The virus arms race? is locking down systems the key?



The securityfix has a post on the “dirty little secret” about antivirus. Eugene Kaspersky of Kaspersky antivirus has posted an introspective article on the antivirus industry and it’s current problems. The biggest problem with antivirus is that it’s always one step behind the virus writers. Antivirus software only can prevent you being infected by those viruses that the antivirus software knows about. In other words a quick, fast spreading infection can hit you anywhere between hours-days before your AV vendor has an update.


(Speed of updates should be one point to look at in choosing antivirus software.) But the point is valid, antivirus is on the wrong side of the arms race. It’s like the old sports question about whether offence or defence wins the game. Usually if you have a team that does NOTHING (no offensive capabilities, pure defence) but defend, they lose because no defence is perfect. Current antivirus is a reactionary solution to the problem of malware.

At this same time, I found this post at the sunbeltblog referring to an eweek article on locking down systems to prevent/limit the impact of malware. What eweek found is that forcing people into unpriviliged user accounts DID impact overall system security (hello – this is what linux/unix advocates have claimed for YEARS.)

I’ve known people that used limited permission profiles to deal with spyware. When one profile became infected they migrated to another login leaving behind their malware. I know one individual that’s looking at using virtual pc to sandbox his OS in so that he can jettison an infested instance if necessary more easily.

Unfortunately, under windows the “Power User” right’s group in the eweek article suffered a good deal of malware infections. All told, there are pros and cons to the “severe” lockdown of user accounts. Some software, unfortunately, still requires local administrator access due to the legacy of Windows more open permissions of the past. It’s an interesting analysis of the benefits and costs of this approach. Personally, I like the linux/unix permissions model with average users being unable to install system software without the administrator password, etc. My only concern with that is being too non-chalant about installing software. (It does shift the responsibility somewhat for WHO allowed the software to be installed (security bug/user input)).

It does all come to educating users though. I mean, say you’re locked down, software starts to install and asks for an administrator password. Do you just give the password without a thought and grumble over the extra hurdle to see a web page? Or do you think ” woah… what’s trying to install? why do I need that?” This is one area where the “dumbing down” of the “new computer user information guide”‘s is really letting the public down.

Realistically you have a better chance of getting malware infested on your pc by browsing the seemier side of the net, other smaller/little known sites, etc. So, locking down browser defaults could go a long way. (Locking down the habits of the browser him or herself?) There was an old joke that goes something like this — what is the most dangerous part of a car? The nut behind the wheel… a good deal of that truth could be applied to computers.

Don’t open attachments, even if the message claims to be from someone you know, unless it was an attachment that you were expecting. I used to say, unless it was about something that you have discussed with that person, but realistically the varied subjects and techniques of virus writers make that too risky. I once saw a virus that looked like a reply to a 6 month old conversation. Don’t assume that if you’ve received it, it’s clean. In other words don’t be overconfident in your antivirus. Ultimately, be cautious…. it’s “computer smarts” that blunts the spread of malware.

Related Posts

Blog Traffic Exchange Related Posts
  • How to Remove TRE Antivirus | TRE Antivirus Removal Guide TRE Antivirus is a new entry in the Wini Family of rogue antivirus software. This family includes SoftCop (SoftCop Removal), Softsoldier (How to remove SoftSoldier), ( TrustFighter TrustFighter Removal Guide, TrustSoldier removal guide and the following others... SafeFighter (Safefighter Removal), TrustCop (TrustCop Removal Guide), SecureWarrior (SecureWarrior Removal), SecurityFighter (SecurityFighter Removal),......
  • Hot Trends - spotting the upcoming searchs and tomorrows news today The internet is an amazing place you can learn about most anything from carbon nanotubes stopping bullets to a duvet cover. In the last few weeks I've learned a few things over at Google's hot trends page. Basically, about once an hour there is an autogenerated list of the top......
  • The connection between Spam and Viruses After comparing MANY of these delivery failures (a fraction of what has gone out with my domain name forged I'm afraid...) They are all advertising essentially the same site (sometimes different gateways to it, but I've traced it all back to a close group of domains that have been unresponsive......
Blog Traffic Exchange Related Websites
  • FREE AntiVirus Software FREE AVG Anti-virus Software Review Magnanimously protecting your PC... While many of my readers have heard of AVG Free Edition, many still have not so, I thought I would go over the Anti-virus software that protects many of my personal PC's from the wild west internet. As far as AV......
  • Review of Windows Live Writer When you find a tool that makes life easier, there is nothing more exciting. The need for corporations to simplify and systematize their processes has to do with working smart and taking advantage of things that allow workers to reach their goals without having to work quite as hard. One......
  • Search History - Today And Tomorrow It could sound a bit scary but every single stroke of my keyboard is recorded by the laptop or computer memory. You had been looking for particular info on the web. In several days whenever you required to check out the similar pages again, to your utter dismay, you......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site