No AVs= no MS Windows ?

    I think the world was doing fine till Microsoft came along.

    CP/M etc.

    One problem causes the other, a series of neverending problems.

    No AVs= no fake AVs, no system destroying AVs/corrupted/bogged down systems, no or fewer registry 'fixers'.

    Without MS no neverending cycle of ever larger and spying-on users OS's, no need to buy newer computers to run the latest OS, no need to update everything every month, no OS that phones home, more diversity in the software landscape.


    Back to reality ...

    New AVs create competition, some are good, some very bad, old brand names disappear/are bought and taken off the market.
    Not much to be happy about, but it would be much worse if there was a legal monopoly for the existing vendors !

    I pretty much agree with kareldjag.
    Do AVs cause more problems with their promises than they do good ?
    There was a time when I was getting infected frequently while running an AV and one or several antispyware apps. These days, with or without AV, never.
     
  19. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I think AV marketing has been more conservative than a lot of other products. Truth is that I've never actually seen an ad claiming 100% security, but if something has failed because it didn't live up to marketing claims then literally every product that's ever been marketed has failed.
     
  20. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    While I see the total reliance on the internet for the modern world to spin as a huge, huge problem that will one day bite us very hard, it's the internet and not MS that made the computing landscape the dangerous place it is today. MS is nothing more than a software developer at the end of the day. They didn't create the Internet, they didn't build it to be one giant block of Swiss cheese in as far as security. I can spy on you just as easily with Linux and Mac as I can Windows, there's no issue whatsoever there unless you're one of the few left who still believe either OS is more secure than Windows even out of the box.

    MS did nothing to cause Anonymous to wreak havoc, to cause that Russian guy in a WiFi cafe in Moscow to grab your banking credentials or to cause the Chinese to infiltrate every system they can think of in the U.S. Without the Internet, none of that would have been possible without physical access to machines or letting malware hitch a ride on a USB stick Stuxnet-style. Yes, Windows has holes and bugs, but so does every piece of software you've ever used and do use now and will use in the future. No security measure is going to stop humans from being humans.
     
  21. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    The more the merrier besides not everyone will make it to the top and some will fizzle out.How boring would it be with just a few arrivals.knock them selfs out who cares.
     
    Last edited: Mar 4, 2013
  22. rodocop

    rodocop Registered Member

    Joined:
    May 1, 2010
    Posts:
    74
    The good thing is that hackers, Internet and weak AV-industry all together lead MS to be better, stronger and more secure nowadays comparing with XP-time (I don't touch 9x-epoche as that outdated branch today paradoxically became more safe than XP and maybe than newer OSes as most of the modern malware cannot be efficienly run there ;-)
     
  23. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England
    There is always a way past.

    To the people not running an AV. You say you have not been infected. I take it you ran on online AV scan or temporarily installed one to check? If so, then you run an AV. Maybe not real-time, but on-demand. Even if you only check once a year, it's still an on-demand AV scan.

    I'm not knocking you for not running one. Just that there is a misconception that not running an AV is seen as not running one in real-time. Anyone who partakes in using an AV to 'check' is just kidding themselves they can do without.

    Paul
     
  24. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    It really is silly in this day and age that people have pc's and no AV installed. Even with a great program like Sandboxie installed. There are a few really good ones that are free and have amazing protection. Bitdefender, Avast to name a few. As someone stated above, some of these AV have more than just a realtime scanner of files. There are URL filtering, some sort of hips/bb etc. etc. But to get back on topic, there are a lot of new arrivals in this sector and many have not been tested enough.

    Ice
     
  25. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,201
    When I say I have a computer setup without an AV, I mean no AV whatsoever. No on-demand.
    Except perhaps, on rare occasions, a second opinion through Virustotal or Jotti.

    Without getting into semantics: you can run an AV and believe you don't get infected because the AV says you're clean, and you can run an AV and believe it actually protects you when it detects false positives or malware that wouldn't actually harm you because your system isn't vulnerable to the malware in question anyway.
    So how do you know if the AV protects you ?

    Generally, malware actually *does* something.

    If you use 'common sense' and a secure setup, chances are that your system will remain clean.

    Running an AV tends to give a false sense of security.

    On occasion, I have run a 'security suite' but I never rely on that.

    As for the notion that XP is less secure, that's not necessarily true. A number of variables are involved.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.