Antivirus loss the War more and more...

Discussion in 'other anti-virus software' started by testsoso, Aug 6, 2009.

Thread Status:
Not open for further replies.
  1. testsoso

    testsoso Registered Member

    Joined:
    Feb 10, 2007
    Posts:
    137
    Last edited by a moderator: Aug 6, 2009
  2. testsoso

    testsoso Registered Member

    Joined:
    Feb 10, 2007
    Posts:
    137
    i hope the Avira's detection become strong again, against those chinese virus samples...
     
  3. tsec

    tsec Registered Member

    Joined:
    Nov 18, 2008
    Posts:
    181
    Interesting and succinct.

    (Had a chuckle at the UN 419 :) )
     
  4. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    817
    What has this got to do with Avira in particular? - as far as I see, its about the AV industry as a whole - correction, "major AV engines" only and there is no specific naming of any AVs.


    On the whole, IMO, this is why either, users need additional security features or AVs have the need to integrate additional security features in their products in order to protect users to stay on top of the game (protecting users, not only detecting) - HIPS; sandboxes etc.

    The onus is not only on AVs though, users need to learn to use these additional features effectively, as "automated" protection is usually less effective than "interactive" protection, and if an AV tries to make "automated" protection too tight - it may make it more effective against malware, but runs the risks of interfering with other software's installation, uninstallation and usability.

    IMO, forget Spam emails as a portal of infection/fraud (unless its phishing), they're mainly a nusence. People should know not to click on these (which also encourages spammers to spam).

    Also, IMO, infected/hacked/phishing websites, social engineering and vulnerabilities are the main area of concern with the emergence of future threats as they are deceiving and not blatantly malicious.
     
  5. OnSeeker

    OnSeeker Registered Member

    Joined:
    Jul 27, 2009
    Posts:
    12
    I think that this discussion is relative to the antivirus you're using! I'm using for example BitDefender and it suits me well! I don't have problems with anything!

    Since I've installed it I think I won the war against malware :)

    I recommend it for those of you who are dissapointed by your security solutions!
     
  6. tipstir

    tipstir Registered Member

    Joined:
    Jun 9, 2008
    Posts:
    830
    Location:
    SFL, USA
  7. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,755
    Location:
    Texas
    The link was modified. If you enter the link in your browser by hand, the link works.
     
  8. tipstir

    tipstir Registered Member

    Joined:
    Jun 9, 2008
    Posts:
    830
    Location:
    SFL, USA
    Thanks..
     
  9. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    701
    While the paper isn't entirely wrong, one should consider that the authoring company has an agenda... to sell it's own, of course "far superior" (tm) solution...
     
  10. dschrader

    dschrader AV Expert

    Joined:
    Mar 10, 2009
    Posts:
    54
    The sky isn't falling

    I would like to see more specifics from the source - and they do have an ax to grind. They are trying to show their detection is better then other vendors. How did they test virus scanning? What was the methodology? What versions of products on what platforms?

    We haven't seen dramatic outbreaks of virus varients that we aren't detecting.
     
  11. bollity

    bollity Registered Member

    Joined:
    May 9, 2009
    Posts:
    179
    sometimes i wish that those virus makers being judged and executed. they try to hurt people with no reason just make fun for their sick minds.
     
  12. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    701
    But they have a very good reason! They make money, loads of money. The guy responsible for FakeXPA got caught, he made 50m $ or so. He got fined for 116k $ or something like this - and no jail time!
    Being criminal is really paying off these days. You just need to be a BIG criminal. If you are just downloading MP3s, you are OF COURSE such an evil criminal that you need to be punished to the absolute maximum... o_O

    The name and adress of the W32/Virut virus author is known for about 2 years, he is constantly registering his new updating domains with his original name I think. Police does nothing. My understanding is that the police is not really interested in information - because the damage done to people by malware is too "low".


     
  13. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    That relative pocket-change fine to that guy sums up what a low personal risk for huge financial gain is involved with the malware 'business'.

    Not long ago I read in the local paper of a robber that held up a building society with a banana wrapped in a brown paper bag,he got away with something like £3000 and when caught received a 3 year sentence!

    No wonder the smart criminals have turned to cyber crime,even if the authorities can be bothered to get them into a court of law the sentence will mean just the loss of a week's wages. o_O
     
  14. cqpreson

    cqpreson Registered Member

    Joined:
    May 18, 2009
    Posts:
    348
    Location:
    China
    I am very sad to see that.It represents our computer and network will be in danger at any time.
     
  15. Defcon

    Defcon Registered Member

    Joined:
    Jul 5, 2006
    Posts:
    332
    So what's new? As they say there is no foolproof lock, and there is no completely secure solution. The stakes are high and some very smart people are involved in making both the viruses and the detection.

    The really dangerous malware is probably deplyoed on select networks where it can do the most damage, their authors and botnet operators don't want it out in the open so it doesn't trigger the security companies.
     
  16. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    They said AV's will fail long ago, but they're still holding strong. They've said this many times but AV's are still around. It's just that they have evolved further from those basic thingies we had in the past.
     
  17. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    Couldn't agree more - great insight. ;)
     
  18. cqpreson

    cqpreson Registered Member

    Joined:
    May 18, 2009
    Posts:
    348
    Location:
    China
    :thumb:,I totally agree with you.AV can't win.AV is only able to follow behind viruses.AV can't know viruses founder's thinking.
     
  19. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    A note... that's why "the cloud" was created in the first place. Analyzing behavior and using "reverse detection" by looking at how many people have the file, makes those "undetected" pieces of malware get detected instead.
     
  20. cqpreson

    cqpreson Registered Member

    Joined:
    May 18, 2009
    Posts:
    348
    Location:
    China
    "The Cloud" is very good indeed.But it depends on a large number of users.And analysing viruses need time.That means it costs a long time from a virus being found to a virus being add into AV's virus database.So Antivirus can't win this war.

    BTW:Maybe HIPS with a good ruleset can defend some simple viruses:) .
     
  21. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    Taking it short... sandboxing is the ultimate defense there is, yes, but I don't understand the scores for Norton 2010 at least when tested by PCMag, since the software needs things that are run/downloaded/whatever to be analyzed or deemed safe through enough data to be allowed to run on a PC, which means that (new) malware "shouldn't" be to pass through - I honestly dunno why it does. :doubt:

    I don't wanna write a long post here, so Joe will have to reflect on why Prevx didn't receive a full score in PCMag's testing - he also has the insight that I will never have after all. ;)
     
  22. pbw3

    pbw3 Registered Member

    Joined:
    Nov 12, 2007
    Posts:
    113
    Location:
    UK
    Tend to agree with the majority posting on here that do not appear to "rely" on their AV..

    Essentially, software is either downloaded intentionally (you want it) or unintentionally (trying to get onto the machine unnoticed), although I accept that social engineering tricks etc can blur that black and white perspective:

    1) If an intentional download - an AV can help (whether resident and / or on-demand, cloud, or online checker like Virus Total etc), and to which one can add and / or substitute common sense, download from trusted sites, google for reputation or problems, etc, etc.

    2) If an unintentional download - the AV "start with a blacklist" concept is always a more "reactive" process; and to which
    a) securing the front line troops (ie the browser, OS and other software that is going to be facing the attacker first head on); combined with
    b) one or more of the white list / sandbox / isolation / HIPS approaches etc - whatever your preferred flavours - to block or contain whatever a) misses;
    should in theory always be far more effective.

    I have been interested to see AV suppliers increasingly making the perfectly rational argument, essentially responding - to the usual posts from those who have been infected asking "why did the AV not stop it" etc - that no one should always be relying simply on their AV, but should be using the AV as part of a more structured approach.. and which is pretty much what most of you guys recommend to people who come on here looking for help..

    Also agree with those of you who suggest AV's will continue to morph into these other areas, particularly given the significant revenue streams they will want to protect.

    Peter
     
  23. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Ever thought it's just not possible doing the other way around? It's just not possible to deliver 100% detection and also provide 100% protection for anything that might come tommorow or after 7 days.
     
  24. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    Wrong!

    I ran with only an antivirus and Windows firewall for 2-years,never had any issues.
     
  25. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    Ofc - habits and common sense plays a BIG role. At least that's what comes to my mind when you're writing this. ;)
     
Loading...
Thread Status:
Not open for further replies.