They can't be safe

BS. safe surfer doesn't mean you need to limit your internet experience.

Despite what people seem think it isn't so easy to get nailed with a driveby download even in the dark side of the internet if you have reasonable browser settings and you have a brain.

I know of many people how do not limit themselves in anyway and do what they want (short of doing totally dumb things like opening attachments that are obviously worms), with no security *software* at all or maybe one AV, and they have no problems. At least as far as I can tell from various scans (AV, anti-rootkit, forsenic system tools etc). Could they still be infected with some super stealthy rootkit that evades all that? sure. but the same goes for the guy who runs half a dozen HIPS!!!

Conversely what the heck do you mean by you don't limit your internet experience?

Does that mean if you are running behind an army of security software you go around downloading and running email attachments that are obviously worms or that you go downloading cracks and run them just for fun and trust your security software to stop it?

Why the heck would you want to do that? And I think if you do that it's just a matter of time you are going to get nailed.

Short of some sandbox (which by definition is limiting your experience because certain actions are denied), and some rollback software (which is a completely different thing with other problems), you are just asking for trouble.

 

people usually advise on avoiding shady sites (cracks, porn?, etc), and perhaps p2p too.

now what if u want to wanted to do such activities? there certainly must be a way to stay secure.

 

That makes sense. They could use a sandbox while doing the "shady" site stuff maybe.

 

It did not occur to me that 'SafeSurfer' could be taken different ways. What i meant was someone who is security concious and has security in place but sticks to certain websites only such as this one out of fear of infection.

The average user isn't up to date on security issues like most of the members here and all you have to do is check out the various security forums that accept 'HJT' and see all the 'SmitFraud', 'Vundo' and 'Messenger Infections' to see that it is happening.

There is not a web page i won't go to, a link i won't click on, if it interests me.

I run cloaked in Bufferzone because using the old setup of AVG free, Spybot and Ad Aware wouldn't get the job done. For the user that only checks in with their bank site and checks some online news, (another definition of safesurfer), the old setup would be sufficient.

 

That's how the net really SHOULD be for everyone. I'm too paranoid to be that way unfortunately.

 

So who's the paranoid? As you see, it's a matter of opinion and perpective.
I too want to see something if it's interesting. Not thinking on the possibility of a Hacker being on the other side lol. I just try to not visit those that are clearly suspicious. As for the rest, how can i tell?

 

We recieve several a day from our customers and Blueyonder (my ISP gets several hundred.

Trev

 

I do not doubt that is true. All I say is I do not personally know anyone who has, and some have used just AVG for years, some probably 10 yrs with not a single infection or problem. I am talking about 20 -25 or so that I know and see often enough to know if they got infected.

I might add they, and I also, go to any site they desire. We just do not desire to go to risky sites, not because they are risky, but because of content.

PS. Are they all running AVG free?

Best,
Jerry

 

Well if you are so afraid, it doesn't matter if you run half a dozen HIPS, you still won't visit any but the big sites.

The fact that many people get infected by these malware doesn't quite prove that AVG and the rest are not sufficient. Do you know if they even use AV? Are their AV updated regularly? And most importantly, are they total idiots who click yes to everything and install everything , if they are, I doubt if any security setup will survive for long.

I think you overestimate the 'average user' here. My Dad, My sis, aren't up on the latest cool HIPS, nor do they use such tools, nor do they hang at forums like here, and as far as I know they don't restrict themselves in any ways, and yet they have no problems. My sis runs only AVG and ZA .

And no they aren't security guru's either lol...

Ditto. People who are afraid to do so are just overly cautious. And people who think they need BZ to allow them to visit such sites are just paranoid.

BZ just gives you some peace of mind, I bet, if you run without it, you would be fine. I have done so . If you are afraid, why it on a virtual machine.

I personally find sandboxes quite limiting, some programs I want to install can't work in them.

So using a sandbox like BZ is 'limiting my experience' .

 

Doing such activities? Such activities are generally not as dangerous as many make it out to be.

What is dangerous though is actually executing the files you got.

 

Yeah, but this type of discussion is deceptive because everybody has a different view of what "being restrictive" means, like you say they don't restrict themselves, and most probably they don't, but surely a lot of the danger lies in sites where a lot of people would not go anyway. For example even though your dad and sister do not restrict themselves, they probably don't trawl porn sites. I think when most people are talking of restricting themselves they are probably talking about sites where dad's and sisters naturallly would not go. The question would be more a case of identifying a) what sites are high risk. and b) do these people regularly trawl them. rather than trying to decide if someone is restricting themselves or not. Most people regardless of where they go will not see themselves as restricting themselves. If that makes sense.

 

Yes, i agree with this. Many users can be considered 'Safesurfers' because of their 'Usage' not because they are 'Trying' to be safe. And this aspect is what or partly what i think 'JerryM' is pointing out. Correct me if i'm wrong Jerry. And in case any of your AVG friends haven't upgraded to IE7 yet, but might do so, inform them not to do so this way -
http://www.broadbandreports.com/forum/remark,17261846

 

F.Y.I.

Just downloaded this 'Nasty'- if my memory serves me correct, it contains a 'Rootkit' and scanned it through both VirusTotal & Jotti's and detection remains 'Status Quo'.

 

Correct.
Somehow I thought that the AV indicated an available upgrade automatically. However, it is a good point, and I'll check that out.
A fake one that was a trojan would be bad news. Some might get caught in that.

Best,
Jerry

 

Update

Just uploaded this Malware again a few minutes ago and more AV's have added detection including AVG & BitDefender.

Most troubling though is that Microsoft and NOD32 have not.

 

nice to know about avg, but if ewido found it before... thats all good for avg suite anyway, as it uses both avg and ewido signatures

 

Ewido wasn't detecting it yesterday either.

 

well one of them will always pick it up ... worrying about nod32 though, thought they were excellent at new threats.