Yep. But that's not our responsibility. It's the webmasters' duty to keep their websites safe to visit.
Well, actually it is our responsibility and duty. That is at the very heart of what computer security is about. Taking responsibility for unsafe web sites. You don't agree?
I think of them as another layer makes my setup closer to perfect. I, sort of like yourself, trust some sources which I don't bother verifying myself using tools like VirusTotal. Real-time AV's help take care of that laziness or technical limitation (file size, Internet access, etc.) just in case something happens to them. Oh yeah, MVPS HOSTS is now available in HTTPSB as opt-in just to tell you.
You do realise that you get the exact the same download whether or not you use the secure download links?
It really doesn't matter who is responsible. The result is the same either way. Users need to understand that even the most reputable and trustworthy sites can be compromised. The traffic to and from that site can be subjected to MITM attacks. DNS exploits or attacks on routers/modems can divert you to fake sites. It all boils down to one simple fact, namely that there's no such thing as a site that can be completely trusted. It's up to the user to verify and evaluate what they download, and to take precautions in case the download doesn't turn out to be what they expected. I can't completely agree with that logic. I have a couple hundred megabytes of malware on a hard drive. My system hasn't been compromised by any of it. Malicious code that hasn't executed is harmless. AVs quarantine malware and deny access to it. Unless the AV auto-deletes it, it's still on your hard drive but isn't compromising you. Once the code executes, there are no guarantees. A sandbox will often contain it but that's not guaranteed. It might escape a VM or defeat a policy sandbox. If defenses are layered properly, it's unlikely to do all it was supposed to, even if it does break a layer or 2. I wouldn't automatically assume that my "ship" is sinking just because I allowed something undesirable to execute. That's where integrity checks and file system comparing from another OS can tell you what damage if any has been done. It's one thing to realize that no security package is perfect, but if you're not going to trust it to do its job, why have it at all?
I agree. In my opinion, if we get infected, its our fault. Because of the way that I use Sandboxie, installing the wrong program out of the sandbox is how I can get infected. The best protection that I have against running infected installers is that I rarely install new programs in my real system but when I do, I get the installer from the developer site and only install well known programs. I never install anything unknown or just because something sounds nice, cracks, keygens or anything illegally. And sometimes I run the installer at VT and/or Jotti. I know the above sounds simple but it works for me. Bo
Yeah, sure. Then I guess we also have to maintain FBI's database and manage the orbital paths of those satellites in the outer space, lol. We don't have administrative access to someone else's website, so how are we supposed to secure the website? How are we supposed to remove hidden malicious javascript commands so unaware visitors wouldn't get into troubles? We can't. It's the owners' duty to make their websites to be as secure as possible. Yep, thanks for mentioning. I already had them enabled, all of them. Yes. Is there a mistake to use the links provided by them instead of external links which will redirect you to other websites? Which is what I said. The subject was on the security of the websites themselves so they don't get hacked so easily. The clients' side protection is a different story. I think I didn't make myself clear. My bad. When there's a suspicious EXE in my temporary folder for example (and RAM, forgot to mention it), then it's been too late for prevention IMO. It's different from storing malware samples for my research. Yes, layers are good and I put those layers on different levels. But there's the limit where prevention is not going to work anymore. As I said, if I found a suspicious executable running in the memory, then that's it! Lower the lifeboats! Agree with this. If I want to install something I have to know what I'm installing.
You said "I only download software from Softpedia", and "The only problem is if Softpedia was being hacked". That's it, right there. It's a problem if you're downloading software from Softpedia and the site has been hacked. You can mention "orbital paths of those satellites in the outer space" all you want, but it's OBVIOUS that it is our responsibility to protect ourselves from that website, and we do that, each and everyone of us, with varying degrees of success, by hardening our own defenses. For you to continue to say it is the webmaster's duty to make his website safe is, well, I guess you're trying to win an argument or something, because it's not what we are discussing here. Why do you take ANY steps to secure your computers if you think it is up to someone else to make you safe?
@Page42 Let's just put it this way, a server's job is not a client's responsibility and vice versa. Is that better now?
It's your responsibility to make yourself immune to the server no matter what it is serving up, to the best of your ability.
Yes, and it's the webmasters' responsibility to make sure their accounts and servers are not being hacked. Back to the quest of the poll.
No, but I'm considering reassessing this when I upgrade to Win7. On XP I know how to harden the bejezus out of it. Although Win7 is considered more secure I'm not going to feel that way, at least initially until I learn the ropes. I won't know how to lock it down or even if it's possible to the degree it is on XP. So I may feel safer with a real time scanner. Now I just hit new files up with the product in my sig before moving from SBIE to physical drive. But the only new files introduced to my box these days really are updates, so the chances are remote. After updating I do full scans with Hitman Pro & MBAM Free just to make sure all was kosher. That and it'll take awhile to learn which programs place nicely on 7, and it may vary from XP. So in the meantime I'll probably at least run MSE/Defender until I settle in. And if it isn't a noticeable drain may as well just keep it in place.
GrafZ, I think the bottom line is that we shouldn't trust any site. I know I don't. Or saying it in another way, I treat every site the same. I don't care what site it is, I don't white list it in NoScript or run it outside the sandbox. I treat sites as I treat software. Don't trust any enough to drop my awareness about what I am doing at all times. I got used to moving around the internet and using computers this way, it was easy, it feels good and natural. Bo
I know that. But that was not my point. If we have a website, we should try our best to ensure the safety of our visitors. One way is to not blindly installing addons in our blogs. Sure, the visitors should ensure their own safety too, but it's not their job to maintain the websites and keep those websites from any disturbance. A few months ago Avira, AVG, and others' websites were being hacked by some activists. What can the visitors do to prevent those websites from being hacked? Nothing. The only thing they can do is to prevent their own computers from being hacked. You see, it's a teamwork from the server and the client. Each has its own role. Well it depends. I personally need to whitelist some websites because requests will load more requests, so I ended up in keep reloading pages while my time is very limited. But we both know that we have fallback plans, do we not? P.S.: Wouldn't it be the same anyway if we temporarily allow javascript to certain websites. If the site was indeed got hacked and spreading malware, and we are not aware of it, then both you (only use temporary rules) and me (whitelist the site) will have the same chance to get infected at level 1.
Example of how not using realtime AV nor on-demand AV on a downloaded file could have infected you when executed
Seriously? You think, that THEY do not use AV? I would say quite the opposite, how you can get easily infected, even if your run AV, in other words, if you rely on AV blindly. Virus does not execute itself and it does not download itself (there are like 5 of them, that actually do, so I do not even include that), even Cryptolocker is a bogus threat.
At the time of the incident with ComboFix, they scanned it once every 12 hours, if my memory is correct.
Scanning downloads with an AV should be standard procedure. That said, it's not necessary to have the AV(s) installed on your system.
No, living on the edge is having no antivirus, and no real-time protection of any kind Or perhaps it's stupidity
