lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
From: DStark at forseon.com (DStark@...seon.com)
Subject: AV "feature" does more DDoS than Sobig

> Anti-virus companies seem to spend more money on marketing/visibility
> than on actually protecting their customers. This marketing stupidity is
> done by adding USELESS features, which spreads false information and
> delivers false sense of security:
> - "You're infected" reply (false positive)
> - "This message is 100% virus-free certified" signature line (false sense
of security)
> - Anti-virus buttons on Internet Explorer toolbar (just to launch the AV)
> - Splash screens every time you:
> - boot your computer
> - send e-mail
> - check pop3 e-mail
> - turn your computer off
> - System tray useless icons (in some AVs, the system tray icon does
nothing except for launching the AV program)
> - Redundant shortcut icons in Desktop, Start Menu root, Quick Launch and
Start Menu program folder

The only annoyance that comes of these "Features" is from when the user is
too lazy to find out how to turn them off. The majority of av products that
offer such also have the options of disabling them (Such as the splash
screens and the email alerts). And as for what you view as "Marketing", I
see more along the lines of a visual for consumers. For instance, how many
people do you know that are Computer-Challenged? And how many times have
you asked those people 'When was the last time you ran a virus scan?' only
to hear 'Oh, gosh, you know, I don't remember.' And to find out def's and
sig's are about as old as dirt. Most "End-Users"/"Customers" need to be
reminded a lot imho, especially when it comes to protection products like
AV on over to things like Defragment and Scan Disk. Without these visuals
to remind them, they are more than likely to just continue working away and
never ponder about making sure their computer is up to date and virus free.



> This kind of stupidity from AV companies makes me hate them more every
day.

That's like getting pissed off at Ford because they put their name on the
sides, front and back of your car.


- d




                                                                                                                                  
                      Fabio Gomes de Souza                                                                                        
                      <bugtraq@....com.br>               To:       bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com    
                      Sent by:                           cc:                                                                      
                      full-disclosure-admin@...ts        Subject:  [Full-Disclosure] AV "feature" does more DDoS than Sobig       
                      .netsys.com                                                                                                 
                                                                                                                                  
                                                                                                                                  
                      08/28/2003 10:05 AM                                                                                         
                                                                                                                                  
                                                                                                                                  




Hello,

Anti-virus products are causing more harm than the Sobig Worm.

Some of my customers are having the following problem:

B = Customer of my customer (infected)
C,D,E = Some random company (victims of Sobig)
A = My customer (victim of AV marketing)

The Sobig worm infected B.

In its propagation loop, the worm composes a message, chooses two random
items in the Address Book, and puts the first in the "From:" and the
second in the "To:" header. Then all virus messages are spoofed.

The problem is that many e-mail virus scanners send a "You are infected"
reply to the address contained in the "From" header. Since the messages
are spoofed, the inoccent, uninfected user "A" is flooded by automatic
complaints from "C","D","E" regarding the virus that "B" sends.

Anti-virus companies seem to spend more money on marketing/visibility
than on actually protecting their customers. This marketing stupidity is
done by adding USELESS features, which spreads false information and
delivers false sense of security:

             - "You're infected" reply (false positive)
             - "This message is 100% virus-free certified" signature line
(false
sense of security)
             - Anti-virus buttons on Internet Explorer toolbar (just to
launch the AV)
             - Splash screens every time you:
                         - boot your computer
                         - send e-mail
                         - check pop3 e-mail
                         - turn your computer off
             - System tray useless icons (in some AVs, the system tray icon
does
nothing except for launching the AV program)
             - Redundant shortcut icons in Desktop, Start Menu root, Quick
Launch
and Start Menu program folder

This kind of stupidity from AV companies makes me hate them more every day.

--
Fabio Gomes de Souza <fabio@....com.br> Fone: (81) 9127-0597

GS2 TECNOLOGIA DA INFORMA??O LTDA
  - Infra-estrutura de TI, seguran?a, sistemas embutidos e Linux
  - Consultoria, planejamento, implementa??o e gerenciamento

http://www.gs2.com.br negocios@....com.br (81) 3492-7777





_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html






Powered by blists - more mailing lists