|
You have a very naive view of security if you think you are safe using the above practices you just outlined. You just aren't for all the reasons I mentioned that you haven't actually rebutted. I'm not saying you *ARE* infected, I'm saying there is a statistically significant probability that you are and you have no way of knowing given your current practices.
Sorry, I meant svchost not rundll - "command line" usually won't tell you anything of importance for svc-hosted processes running, especially concealed viruses. Tracking svchost processes is notoriously difficult.
With regards to Javascipt not having admin rights - no, normally it doesn't, that's why they are called "0-day *VULNERABILITIES* - i.e. bugs in the browsers that grant JS full admin privileges without requiring UAC or anything else to intervene. Have you not heard of 0-day vulnerabilities? You actually browse the web with no Javascript enabled all the time? That's pretty excessive these days. Half the sites on the net don't work without Javascript anymore. You will be safer with a good free virus scanner than all your practices combined, and avoid all this hassle you are putting yourself through.
Even if you *can* manually check, which you actually can't with a cleverly programmed virus, but let's pretend there is a way to do it, like checking task manager command line - do you? No, you don't.
Please explain how you use WinPCap to regularly check if you are infected. I fail to see how this will help you in any way. You know that clever viruses hide themselves when commonly used detection and analysis tools are executed by the user, right?
|
|
|
|
|
Mike Marynowski wrote: Tracking svchost processes is notoriously difficult. If you look at the taskmanager without the startup command, and being able to identify it, yes. Not something from JavaScript.
Mike Marynowski wrote: You actually browser the web with no Javascript enabled all the time? No, I have a dummy for browsing and playing, and a dev machine that is not connected. Still, the dummy is reasonably protected. From a security perspective it is an interesting experiment to run anything Windows attached to the internet.
Mike Marynowski wrote: That's pretty excessive these days Is it?
With ads beyond my control being loaded into some addin running in userspace, from some unknown low-paying source?
I have two browsers on the dummy; one for CP and Gmail, one for 'other stuff' like banking, keeping up with news, MSDN, the like - it does not even allow for pictures to load that are hosted on another domain. It is too easy to generate a pixel from ASP.NET and to track someone. I did not consent to that pixel, I'm European. Parliament has still to decide on tracking-pixels, they just did cookies.
Mike Marynowski wrote: Have you not heard of 0-day vulnerabilities? Yes. Enjoy[^].
Mike Marynowski wrote: You know that clever viruses hide themselves when commonly used detection and
analysis tools are executed by the user, right? Yes, and that you cannot check on Windows whether a software keylogger has been installed. What, is your user an admin?
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Eddy Vluggen wrote: Especially large companies would come under fire if they lost all their data over an old and outdated virus.
Right, so they have to make sure that they have a good, up-to-date anti-virus program to blame it on when they lose all their data. Anti-virus companies mainly sell CYA to enterprises, they have to have it whether it does the job or not.
Eddy Vluggen wrote: there is always a manager that opens the executable.
Of course, it's right there in the policy manual. So nothing to worry about, the buck stops at middle management.
I don't use anti-virus at home, because I generally know what I'm doing, plus I mainly use those boxes for gaming and need the performance. I do keep my boxes updated and do ad-hoc scans once in a while, but no real-time scanning. I've gotten a couple of viruses in the past, but they weren't nearly as bad as having an anti-virus program running in the background.
My main concern at this point is what kind of data-collecting malware MS wants to install on my computer without my knowledge or consent. My Win7 machines aren't even safe from this anymore, I do not like where this is going.
|
|
|
|
|
I use AV because it works. Unless you have a totally left-field OS which is not targeted by hackers, spammers and phishers, you are a fool not to protect your data. Every popular OS - Apple, ix Win - is being targeted and not having a decent defense in place will result in a breach. If you're lucky you'll lose all your data, if you're not then it'll be all your money as well.
Go on, choose.
veni bibi saltavi
|
|
|
|
|
If you need to scan to see whether something is infected, you are already behind the curve and at risk.
Update your hostsfile, check the startup folder, turn on UAC and DEP..
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
My AV is set to scan every morning at 2 am and it's set to automatically remove threats.
If it's not broken, fix it until it is
|
|
|
|
|
If there's software running, as admin, then your AV might be gone in the morning
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Wrong, the AV and Firewall are there in addition to managing access into [and out of] the machine. With kids it is easier to have the AV nannying in the background then it is to keep cleaning the shyte off their machines.
veni bibi saltavi
|
|
|
|
|
Eddy Vluggen wrote: f you need to scan to see whether something is infected, you are already behind the curve and at risk.
Show me someone who claims they aren't behind the curve and I'll show you an up and coming victim..
There isn't one guy on the planet who can plan today against every current and future threat out there. We pass this responsibility onto other teams (anti-virus software companies) so that we can get on with our day-to-day jobs.
How do you know so much about swallows? Well, you have to know these things when you're a king, you know.
modified 31-Aug-21 21:01pm.
|
|
|
|
|
Brent Jenkins wrote: Show me someone who claims they aren't behind the curve and I'll show you an up and coming victim.. I am rather paranoid about my computer; the victim is the one that believes to be protected when he is not protected enough.
Brent Jenkins wrote: There isn't one guy on the planet who can plan today against every current and future threat out there. I do not have to; I merely need to be able to control what is on my machine
Brent Jenkins wrote: We pass this responsibility onto other teams That is your choice. "We" don't - if you want something done good, you (learn to) do it yourself
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Even though you think that you have you machine covered, you don't.
Companies like Kaspersky, McAfee, Symantec, and the like all have teams of hundreds (if not more) of guys working on dealing with security threats every hour of every day.
No matter how good you may be, you simply can't match that. And even with all of their resources, they slip up pretty often too.
Still, it's you machine, so your choice..
How do you know so much about swallows? Well, you have to know these things when you're a king, you know.
modified 31-Aug-21 21:01pm.
|
|
|
|
|
Brent Jenkins wrote: Even though you think that you have you machine covered, you don't. Again, 100% coverage is not realistic. No AV claims that percentage.
Brent Jenkins wrote: Companies like Kaspersky, McAfee, Symantec, and the like all have teams of hundreds (if not more) of guys working on dealing with security threats every hour of every day. No, not with security in general, but with detecting malicious code.
If you have malicious code on your machine, then who is going to guarantee the integrity of the scanner itself?
Brent Jenkins wrote: No matter how good you may be, you simply can't match that. Learning to protect your machine is not the same as knowing every virus and making a living out of that. I'm preaching hygiene; not claiming to be better than the doctor - but with sufficient hygiene, you will visit your doctor somewhat less often.
Brent Jenkins wrote: And even with all of their resources, they slip up pretty often too. So, no, I am not going to trust some application to clean up after me.
Sorry, I am not buying the idea that simply installing an AV-suite is actually safer than thinking about your machine, consequences and risks. On the contrary; someone who relies on others tends to be less careful in other areas.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
I'll bet you don't wear a seatbelt when driving either?
How do you know so much about swallows? Well, you have to know these things when you're a king, you know.
modified 31-Aug-21 21:01pm.
|
|
|
|
|
Brent Jenkins wrote:
I'll bet you don't wear a seatbelt when driving either? |
Your comparison is still incorrect, and it seems that you are looking for arguments to defend your position
..but to answer, no, I don't have a car. I use the train. As for the house, I have not hired a private eye to sweep every room and closet - I only made sure that it is very hard to enter without explicit permission.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
That's fine, you're happy with your security arrangements and it doesn't effect me, so who cares?
As for me, I'll drive carefully as much as I can, but I'll make sure my car has airbags, side impact bars and I'll always wear my seatbelt. Of course I'll never need any of them, because I'm such a great driver..
How do you know so much about swallows? Well, you have to know these things when you're a king, you know.
modified 31-Aug-21 21:01pm.
|
|
|
|
|
Brent Jenkins wrote: Of course I'll never need any of them, because I'm such a great driver.. Like I already stated, your analogy is broken, and no, I did not claim to be a good driver.
Brent Jenkins wrote: so who cares The one who is infected, with 40 PC's giving the same virus-warning after the AV automatically updates the virusdefinitions
..and with the majority sharing their attack-vector, it could be easily prevented.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Brent Jenkins wrote: Show me someone who claims they aren't behind the curve and I'll show you an up and coming victim..
I show you Norton Security.
|
|
|
|
|
So, what works better than an off-the-shelf security package?
What do you use (obviously it has to be something you have written yourself as anyone else's software is sub-standard)?
How do you know so much about swallows? Well, you have to know these things when you're a king, you know.
modified 31-Aug-21 21:01pm.
|
|
|
|
|
You miss my point.
there is NO guarantee of absolute security. To think otherwise is either hubris or folly (or more likely both). If you access the Internet, you are at risk. The goal should be to strike a balance of minimizing that risk while also being prepared to deal with the very real potential scenario of your computer being compromised.
And to answer your question, I use Webroot, primarily because it has the smallest impact on my system usage though. But it's just one piece of my overall personal security package/plan.
|
|
|
|
|
jRaskell1 wrote: there is NO guarantee of absolute security
I agree with that.
Much in the same way that when I leave for work in the morning I set the house alarm, make sure all my windows are shut securely and make sure my doors are locked. It's all about getting thing lined up in your favour as much as possible.
It's not going to stop people getting in and taking all my things if they're really determined, but it's better than leaving everything open and unsecured, surely?
How do you know so much about swallows? Well, you have to know these things when you're a king, you know.
modified 31-Aug-21 21:01pm.
|
|
|
|
|
Eddy Vluggen wrote: turn on UAC
I'd rather be infected
|
|
|
|
|
The main way virus's are spread these days is by drive by installs on trusted websites that have been compromised. If you browse the web and don't have AV protection, you're begging to be pwned without warning while visiting a site that is normally safe.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
Exactly which company are you referring to? I get 5 results when filtering by "Computer Software" and none of them seem to be antivirus companies...
The United States invariably does the right thing, after having exhausted every other alternative. -Winston Churchill
America is the only country that went from barbarism to decadence without civilization in between. -Oscar Wilde
Wow, even the French showed a little more spine than that before they got their sh*t pushed in.[^] -Colin Mullikin
|
|
|
|
|
|
Most of their revenue is from selling advertising space, and from products other than AV Software - which they (at least previously used to) provide free of charge.
|
|
|
|
|