| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 22 Jun 2010 12:26:10 +0200 From: "Cor Rosielle" <cor@...post24.com> To: <full-disclosure@...ts.grok.org.uk> Subject: Re: No anti-virus software? No internet connection Believe it or not, I do use anti virus on my Windows machine at home and even accept automatic updates (although MacAfee proved this is a serious threat). But anti virus is only the second line of defense or the third. The first line of defense is to "think before you launch a file". If a file is unexpected, then I simply don't trust it. On several occasions this prevented virus infection with an up to date AV-scanner (Symantec - I put the file in a folder to further explore it after some days and then the AV-scanner did recognize the virus). AV software does fail too. For any home user who doesn't think or doesn't care, AV-software is probably a good starting point to give some limited protection for Windows systems. But such an home should realize he/she also runs risk when running AV-software and might experience a false sense of security. And if they don't think or don't care, they should think twice before complaining when it turns out bad. For any home user who do think or do care, AV-software can be a good addition to protect Windows systems, but that is not guaranteed. Realize that sometimes the cure is worse than the disease and also that malicious "anti virus software" does exist. Anti virus is not bad by definition. It is neither good by definition. And I repeat: Tom has a point that end-users must take some responsibility for their own computer. I just regret politicians make a lot of fuzz about legislation that only helps a bit in some cases and invite civilians to lean backward and believe they are secure because they have followed the rules. Cor > -----Original Message----- > From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full- > disclosure-bounces@...ts.grok.org.uk] On Behalf Of Tom Grace > Sent: dinsdag 22 juni 2010 11:29 > To: full-disclosure@...ts.grok.org.uk > Subject: Re: [Full-disclosure] No anti-virus software? No internet > connection > > What would you advise a typical home user do to stay virus/trojan/other > shit free ? Working on the assumption that they can't tell the > difference (and really, shouldn't have to) between dangerous and safe > files. > AV software is pretty lacking, and the best advice I can think to give > users is that "everyone on the Internet is out to get you" > > Tom > > On 06/22/2010 10:11 AM, Cor Rosielle wrote: > > Brilliant thinking. Let's install anti virus and increase the > computers > > attack surface without further thinking. That must be safe because > > politicians tell us to do so. And we all know that politicians always > tell > > the truth and happen to know a lot about PC's an security. > > > > Sigh. Tom has a point that end-users must take some responsibility > for their > > own computer, but that doesn't mean that anti virus is the one and > only > > solution. But if you think anti virus is the silver bullet to make > this > > world saver, then dream your dreams and I'll dream mine. > > > > Cor > > > > > > > > From: full-disclosure-bounces@...ts.grok.org.uk > > [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of > Christian > > Sciberras > > Sent: dinsdag 22 juni 2010 10:56 > > To: Tom Grace > > Cc: full-disclosure@...ts.grok.org.uk > > Subject: Re: [Full-disclosure] No anti-virus software? No internet > > connection > > > > I completely agree with Tom. A good fraction of all vulns out there > rely on > > the user taking the wrong action, and it's way common (just face the > truth). > > > > How many people install cracked OSes? I was once incredulous that a > person > > willingly installed a virus because he claimed it was harmless (while > the > > anti-virus shouted "trojan"). > > > > Sometimes I get to fix people's computers. I'm always amazed by the > amount > > of crap I get in contact with. Hundreds of browser toolbars, > antiviruses, > > shareware, adware, trials, torrent clients, media players etc. > > That not counting the local IT shops which format PCs replacing > (typically) > > Windows OS with a cracked one. > > > > > > > > On Tue, Jun 22, 2010 at 9:42 AM, Tom > Grace<tom@...thbycomputers.co.uk> > > wrote: > > In a way having a requirement that end-users take some responsibility > > for their own computer is a good thing. > > Similar to prosecuting people for fraud if they fall for one of the > cash > > scams. > > > > On 06/22/2010 05:37 AM, Ivan . wrote: > >> yep, your tax $$$ at work.... > >> > >> Don't forget there Internet filter as well.. With these rocket > >> scientist running the show, what's there to worry about > >> > >> > > > http://blogs.news.com.au/techblog/index.php/news/comments/finally_there > s_pro > > tection_against_spams_and_scams > >> > >> On Tue, Jun 22, 2010 at 2:32 PM, Jubei Trippataka > >> <vpn.1.fanatic@...il.com> wrote: > >>> They had a committee working on this for a year and that's the best > they > >>> could come up with? HAHAHAHA. > >>> > >>> Belinda Neal - With idiots like you and your colleagues tackling > this > > issue, > >>> tax payers deserve to burn you at the stake. BTW... are you really > a > > du0d? > >>> > >>> -- > >>> ciao > >>> > >>> JT > >>> > >> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists