The securityfix has a post on the “dirty little secret” about antivirus. Eugene Kaspersky of Kaspersky antivirus has posted an introspective article on the antivirus industry and it’s current problems. The biggest problem with antivirus is that it’s always one step behind the virus writers. Antivirus software only can prevent you being infected by those viruses that the antivirus software knows about. In other words a quick, fast spreading infection can hit you anywhere between hours-days before your AV vendor has an update.
(Speed of updates should be one point to look at in choosing antivirus software.) But the point is valid, antivirus is on the wrong side of the arms race. It’s like the old sports question about whether offence or defence wins the game. Usually if you have a team that does NOTHING (no offensive capabilities, pure defence) but defend, they lose because no defence is perfect. Current antivirus is a reactionary solution to the problem of malware.
At this same time, I found this post at the sunbeltblog referring to an eweek article on locking down systems to prevent/limit the impact of malware. What eweek found is that forcing people into unpriviliged user accounts DID impact overall system security (hello – this is what linux/unix advocates have claimed for YEARS.)
I’ve known people that used limited permission profiles to deal with spyware. When one profile became infected they migrated to another login leaving behind their malware. I know one individual that’s looking at using virtual pc to sandbox his OS in so that he can jettison an infested instance if necessary more easily.
Unfortunately, under windows the “Power User” right’s group in the eweek article suffered a good deal of malware infections. All told, there are pros and cons to the “severe” lockdown of user accounts. Some software, unfortunately, still requires local administrator access due to the legacy of Windows more open permissions of the past. It’s an interesting analysis of the benefits and costs of this approach. Personally, I like the linux/unix permissions model with average users being unable to install system software without the administrator password, etc. My only concern with that is being too non-chalant about installing software. (It does shift the responsibility somewhat for WHO allowed the software to be installed (security bug/user input)).
It does all come to educating users though. I mean, say you’re locked down, software starts to install and asks for an administrator password. Do you just give the password without a thought and grumble over the extra hurdle to see a web page? Or do you think ” woah… what’s trying to install? why do I need that?” This is one area where the “dumbing down” of the “new computer user information guide”‘s is really letting the public down.
Realistically you have a better chance of getting malware infested on your pc by browsing the seemier side of the net, other smaller/little known sites, etc. So, locking down browser defaults could go a long way. (Locking down the habits of the browser him or herself?) There was an old joke that goes something like this — what is the most dangerous part of a car? The nut behind the wheel… a good deal of that truth could be applied to computers.
Don’t open attachments, even if the message claims to be from someone you know, unless it was an attachment that you were expecting. I used to say, unless it was about something that you have discussed with that person, but realistically the varied subjects and techniques of virus writers make that too risky. I once saw a virus that looked like a reply to a 6 month old conversation. Don’t assume that if you’ve received it, it’s clean. In other words don’t be overconfident in your antivirus. Ultimately, be cautious…. it’s “computer smarts” that blunts the spread of malware.
Related PostsRelated Posts
- Hot Trends - spotting the upcoming searchs and tomorrows news today The internet is an amazing place you can learn about most anything from carbon nanotubes stopping bullets to a duvet cover. In the last few weeks I've learned a few things over at Google's hot trends page. Basically, about once an hour there is an autogenerated list of the top......
- How to Remove Antivirus System Pro | Antivirus System Pro Removal Guide Last week I had the opportunity to remove Antivirus System Pro from not one, but two machines. Given that I was seeing it a bit more frequently I thought it might be a new rogue antivirus application, but I quickly found out that it's been out at least since June......
- The connection between Spam and Viruses After comparing MANY of these delivery failures (a fraction of what has gone out with my domain name forged I'm afraid...) They are all advertising essentially the same site (sometimes different gateways to it, but I've traced it all back to a close group of domains that have been unresponsive......
- 10 Essential Tips for Online Shopping Safety The guest post is by Annie Wallace who blogs on viral marketing for moms as well as loves collecting DIY gadgets. I know, this blog is rather about saving money than spending - but for the most part smart shopping is the most effective way to save! You can save......
- How to Remove Antivirus 2009, Spyware Guard 2008 and Other Malware My wife, kids, and I spent this past Christmas at my parents' house. It wasn't long after we arrived before I gravitated to their computer to check my email, read the news, check the stock market, etc. Much to my dismay, I found a barrage of malware, spyware, and......
- Norton vs. Bitdefender In recent comparison we did some test between Norton Antivirus and Bitdefender Antivirus and got some surprizing results. In this years pcworld review on top antivirus softwares Norton outranked Bitdefender. However in our test, Bitdefender out performs Norton. We basically put a machine to run with suspected viruses and had......
- Park Your Virus Impervious Smugness Mac (and Linux) Users
- Administrative access on linux systems
- Makers of fake security software settle lawsuit
- Windows Run as to let a legacy program run in XP limited user mode
- Web smarts is the main defence against spyware