Register    Login    Search    Articles & downloads     Who We Are    Donate    Jaylach Free Sites

Board index » Technical Forums » Security




Post new topic Reply to topic  [ 5 posts ] 
Author Message
 Post Posted: Thu May 08, 2014 2:02 pm 
Offline
welcoming committee
User avatar

Joined: Wed Apr 11, 2012 6:45 am
Posts: 1073
Some of you may not trust CR. Ok, I can understand that because they print their magazine for the masses, not for the more knowledgeable, which I do NOT quality for, trust me. Received the latest issue just today, the June issue.

First of all this is almost laughable to me because the only thing they rate are anti-Viruses and Security Suites. These programs are soooooo far behind Sandboxing/VirtualMachines and HIPS/Anti-Executable programs. BUT, I must remember that CR is written for the masses and that means the folks that believe anti-Viruses or security suites is all that you need. Don't get me wrong, I still STRONGLY believe in those programs and since most folks only use them, here are CR's opinions, page 46, Security Software.

Well, I will combine the free and paid-for programs together for simplicity; CR made this simple by giving each program an overall grade. Best program overall, paid or free (Peter will like this) ESET otherwise known as NOD. This is a paid-for program. The absolute worst (Acadia puts on his helmet and flack jacket in THIS particular forum) ... Microsoft Security Essentials which finished in dead last and not by just a smidgen.

Other notes: of the free programs, Avast did best with Avira not far behind, but not as good as the paid-for ESET/Nod. Other programs that did quite well, all of them pay-for, G Data, F-Secure, Kaspersky, Bitdefender.

Final note that will make many happy here, including me, both Norton and McAfee did um, it is a four letter work that starts with "s" and ends with "k". All of the free programs beat those two except for err, ahh ... time to put back on my protective gear. :help3:

Acadia

_________________
The blazing evidence of immortality is our dissatisfaction with any other solution. -- Emerson


Top 
 Profile  
Reply with quote  
 Post Posted: Fri May 09, 2014 9:08 am 
Offline
welcoming committee
User avatar

Joined: Thu Mar 22, 2012 1:35 am
Posts: 715
A determined burglar is highly likely to break through any security measures. It's always easier to break in than to protect. Having said that I still put locks on my door. My point being that I've quit looking at which security programs are the best because even a simple lock will stop the casual burglar but a really sophisticated system won't help if it's so complex that user has a hard time just turning it on.

I'm not sure what the answer is to all this since the criminal class isn't going away any time soon. So users do need to pay attention and use whatever system they feel comfortable configuring. A lock is useless unless one knows how to lock it regardless of how strong it is.

To me the best security measure is a backup. If you can return to a clean state quickly and easily it really doesn't matter how strong those locks are. Although I'm not advocating it, I think an attentive computer user could forgo security products as long has a robust backup protocol were present. In that case, all this rating done by the magazines to sell more issues could go away and they could spend their time on more useful things, but...

_________________
Best regards,
Manny Carvalho
MS-MVP since 2002


Top 
 Profile  
Reply with quote  
 Post Posted: Fri May 09, 2014 9:37 am 
Offline
Fearless Leader
User avatar

Joined: Wed Mar 21, 2012 5:42 am
Posts: 2819
Here is an article by Brian Krebs which gives an entirely different perspective. I've copied it here, but his links don't copy. So you can also view his article here:
http://krebsonsecurity.com/2014/05/anti ... antivirus/

07 May 14
Antivirus is Dead: Long Live Antivirus!

An article in The Wall Street Journal this week quoted executives from antivirus pioneer Symantec uttering words that would have been industry heresy a few years ago, declaring antivirus software “dead” and stating that the company is focusing on developing technologies that attack online threats from a different angle.

This hardly comes as news for anyone in the security industry who’s been paying attention over the past few years, but I’m writing about it because this is a great example of how the cybercrime underground responds to — and in some cases surpasses — innovations put in place by the good guys.

About 15 years ago, when the antivirus industry was quite young, there were far fewer competitors in the anti-malware space. Most antivirus firms at the time had a couple of guys in the lab whose job it was to dissect, poke and prod at the new crimeware specimens. After that, they’d typically write reports about the new threats, and then ship “detection signatures” that would ostensibly protect customers that hadn’t already been compromised by the new nasties.

This seemed to work for while, until the smart guys in the industry started noticing that the volume of malicious software being released on the Internet each year was growing at fairly steady clip. Many of the industry’s leaders decided that if they didn’t invest heavily in technologies and approaches that could help automate the detection and classification of new malware threats, that they were going to lose this digital arms race.

So that’s exactly what these firms did: They went on a buying spree and purchased companies and technologies left and right, all in a bid to build this quasi-artificial intelligence they called “heuristic detection.” And for a while after that, the threat from the daily glut of malware seemed to be coming under control.

But the bad guys didn’t exactly take this innovation laying down; rather, they responded with their own innovations. What they came up with is known as the “crypting” service, a service that has spawned an entire industry that I would argue is one of the most bustling and lucrative in the cybercrime underground today.

Put simply, a crypting service takes a bad guy’s piece of malware and scans it against all of the available antivirus tools on the market today — to see how many of them detect the code as malicious. The service then runs some custom encryption routines to obfuscate the malware so that it hardly resembles the piece of code that was detected as bad by most of the tools out there. And it repeats this scanning and crypting process in an iterative fashion until the malware is found to be completely undetectable by all of the antivirus tools on the market.

Incidentally, the bad guys call this state “fully un-detectable,” or “FUD” for short, an acronym that I’ve always found ironic and amusing given the rampant FUD (more commonly known in the security industry as “fear, uncertainty and doubt”) churned out by so many security firms about the sophistication of the threats today.

In some of the most sophisticated operations, this crypting process happens an entirely automated fashion (the Styx-Crypt exploit kit is a great example of this): The bad guy has a malware distribution server or servers, and he signs up with a crypting service. The crypting service has an automated bot that at some interval determined by the customer grabs the code from the customer’s malware distribution server and then does its thing on it. After the malware is declared FUD by the crypting service, the bot deposits the fully crypted malware back on the bad guy’s distribution server, and then sends an instant message to the customer stating that the malware is ready for prime time.

Crypting services are the primary reason that if you or someone within your organization is unfortunate enough to have opened a malware-laced attachment in an email in the first 12-24 hours after the bad guys blast it out in a spam run, there is an excellent chance that whatever antivirus tool you or your company relies upon will not detect this specimen as malicious.

In short, as I’ve noted time and again, if you are counting on your antivirus to save you or your co-workers from the latest threats, you may be in for a rude awakening down the road.

Does this mean antivirus software is completely useless? Not at all. Very often, your antivirus product will detect a new variant as something akin to a threat it has seen in the past. Perhaps the bad guys targeting you or your organization in this case didn’t use a crypting service, or maybe that service wasn’t any good to begin with.

In either case, antivirus remains a useful — if somewhat antiquated and ineffective – approach to security. Security is all about layers, and not depending on any one technology or approach to detect or save you from the latest threats. The most important layer in that security defense? You! Most threats succeed because they take advantage of human weaknesses (laziness, apathy, ignorance, etc.), and less because of their sophistication. So, take a few minutes to browse Krebs’s 3 Rules for Online Safety, and my Tools for a Safer PC primer.

Oh, and check out the Wall Street Journal piece that prompted this rant, here.

_________________
Patty MacDuffie
Computer Haven Administrator

Live Long and Prosper
Mr. Spock


Top 
 Profile  
Reply with quote  
 Post Posted: Fri May 09, 2014 11:21 am 
Offline
Moderator
User avatar

Joined: Thu Apr 05, 2012 3:25 pm
Posts: 1916
Location: Pembrokeshire, South Wales, UK
As Manny said you can have lots of locks on your home but they're no good if you don't actually use them and lock up.

A lot of burglaries are done by opportunists who just want the easy option and if they have to fight too much to get in will give up.

Layers of security will be more useful rather than relying on just one program but also educating the operator, as has been said many times most trouble is between the chair and the computer.

Having places like this as well helps trying to steer people along the right lines into protecting their machines, just think what would happen if there weren't such places and no-one had anywhere to get help. :-(

_________________
Joan Archer
http://crossstitcher.webs.com
Image


Top 
 Profile  
Reply with quote  
 Post Posted: Fri May 09, 2014 12:52 pm 
Offline
welcoming committee
User avatar

Joined: Wed Apr 11, 2012 6:45 am
Posts: 1073
Manny Carvalho wrote:
...To me the best security measure is a backup...

Bingo!

MacDuffie wrote:
...Security is all about layers, and not depending on any one technology or approach to detect or save you from the latest threats....

Bingo again!

Acadia

_________________
The blazing evidence of immortality is our dissatisfaction with any other solution. -- Emerson


Top 
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
 
Post new topic Reply to topic  [ 5 posts ] 

Board index » Technical Forums » Security


Who is online

Registered users: No registered users

 
 

 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:

Similar topics


Jump to: