 |
|
|
|
Next: Which of these is the best free Personal Antiviru..
|
| Author |
Message |
External
Since: Jun 12, 2004
Posts: 335
|
(Msg. 46) Posted: Sat Mar 20, 2004 4:14 pm
Post subject: Re: Why Free? [Login to view extended thread Info.]
Archived from groups: alt>comp>anti-virus, others (more info?)
|
|
|
JT wrote:
> On Sat, 20 Mar 2004 10:44:32 GMT, optikl <optikl.DeleteThis@invalid.net> wrote:
>
>
>>JT wrote:
>>
>>
>>
>>>The reality is that most virus DO exist because of flaws in MS code or MS
>>>lack of security in the OS model. Without the ActiveX flaws, 99% of all
>>>virus would not exist.
>>
>>What about Trojans and backdoors? Not all malware takes advantage of
>>ActiveX? What if you have ActiveX totally disabled but execute a program
>>you think, or have been told, is a game?
>
>
> Then you are not talking VIRUS anymore. Malware for sure. Fixing the
> security model even reduces the problem with trojans and backdoors. If the
> average user doesn't have access to the total machine, then most backdoors
> can't function, because they don't have the rights to what they want to do.
> And trojans will be limited to affecting a limited part of the machine that
> is controled by the user, not reeking global havoc. Of course this is
> assuming a flawless OS with a Perfect security model 
The same *can* be said about viruses. Not all viruses rely on ActiveX.
>
>>Add security flaws, such as the RPC exploit that
>>
>>>allowed Blaster, and you have most of the rest. Without ActiveX, you reduce
>>>the need for AV greatly.
>>
>>You just said 99% of viruses are due to ActiveX flaws. Now, you're
>>saying something different. It doesn't take you but 2 sentences to
>>change your mind.
>
>
> No mind change here. A reading comprehension problem on your end. That
> sentence means, of the 1% of VIRUS left over (that is what most of the REST
> means), the majority exploit the poor security model of windows. Make it
> simple. 1000 virus 990 will probably be activex. 7 will probably be OS
> weakness.
I may have a reading comprehension problem, but you appear to be very
loose with your estimating skills. How about some proof statements for
the 99%?
>
>> Close the ports and unneeded services that MS
>>
>>>leaves lying around by default and you eliminate most of the rest. Those 2
>>>steps would reduce the AV industry from a 2 Billion dollar a year industry
>>>to one of probably 2 Million dollars.
>>
>>You just whip these statistics out of your head?
>
>
> Not a statistic, an estimate. The 2 Billion figure was from your quote. I
> Estimate that the problem would be 1000 times less severe, therefore the 2
> Million estimate.
My quote? You mean the words I pasted in the text of my post, that were
attributable to....I thought it was you. No? Maybe someone else?
Certainly, I've never estimated that number.
Instead of 1000 virus (an example, not a hard number)
> being in the wild, you are down to 2 or 3. Much more manageable problem.
> About 1000 times less costly.
>
>>>There will always be attempts at exploits. Phishing and other "human
>>>engineered" exploits attack the weakest part of any security system, the
>>>human part. Why make it easier for the bad guys than it has to be.
>>>
>>
>>Your last sentences contradicts, not supports your initial point. Just
>>what is your point?
>
>
> The post I replied to said
>
>
>>Viruses don't depend on software flaws. Even if MS's code
>>were flawless - viruses could still exist and create a desire
>>for anti-virus measures.
>>
>
>
> My point is that the vast majority of virus DO in fact depend on software
> flaws.
Vast Majority? On OS flaws? I don't really see that. I'd say, recently
less than 20, not including the variants, of course (.a, .b, .c, etc).
What number do you have in mind?
The complexity of the problem when the software is not so easily
> exploitable is beyond the capability of crackers and script kiddies. If the
> software was flawless (not going to happen in any OS) then you have killed
> the market for AV products.
>
Well, you and I will have to disagree, I guess. I think if we were
talking about *firewalls*, I would be more inclined to say you and I are
on the same page.
While I disagree with your estimate of the percentage of malware that
would disappear with a more secure OS, thus eliminating the need for AV,
I do agree you could kill the market for AV if you eliminated 99% of
those who have access to computers <bg>. Malware is really a people
problem; people write it, people let it have access to their systems and
people have have to deal with it. The most secure OS you can come up
with is going to have someone administering it and someone using it.
That's sort of where things tend to break-down. |
|
| Back to top |
|
 | |
External
Since: Jul 04, 2003
Posts: 1562
|
(Msg. 47) Posted: Sat Mar 20, 2004 5:00 pm
Post subject: Re: Why Free? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
JT wrote:
[snip]
> The reality is that most virus DO exist because of flaws in MS code or MS
> lack of security in the OS model. Without the ActiveX flaws, 99% of all
> virus would not exist.
i don't know what you've been smoking but it's not been doing you any
good... viruses predate activex, and relatively few viruses make use of
activex... there are tens of thousands of viruses that operate under
*dos* - how on earth can they be dependent on activex flaws?
viruses do not owe their existence to flaws or security holes, they are
a consequence of the flexibility afforded us by general purpose
computers (read: the potential for viruses is inherent in all general
purpose computing platforms regardless of operating system and
obviously regardless of programming flaws and security holes)... at
best, viruses owe their feature-richness to flaws and security holes
and nothing more...
--
"we're the first ones to starve, we're the first ones to die
the first ones in line for that pie in the sky
and we're always the last when the cream is shared out
for the worker is working when the fat cat's about" |
|
| Back to top |
|
| |
External
Since: Jul 04, 2003
Posts: 1562
|
(Msg. 48) Posted: Sat Mar 20, 2004 5:20 pm
Post subject: Re: Why Free? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
JT wrote:
[snip]
> Virus have always depended on the vulnerabilities of the software and the
> security of the systems they are attacking with very few exceptions.
an assertion for which you have no support...
> Go to
> any virus database or security advisory.
i've been to many, what i've seen does not support your contention...
> They are exploiting a weakness.
some do, but few depend on it for their ability to spread...
> If not activex, then unchecked buffers or insecure automation features.
grasping at straws...
> Started that way in the early MSDOS and AppleII days when virus were young.
> The exploits that have happened recently against other OS such as Linux and
> Apples OS/X have been exploits of software or security configuration
> errors.
the only thing viruses depend on is the ability it write executable or
interpretable code to disk...
> As an exercise, find a Virus or worm (not a phishing/human
> engineering exploit that tricks a user into running a program that erases
> his hard disk thinking it was a free game) that does not exploit such a
> weakness in all the online virus information. Just get me a couple out of
> the thousands that are out there. Something recent would be nice, but I am
> not picky
stoned.empire.monkey (or rather, most boot infectors)... cascade (or
rather, most file infectors)...
--
"we're the first ones to starve, we're the first ones to die
the first ones in line for that pie in the sky
and we're always the last when the cream is shared out
for the worker is working when the fat cat's about" >> Stay informed about: Why Free? |
|
| Back to top |
|
| |
External
Since: Jul 04, 2003
Posts: 1562
|
(Msg. 49) Posted: Sat Mar 20, 2004 7:41 pm
Post subject: Re: Why Free? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
Kelsey Bjarnason wrote:
> In article <105ncqdp3h56vb2.TakeThisOut@corp.supernews.com>, !0000@nomad.fake
[snip]
>>Viruses don't depend on software flaws. Even if MS's code
>>were flawless - viruses could still exist and create a desire
>>for anti-virus measures.
>
>
> Really. So why is it that when I run Linux, I don't worry about
> viruses?
there are a number of possibilities - maybe you understand that using a
niche market OS makes you a less palatable target to virus writers - or
maybe you're just one of those morons who thinks *nix is immune...
> Let's compare something as simple as an e-mail. The default
> Windows tool _automatically executes code_ in the email. Behind the
> scenes. Without so much as asking. Or warning. Or telling you how
> mind-numbingly stupid it is to do this.
microsoft's operating system was the major target long before windows
existed...
[snip]
> So, right there, we've got one boneheaded design.
can you read? just because there are flaws doesn't mean that disprove
the assertion that their absence would translate into an absence of
viruses... your microsoft bashing, accurate though it may be, is a red
herring here...
[snip]
> Know what happens when someone sends me an executable attachment in
> Linux? I save it, I double click it and... hmm; there it is, loaded up
> in my text editor. Why? Because the default action for unknown file
> types is to run the editor... and since the file, despite being a .out
> or a .bin or a .sh or whatever, *is not an executable* - the execute bit
> has not been set locally.
well, apparently you haven't been paying attention to the virus news...
there are currently worms doing the rounds that do not auto-execute,
they are in fact in password protected zip files that the user has to
go to some lengths (reading the password from an image file also
attached to the message in some cases) to extract and then execute the
worm...
you think you're safe in linux because of linux but you're wrong -
you're safe because of *you*... because you're not dumb enough to do
some very dumb things... linux, however, is not immune to dumb users...
[snip huge rant about things that do not relate to viruses]
> So no, if Microsoft wrote "flawless code", these problems simply would
> not exist, or at least, not in the form they do now. Linux, for
> example, has had a few viruses. Despite the relative ease of finding
> Linux machines to attack, though, they never get very far. Why?
because linux machines are not nearly as numerous in comparison to
windows boxes... because the *nix user base hasn't reached the critical
mass necessary to sustain naturally occurring infections...
--
"we're the first ones to starve, we're the first ones to die
the first ones in line for that pie in the sky
and we're always the last when the cream is shared out
for the worker is working when the fat cat's about" >> Stay informed about: Why Free? |
|
| Back to top |
|
| |
External
Since: Jul 04, 2003
Posts: 1562
|
(Msg. 50) Posted: Sat Mar 20, 2004 8:00 pm
Post subject: Re: Why Free? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
Kelsey Bjarnason wrote:
> [snips]
>
> In article <WvGdne9l6d0CJsbdRVn-hQ.TakeThisOut@adelphia.com>, owner.TakeThisOut@dino-soft.org
> says...
>
>
>>Virus are just programs that someone has written.
>
>
> No, they're more than that. They are programs that rely on security
> holes in the OS that allow them to propagate and do damage.
false... please refer to the mountains of academic work on the nature
of computer viruses... i suggest starting at the beginning, with fred
cohen's work... (in part because his initial virus experiments were on
a 'properly' administrated *nix system)
> They are an
> indication that the OS is, from a security standpoint, swiss cheese.
cum hoc ergo propter hoc - you're mistaking correlation for
causation... it's a logical fallacy...
--
"we're the first ones to starve, we're the first ones to die
the first ones in line for that pie in the sky
and we're always the last when the cream is shared out
for the worker is working when the fat cat's about" >> Stay informed about: Why Free? |
|
| Back to top |
|
| |
External
Since: Jul 04, 2003
Posts: 1562
|
(Msg. 51) Posted: Sat Mar 20, 2004 8:00 pm
Post subject: Re: Why Free? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
Kelsey Bjarnason wrote:
> [snips]
>
> In article <WvGdne9l6d0CJsbdRVn-hQ.RemoveThis@adelphia.com>, owner.RemoveThis@dino-soft.org
> says...
>
>
>>Virus are just programs that someone has written.
>
>
> No, they're more than that. They are programs that rely on security
> holes in the OS that allow them to propagate and do damage.
false... please refer to the mountains of academic work on the nature
of computer viruses... i suggest starting at the beginning, with fred
cohen's work... (in part because his initial virus experiments were on
a 'properly' administrated *nix system)
> They are an
> indication that the OS is, from a security standpoint, swiss cheese.
cum hoc ergo propter hoc - you're mistaking correlation for
causation... it's a logical fallacy...
--
"we're the first ones to starve, we're the first ones to die
the first ones in line for that pie in the sky
and we're always the last when the cream is shared out
for the worker is working when the fat cat's about" >> Stay informed about: Why Free? |
|
| Back to top |
|
| |
External
Since: Jul 04, 2003
Posts: 1562
|
(Msg. 52) Posted: Sat Mar 20, 2004 8:02 pm
Post subject: Re: Why Free? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
BoB wrote:
[snip]
> From that additional info it is obvious you should experience no
> real problems in the virus arena. Same here, I'm enjoying Firebird
> and looking forward to Firefox when it becomes relatively bug free.
firefox is just the new name for what used to be firebird...
theoretically all versions of firefox should be better than firebird...
--
"we're the first ones to starve, we're the first ones to die
the first ones in line for that pie in the sky
and we're always the last when the cream is shared out
for the worker is working when the fat cat's about" >> Stay informed about: Why Free? |
|
| Back to top |
|
| |
External
Since: Jul 04, 2003
Posts: 1562
|
(Msg. 53) Posted: Sat Mar 20, 2004 8:02 pm
Post subject: Re: Why Free? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
BoB wrote:
[snip]
> From that additional info it is obvious you should experience no
> real problems in the virus arena. Same here, I'm enjoying Firebird
> and looking forward to Firefox when it becomes relatively bug free.
firefox is just the new name for what used to be firebird...
theoretically all versions of firefox should be better than firebird...
--
"we're the first ones to starve, we're the first ones to die
the first ones in line for that pie in the sky
and we're always the last when the cream is shared out
for the worker is working when the fat cat's about" >> Stay informed about: Why Free? |
|
| Back to top |
|
| |
External
Since: Sep 19, 2003
Posts: 1207
|
(Msg. 54) Posted: Sat Mar 20, 2004 8:36 pm
Post subject: Re: Why Free? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
"Kelsey Bjarnason" <kelseyb DeleteThis @xxnospamyy.lightspeed.ca> wrote in message news:MPG.1ac65802d72d5b7d989686@news.lightspeed.ca...
> In article <105ncqdp3h56vb2 DeleteThis @corp.supernews.com>, !0000@nomad.fake
> says...
> >
> > "Kelsey Bjarnason" <kelseyb DeleteThis @xxnospamyy.lightspeed.ca> wrote in message news:MPG.1ac54ca3894a7e59989685@news.lightspeed.ca...
> >
> > > I don't like paying for AV software... because it's an entirely created,
> > > artificial cost. The entire AV industry - all 2 billion a year of it -
> > > is based directly on MS's inability to write good code. Since it's
> > > their incompetence that caused the problem, if anyone should be paying
> > > for AV tools, it's them. Not the users who are victims of MS's
> > > failures.
> >
> > Viruses don't depend on software flaws. Even if MS's code
> > were flawless - viruses could still exist and create a desire
> > for anti-virus measures.
>
> Really. So why is it that when I run Linux, I don't worry about
> viruses?
Because you don't know any better? ;o)
(Just kidding about that, I suspect that you know they are
not non-existant for Linux)
Maybe because there are less of them about, and you like the
odds?
All I am saying is that it is not impossible. It would have to be
impossible *everywhere* for a virus to replicate, in order to
reduce them to the status of (non-replicating) trojan horse
and eliminate the desire for AV scanners.
> Let's compare something as simple as an e-mail. The default
> Windows tool _automatically executes code_ in the email.
That was intended to be a "user friendly" feature imo. It is not
a flaw in code, but may well be an error in judgement in the
design of the client. I saw that a Linux e-mail client is available
with this nice "preview pane" feature too, but I don't know if
its default is to render HTML or not ~ but you can imagine
that some will have it set that way if it is possible.
That incorrect MIME type exploit was a flaw in design, but
was not the sort of thing that a virus needs to exist.
[snip]
> Well, fine, okay... as long as that code is well and truly sandboxed off
> from the rest of the system, that's okay. It is, right? Umm... I'm not
> aware of any assurances of that.
I'm not going to defend Microsoft. I am only defending my
statement that viruses don't depend on software flaws.
> So, right there, we've got one boneheaded design. Here's another. I'll
> send you a file, it shows up as "file.jpg". The mail says "look at the
> pretty picture". If you've been on the web any length of time, you
> probably realize a .jpg is an image file - should be safe, right?
Assuming that a file is safe because of its name is ludicrous.
"Don't judge a book by its cover" they say. This is neither
a software code flaw or a design flaw - it is a human flaw.
> Wrong. First, it's not file.jpg, it's file.jpg.exe - but MS, in their
> infinite stupidity, chose to hide file extensions.
Yeah, that seems pretty stupid, but it is still just a filename.
> Well, hell, that's
> okay, not like it matters. See, as long as they don't compound their
> stupidity by doing anything so unbelievably risky as executing code
> simply because its filename says to execute it, that wouldn't matter.
....or because its filename's extension (or lack of) wasn't registered.
[snip continued listing of Microsofts security shortcomings]
> Now note... not *one single item* of this entire list applies to Linux.
> Or Unix. Or the various BSDs. Or VMS. Or... well, you get the point.
> The virus, attacking such systems, has *none* of these points of entry,
A viruses "point of entry" is its being invited in by the user, and
executed. None of that list (a good list I might add) affects that.
Sure, Windows (default) is unsafe...no argument, but the usefulness
of AV software would still exist even if "flaws" ceased to exist.
[snip]
> So no, if Microsoft wrote "flawless code", these problems simply would
> not exist, or at least, not in the form they do now.
Those problems (mostly) don't apply to viruses. Sure, if you
execute a virus and present it with nowhere to place a replicant
it can't infect anything - but you have executed hostile code
already by that time - and so an AV would still be desired. If
*everyone* ran a tight ship, we wouldn't have this problem
even with Windows' faults.
[snip]
> Oh, and fourth, because on those systems, serious security risks are
> almost invariably fixed within hours, or at most days, of becoming
> known. MS has been known to let *critical* vulnerabilities exist for 90
> days and more after being identified. Not a good record for a company
> that supposedly cares about security.
True, but beside the point.
> Nope, any way you slice it, the entire mess that is today's internet,
> with all the viruses, worms, spam zombies, trojans and the like, is
> *directly* and *totally* a result of Microsoft's either not caring about
> security, or being incompetent to actually provide security. Or both.
I agree with all except the "totally" part. I would even agree with
almost totally.
[snip] >> Stay informed about: Why Free? |
|
| Back to top |
|
| |
External
Since: Sep 19, 2003
Posts: 1207
|
(Msg. 55) Posted: Sat Mar 20, 2004 8:36 pm
Post subject: Re: Why Free? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
"Kelsey Bjarnason" <kelseyb RemoveThis @xxnospamyy.lightspeed.ca> wrote in message news:MPG.1ac65802d72d5b7d989686@news.lightspeed.ca...
> In article <105ncqdp3h56vb2 RemoveThis @corp.supernews.com>, !0000@nomad.fake
> says...
> >
> > "Kelsey Bjarnason" <kelseyb RemoveThis @xxnospamyy.lightspeed.ca> wrote in message news:MPG.1ac54ca3894a7e59989685@news.lightspeed.ca...
> >
> > > I don't like paying for AV software... because it's an entirely created,
> > > artificial cost. The entire AV industry - all 2 billion a year of it -
> > > is based directly on MS's inability to write good code. Since it's
> > > their incompetence that caused the problem, if anyone should be paying
> > > for AV tools, it's them. Not the users who are victims of MS's
> > > failures.
> >
> > Viruses don't depend on software flaws. Even if MS's code
> > were flawless - viruses could still exist and create a desire
> > for anti-virus measures.
>
> Really. So why is it that when I run Linux, I don't worry about
> viruses?
Because you don't know any better? ;o)
(Just kidding about that, I suspect that you know they are
not non-existant for Linux)
Maybe because there are less of them about, and you like the
odds?
All I am saying is that it is not impossible. It would have to be
impossible *everywhere* for a virus to replicate, in order to
reduce them to the status of (non-replicating) trojan horse
and eliminate the desire for AV scanners.
> Let's compare something as simple as an e-mail. The default
> Windows tool _automatically executes code_ in the email.
That was intended to be a "user friendly" feature imo. It is not
a flaw in code, but may well be an error in judgement in the
design of the client. I saw that a Linux e-mail client is available
with this nice "preview pane" feature too, but I don't know if
its default is to render HTML or not ~ but you can imagine
that some will have it set that way if it is possible.
That incorrect MIME type exploit was a flaw in design, but
was not the sort of thing that a virus needs to exist.
[snip]
> Well, fine, okay... as long as that code is well and truly sandboxed off
> from the rest of the system, that's okay. It is, right? Umm... I'm not
> aware of any assurances of that.
I'm not going to defend Microsoft. I am only defending my
statement that viruses don't depend on software flaws.
> So, right there, we've got one boneheaded design. Here's another. I'll
> send you a file, it shows up as "file.jpg". The mail says "look at the
> pretty picture". If you've been on the web any length of time, you
> probably realize a .jpg is an image file - should be safe, right?
Assuming that a file is safe because of its name is ludicrous.
"Don't judge a book by its cover" they say. This is neither
a software code flaw or a design flaw - it is a human flaw.
> Wrong. First, it's not file.jpg, it's file.jpg.exe - but MS, in their
> infinite stupidity, chose to hide file extensions.
Yeah, that seems pretty stupid, but it is still just a filename.
> Well, hell, that's
> okay, not like it matters. See, as long as they don't compound their
> stupidity by doing anything so unbelievably risky as executing code
> simply because its filename says to execute it, that wouldn't matter.
....or because its filename's extension (or lack of) wasn't registered.
[snip continued listing of Microsofts security shortcomings]
> Now note... not *one single item* of this entire list applies to Linux.
> Or Unix. Or the various BSDs. Or VMS. Or... well, you get the point.
> The virus, attacking such systems, has *none* of these points of entry,
A viruses "point of entry" is its being invited in by the user, and
executed. None of that list (a good list I might add) affects that.
Sure, Windows (default) is unsafe...no argument, but the usefulness
of AV software would still exist even if "flaws" ceased to exist.
[snip]
> So no, if Microsoft wrote "flawless code", these problems simply would
> not exist, or at least, not in the form they do now.
Those problems (mostly) don't apply to viruses. Sure, if you
execute a virus and present it with nowhere to place a replicant
it can't infect anything - but you have executed hostile code
already by that time - and so an AV would still be desired. If
*everyone* ran a tight ship, we wouldn't have this problem
even with Windows' faults.
[snip]
> Oh, and fourth, because on those systems, serious security risks are
> almost invariably fixed within hours, or at most days, of becoming
> known. MS has been known to let *critical* vulnerabilities exist for 90
> days and more after being identified. Not a good record for a company
> that supposedly cares about security.
True, but beside the point.
> Nope, any way you slice it, the entire mess that is today's internet,
> with all the viruses, worms, spam zombies, trojans and the like, is
> *directly* and *totally* a result of Microsoft's either not caring about
> security, or being incompetent to actually provide security. Or both.
I agree with all except the "totally" part. I would even agree with
almost totally.
[snip] >> Stay informed about: Why Free? |
|
| Back to top |
|
| |
External
Since: Jul 04, 2003
Posts: 1562
|
(Msg. 56) Posted: Sat Mar 20, 2004 8:43 pm
Post subject: Re: Why Free? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
kurt wismer wrote:
> can you read? just because there are flaws doesn't mean that disprove
> the assertion that their absence would translate into an absence of
> viruses...
grrr... their absence *wouldn't* translate into an absence of viruses...
--
"we're the first ones to starve, we're the first ones to die
the first ones in line for that pie in the sky
and we're always the last when the cream is shared out
for the worker is working when the fat cat's about" >> Stay informed about: Why Free? |
|
| Back to top |
|
| |
External
Since: Mar 19, 2004
Posts: 20
|
(Msg. 57) Posted: Sat Mar 20, 2004 8:50 pm
Post subject: Re: Why Free? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
On Sat, 20 Mar 2004 16:01:10 GMT, "Ron & Ree" <post.TakeThisOut@ERASEronree.com> wrote:
>>> What about Trojans and backdoors? Not all malware takes advantage of
>>> ActiveX? What if you have ActiveX totally disabled but execute a
>>> program
>>> you think, or have been told, is a game?
>>
>> Then you are not talking VIRUS anymore. Malware for sure.
>I think you are confused about what a virus is. It is a program that
>replicates itself. It does not even have to be "malware."
Trojans are programs that are disguised as something else. Don't have to
replicate themself, although trojans are often virus. Backdoors don't even
have to be a separate program. They are a way to bypass normal security
restrictions. Could be a hidden password such as is coded into many BIOS,
and was left in some systems for "maintenance" access. Some virus install
backdoors. The virus part of the program used a weakness to infect and
replicate itself.
No recent virus is not Malware, even those that claim to be virus killers.
JT >> Stay informed about: Why Free? |
|
| Back to top |
|
| |
External
Since: Sep 19, 2003
Posts: 1207
|
(Msg. 58) Posted: Sat Mar 20, 2004 8:50 pm
Post subject: Re: Why Free? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
"JT" <spam.RemoveThis@dcplus.dyndns.info> wrote in message news:fe20e725e5357f3e99e99a3e41eac367@news.teranews.com...
> On Sat, 20 Mar 2004 16:01:10 GMT, "Ron & Ree" <post.RemoveThis@ERASEronree.com> wrote:
>
> >>> What about Trojans and backdoors? Not all malware takes advantage of
> >>> ActiveX? What if you have ActiveX totally disabled but execute a
> >>> program
> >>> you think, or have been told, is a game?
> >>
> >> Then you are not talking VIRUS anymore. Malware for sure.
> >I think you are confused about what a virus is. It is a program that
> >replicates itself. It does not even have to be "malware."
>
> Trojans are programs that are disguised as something else.
Good enough I suppose.
> Don't have to replicate themself, although trojans are often virus.
Yep, I'm agreeable.
> Backdoors don't even have to be a separate program.
Absolutely, backdoors (or trapdoors) allow access in some
way not usually obvious to the end user. It could be a "flaw"
in the coding itself (exploitable buffer) or an intentional easter
egg function left in by a programmer.
> They are a way to bypass normal security restrictions.
True, but I haven't heard too many people refer to backdoors
(or trapdoors) this correctly for some time. Today, they usually
mean some sort of remote access or remote administration tool's
server software.
> Could be a hidden password such as is coded into many BIOS,
> and was left in some systems for "maintenance" access.
I suppose so, since it circumvents the security (such as it is) at that
level. You might also consider a certain assembler routine designed
to set the CMOS back to default (and clear the password) to be a
trapdoor or backdoor into the system.
> Some virus install backdoors.
....and some worms use preexisting yet newly discovered backdoors
to gain resources.
> The virus part of the program used a weakness to infect and
> replicate itself.
While this may be true in some cases, it is not *always* true. The
virus part of the program used available legitimate resources and
functions offered by the environment to replicate - it may have also
used software flaws to escalate privilege, but it can be a successful
virus without the need for software flaws.
[snip] >> Stay informed about: Why Free? |
|
| Back to top |
|
| |
External
Since: Sep 19, 2003
Posts: 1207
|
(Msg. 59) Posted: Sat Mar 20, 2004 9:08 pm
Post subject: Re: Why Free? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
"kurt wismer" <kurtw.RemoveThis@sympatico.ca> wrote in message news:js37c.42463$E71.2561260@news20.bellglobal.com...
> the only thing viruses depend on is the ability it write executable or
> interpretable code to disk...
....or where it could otherwise be executed as part of another
program. >> Stay informed about: Why Free? |
|
| Back to top |
|
| |
External
Since: Mar 19, 2004
Posts: 20
|
(Msg. 60) Posted: Sat Mar 20, 2004 9:18 pm
Post subject: Re: Why Free? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
On Sat, 20 Mar 2004 11:11:13 -0500, "FromTheRafters" <!0000@nomad.fake>
wrote:
>
>"JT" <spam.RemoveThis@dcplus.dyndns.info> wrote in message news:3b391727b7b3593a6c4332d76674d971@news.teranews.com...
>> On Sat, 20 Mar 2004 10:44:32 GMT, optikl <optikl.RemoveThis@invalid.net> wrote:
>>
>> >JT wrote:
>> >
>> >
>> >>
>> >> The reality is that most virus DO exist because of flaws in MS code or MS
>> >> lack of security in the OS model. Without the ActiveX flaws, 99% of all
>> >> virus would not exist.
>> >
>> >What about Trojans and backdoors? Not all malware takes advantage of
>> >ActiveX? What if you have ActiveX totally disabled but execute a program
>> >you think, or have been told, is a game?
>>
>> Then you are not talking VIRUS anymore.
>
>Strictly speaking, neither were you (but *I* was). The basic
>idea of "virus" is not constrained by needing to use *any*
>software flaws whatsoever.
>
>> Malware for sure. Fixing the
>> security model even reduces the problem with trojans and backdoors. If the
>> average user doesn't have access to the total machine, then most backdoors
>> can't function, because they don't have the rights to what they want to do.
>> And trojans will be limited to affecting a limited part of the machine that
>> is controled by the user, not reeking global havoc. Of course this is
>> assuming a flawless OS with a Perfect security model
>
>Which is quite an assumption.;o) Worms may need to exploit *something*
>whether it is code (buffer overflow), design (known resources in a known
>location i.e. *.wab), or peoples desire to be loved. However, a virus need
>not do anything to get through your security perimeter unless your security
>model includes safeguards specific to malware that hides within programs.
>The fact that an integrity checking application or utility isn't bundled with
>a particular OS isn't really a flaw in software or design, and such an app
>won't 'identify' the culprit responsible - and that is AV's strength.
>
A proper security model doesn't let a program access outside of a limited
set of areas. A proper security model may no keep the virus from being part
of another program, but can make difficult, if not eliminate the
replication part of the process. Most people are so accustomed the wide
open model of windows, that concepts like executables needing to be in
certain places to run, files execution being determined by security
permissions instead of just names, etc. are overlooked. Access control
lists, etc. are just becoming available for the masses.
>[snip]
>
>
>> >Your last sentences contradicts, not supports your initial point. Just
>> >what is your point?
>>
>> The post I replied to said
>>
>> >Viruses don't depend on software flaws. Even if MS's code
>> >were flawless - viruses could still exist and create a desire
>> >for anti-virus measures.
>> >
>>
>> My point is that the vast majority of virus DO in fact depend on software
>> flaws.
>
>Could you explain? Are you using the term "virus" to include all
>self-replicating malware? If so, this is yet another reason to draw
>a distinction between the two terms "worm" and "virus". A "virus"
>is not something that depends on a flaw in software - it depends
>on the same things that the user depends on to get work done.
>If you remove access to the methods it uses, you no longer have
>a useful machine for the user either.
>
Not true. Useful machines with proper security models have been available
for years. They are still doing useful work. A word processor doesn't need
to create executable files. Games don't need to write to files not part of
the game or in the game directory tree.
>> The complexity of the problem when the software is not so easily
>> exploitable is beyond the capability of crackers and script kiddies. If the
>> software was flawless (not going to happen in any OS) then you have killed
>> the market for AV products.
>
>Not true, because if you remove the so-called 'flaws' that a virus
>uses - you have removed the machines usefulness as well. Yes,
>there may come a time when users will say, "gee - remember back
>when there were computer viruses?" - but I don't think they will be
>using general purpose computers like we are.
>
A general purpose computer means a machine that can be programed for
virtualy unlimited purposes. That doesn't mean that every program on the
machine should have unlimited access to that capability. Most programs
should be limited in what they can access and the functions they perform.
Having system files read only or execute only doesn't reduce their
usability. Memory protection, which limits the memory a program can use, is
necessary for multiprogramming systems. Making parts of the file system off
limits to average programs does not reduce the ability of a machine to be
useful. Limiting the capability of generating an executable to a very
limited set of programs and circumstances doesn't limit the ability of user
to run programs.
JT >> Stay informed about: Why Free? |
|
| Back to top |
|
| |
| Related Topics: | Free anti virus software? - Is there any that are permanently free (ie, no limits after 30 days, etc)
Free or cheap antivirus for school - Hello, can anybody suggest free or cheap antivirus program which I could install on 40-45 computers for students and 10 computers for staff. Example prices are very welcome :) Thanks weeea
Best Free Antivirus program? - Is there a good free antivirus program for Windows, or is that an oxymoron? A friend of mine is looking for antivirus software for her PC, but is very low on cash at the moment. I tried installing AVG on the machine, but the program was horrible. ...
Which free AV prog is best? - Is there a consensus about which of the following free anti virus programs is best? : Antivir, AVG and Avast
Free antivirus - Hi, I need good free antivirus software. Somebody can tell me something about place where I can download it. Thanks Ne |
|
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
|
|
|
FAQ
Profile
Private Messages
Log in
