Are virus writers really winning the battle?

I don't think so. I'm also more and more convinced that there is conveniently a lot of FUD (Fear, uncertainty and doubt) spread around as it is good for the AV industry. I like to look at numbers as they seldom lie, although they can be manipulated especially on the internet.

My job among other things is about analyzing presentations (no details for privacy reasons) of large numbers of people. I 've been doing it for the best part of 4 years, and during this period I have plugged literally hundreds of USB flash drives into my laptops. What I've noticed is in the last year I hardly spotted any malware, my AV (I had the excellent Nod32 and now the excellent+ Avira) used to find more than 60% of all flash drives infected, lately this percentage dropped to less than 10%.

As already mentioned, articles seem to depict doomsday scenarios, but from my perhaps limited, but real on the field experience, things are getting better, largely due IMO to a greater awareness from even the most distracted users, Windows OSs becoming more and more secure by default, secure browsers, and excellent free AVs which seem to protect systems to the same degree as the paid ones.

Even here at Wilders the tendency is to reduce the number of installed security applications, and most of the time the problems are caused by configuration mistakes or conflicts with other programs.

There were even threads about people asking 'how do I get infected?' which could not be answered properly! Is it just my feeling that things are improving or malware is really getting more effective?

 

I think the overreactions actually originate from those who really are new to malware/virus infestations because i too have noticed a marked drop in serious infections i've had to deal with and those who are hit, are newbies that know nothing or care nothing about basic security except to turn on their machines and go hog wild in facebook, P0rns, crack havens or serial list sites and get themselves chewed up by those laced sites.

Theres does seem to been a small resurgence of sorts back to the old file infector virus but the trend it seems for them is to alternate between rootkits and them and lace certain servers and especially crack apps with those malwares which is always been the case anyway.

The security vendors are really the ones who have put a chain on them for the most part and overall they have taken a page out of malware makers agenda and absolutely now have saturated the market with fantastic programs from virtual machines, antispywares, AV's with more sensitive detectors built in, sandboxes, combo suites w/super firewalls, and let's not forget HIPS & Behavioral Blockers that fill in some gaps too.

They have been bombarded in the past two years exclusively with new security programs that have thrown them for a loop. And they still can't beat AE & Faronic's Deep Freeze from what i been reading at the Black Hat Forums lately.

I also seen many what used to be open access malware freely available sites quickly go underground in droves that it's even hard to eek out a stealth registration incognito as i used to do a lot of anymore to peek into their halloween coves i call them.

No, i think virus writers are waining and rootkit makers have hit about their last great creation per Windows NT systems while security vendors have really charged solidly ahead and grown massively more intense & intent to shield their programs from nearly any code they can try to throw at their security applications in an attempt to break them down.

And whats left is more folks are getting wiser after getting pummeled and doubling up their own efforts by heaping on the security apps themselves after taking it on the chin once too often. LoL

 

The main problem is education of users. Do we jump on to highway without driver license? And i think no one should enter internet highway without taking some course on internet security. If all users were well educated, i can say for sure that it would kill massive part of malware spreading and none of the social engineering tricks would work. The other small gap between user and threats would be filled by antiviruses. But now it's vice versa. They rely only on AV's and dopn't care about knowledge at all.

 

The social engineering stuff is getting smarter and so is some of the techy stuff.

Prob less viruses around in general , as loads more AV's around , and serious viruses are trying to stay hidden and get money rather than wreck machines.

But virtualization is a very strong tool against infection and its going mainstream , with KAV for example will be including it for browsers in KIS 2010.

AE v2 is also very strong , v interesting that it still can't be beaten !!!

 

I think the sercurity centre was a great addition to windows because many newbies Just havn't got a clue about computers and I know some people just like this personally. At least now with the sercurity centre nagging users, means most people running Windows, at least have some form of Basic Virus protection on their PC....which is better than nothing.

Like or Loathe Microsoft Vista, Sercurity has improved. A combination of IE Protected Mode, Windows Defender and User Account control means Vista is better than XP. Additionally on the 64Bit version, Kernel Patchguard and the requirement that all drivers are digitally signed, could well mean that Rootkits are a thing of the past? probably not...but time will tell.

Malware will continue to evolve and as will sercurity software to combat them.
As someone rightly stated above, Education on the subject is very important and could stop many infections.