lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 27 Aug 2009 14:13:21 -0500
From: Rohit Patnaik <quanticle@...il.com>
CC: full-disclosure@...ts.grok.org.uk
Subject: Re: [Fwd: Re:  windows future]

I definitely agree, vis a vis the doctor analogy. I haven't run 
anti-virus software for quite a while now, because viruses spread so 
quickly even daily definitions updates aren't enough to stop them.  A 
properly locked down firewall, along with good browsing, installation, 
and patching habits are what I rely on to stop infections.

To go with a third biological analogy - antivirus is like an antibiotic. 
It stops the infection once the bacteria has already taken root in your 
system. Well, these days, most of malware is resistant to antivirus 
software. So, we have to rely on good computer hygiene to keep us safe.

--Rohit Patnaik

Peter Besenbruch wrote:
> On Thursday 27 August 2009 05:04:16 Rohit Patnaik wrote:
>   
>> Of course, all this is based on an extrapolation of the current strategy
>> of blacklisting. My feeling is that, once malware levels grow beyond
>> this threshold, we'll see a mass switch to whitelists.  In other words,
>> apps will go from being innocent until proven guilty, to being guilty
>> until proven innocent. We're already seeing some if this with Vista's
>> UAC pestering when one wants to install a new application. Given that,
>> I'm not sure how the rest of your scenario plays out.
>>     
>
> I'm not sure this is a solution. Most of the people I work with will 
> unquestioningly click every UAC prompt. Knowing what to whitelist requires a 
> fair degree of technical skill beyond most users' ability.
>
> A few thoughts on the previous post: In biology, most parasites do not kill 
> their host. If the analogy fits, it is possible for Windows to stumble along, 
> rather infected, but still functional.
>
> In a business setting, malware scanning is often done at the periphery of the 
> LAN, not by each individual computer.
>
> In another biological analogy, doctors see lots of sick patients, but don't 
> get sick themselves. They wash their hands a lot. In the computer world, 
> people who don't install that fake codec, and who do keep their systems up to 
> date, may not need anti-virus.
>
> Given the proliferation of malware over the last few years, I have my doubts 
> about the effectiveness of anti-virus software today. In other words, 
> anti-virus software will stop being effective before it consumes all 
> available computer resources trying to protect the computer.
>
>   

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ