I think im ready to go AV free, or am I?

Discussion in 'other anti-virus software' started by MrGump, Jan 14, 2012.

Thread Status:
Not open for further replies.
  1. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,788
    I thought the Prevx brand was being phased out by Webroot in favor of their new line.
    Maybe with all the posts I read I got it wrong, but I don't think so.
    I would think that they would not still be selling something they plan on killing in the near future.
     
  2. MrGump

    MrGump Registered Member

    Joined:
    Sep 5, 2009
    Posts:
    406
    gosh I have no idea. Will you ask the Prevx people? They have their own official support thread on this forum :)
     
  3. kefob

    kefob Registered Member

    Joined:
    Apr 24, 2012
    Posts:
    7
    Location:
    United States
    I don't get what the big deal of them paying for the testing is. It is a set fee, so no one vendor is paying more than another. So if they all pay, there is no bias, and AV-C can keep testing. The thing that I noticed though is that Symantec Norton seemed to pull out of the last VB100 tests too. They haven't received a grade on the past 5 tests it looks like.
     
  4. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,491
    I don't feel secure without an AV. :rolleyes: :D
     
  5. Narxis

    Narxis Registered Member

    Joined:
    Jun 10, 2009
    Posts:
    477
    You are secured if you update ur system and softwares and downloading only files that you trust. Windows 7 and Google Chrome is a good start to go AV free.;)
     
  6. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    MrGump,
    Let's approach this subject from a different direction. For all practical purposes, security apps are tools for enforcing security policies. They are only as good as the policy they're enforcing. While there are several variations and combinations of approaches, there are only a few core security policies:
    1. Default-Permit.
    2. Default-Deny.
    3. Containment.
    4. Reboot to restore.
    Default-Permit allows anything not identified as malicious or undesirable. This is the core policy of AVs, anti-malware apps, etc. It's strengths are convenience and needs minimal user interaction. It's weakness is that it's reactive in nature. Reasonably effective against known threats, weak against the unknown or new. They can be very heavy on a system, especially older ones. They need constant updating.

    Default-Deny is the opposite of Default-Permit. Anything not specifically allowed is blocked. Also known as whitelisting. Windows has built in tools that help with implementing. Classic HIPS are also ideal enforcement tools for default-deny and give much finer grained control on the operating systems they're compatible with. They're strong against both known and unknown malware and don't rely on constant updating. They're also much lighter than most AVs. Their disadvantages are that they are not convenient and require a lot of input and knowledge from the user, especially if you regularly install, remove, or change apps/configuration. This is worse with classic HIPS until the ruleset is finished. Building a classic HIPS ruleset requires quite a bit of knowledge from the user. It's best used on systems that change very little. Taken to the extreme, default-deny effectively becomes an "anti-change" policy where updating becomes an administrative task.

    Containment based policies confine changes make by applications, users, malware, etc to sandboxes or virtual environments and away from the real operating system. Containment software ranges from sandboxing software that confines the actions of specific applications to entire virtual operating systems or a complete virtual computer. Their demands on the system vary from fairly light application sandboxes like SandBoxie to quite heavy with full virtual systems like VirtualBox. Full virtualization requires strong hardware because it is containing and running 2 complete operating systems. As long as they're reasonably up to date, both are quite effective at keeping unwanted changes away from your real system. They're not as effective against keyloggers and such and won't prevent them from capturing any sensitive info that you enter in that virtual environment. This can be mitigated by using a freshly booted virtual system or starting with a clean sandbox. They do require more knowledge and input from the user than default-permit based solutions, mainly during the initial setup. Containment based policies are a good choice on systems that see a lot of changes, installs, updates, etc.

    Reboot to restore is literally what it says. After a reboot, your system is just as it was when you started. These are basically automated system restore options. In effect, they're similar to virtualization in that they don't save changes unless they're instructed to. Their main weakness comes when changes are saved. If an install or change compromises your system and you save it, the result is no better than a missed detection by an AV. In this regard, this option requires knowledgeable input from the user regarding when to save a change and when not to.

    These core policies can be combined in whole or part. Take a look at some of the pros and cons of the different core policies. Pick the one (or combo) that best matches your needs, usage and skill level. Once you do that, it becomes much easier to choose apps, settings, etc that best fit your needs.
     
  7. BrandiCandi

    BrandiCandi Guest

    That was a seriously comprehensive post, noone_particular!
     
  8. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Thanks. I get ambitious once in a while.

    The question "Do I need an AV?" has been coming up a lot lately. Too often it's asked in the wrong context. Doing without an AV is not a goal. It's not a milestone that you reach after a certain point. It's not an indication of the users knowledge or skill level. The real question should be:
    "What is the best security policy for me?" Once that question is answered, it becomes much easier to pick security and user apps, to make configuration decisions, etc. Done this way, the apps and system work together to enforce the same policy. Without a core policy to base decisions on, you end up with a pile of security apps with duplicated coverage, conflicting configurations, and gaping holes.
     
  9. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,974
    Location:
    Boston, MA
    Well put noone. I felt like this a while back. I was struggling as to why I couldn't run without an AV. I thought that I was weak or had the wrong setup. I would much rather have a cloud AV running than none at all. I tend to like convience over security. I would rather have one AV running than use multple on-demand scanners to make sure a file is clean.
     
  10. MrGump

    MrGump Registered Member

    Joined:
    Sep 5, 2009
    Posts:
    406
    thank you for all the great answers. And a special thank you to you, noone
     
  11. BrandiCandi

    BrandiCandi Guest

    +1000
     
  12. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,491
    It maybe psychological but i still feel the need for an AV! :D
     
  13. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,280
    Location:
    UK
    See post #14 onwards in the following thread for a discussion regarding the issue of continuing to sell Prevx 3 without making it clear to prospective purchasers on the Prevx website that it is end-of-life software that has been replaced by WSA (Prevx 4): WSA Rocks A 5.5 / 4.0 / 5.0 Av-Test
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.