Main Area and Open Discussion > Living Room
Antivirus companies support virus writers?
Crush:
I do believe most viruses are created and spreaded by antivirus producers. The amount is too big to make me believe there are hundret thousands of hobby-anarchists with virus-coding expertise out there and other things as written in the linked artikle like the virus design that also shows there are other reasons to virus creators than creating malfunctions, heavy damage or getting personal informations. How is it possible that these companies have the signs and copies of new viruses often hours before it has been spreaded wide ranged? The solutions for new ones are out there faster than light. This is too good to be true.
Nearly all virus signs are collected/created by only a few companies that sell them for money to other antivirus software creators (64-Bit chains, the names and informations how to delete them).
A few weeks ago I´ve seen a report from a hacker convention and one hacker explained a new way for system intrusion to open the full remote computer access. In a following interview he made a big party and told that he already has signed extremely good payed contracts with a lot of "antivirus firms" worldwide to licence his intrusion system. I wonder why?
I know of some programs that enforce false alarms in AV progs. Even by supporting the sourcecode and all possible informations they resisted to include the professional program of a friend in the white list - they expected payment to do so. This is a disturbing behaviour for someone who should be a servant to computer users and hasn´t been called the god of what´s a virus and what isn´t.
The explanation is simple: If there is a market that can create its own reason for existance for financial interest it will be done. There are a lot of examples and lobbies besides antivirus software that do the same in their branch. If there is a way to raise the profit there is no frontier - legal or illegal - for the most companies. You can find these "black sheeps" everywhere in all imaginable industries.
Stoic Joker:
I've been harboring much the same ill feelings toward AV companies for years. I'm an advocate for common sense, it's twice as effective, uses (wastes) no system resources, and is free.-Stoic Joker (February 18, 2010, 07:04 AM)
--- End quote ---
And unfortunately doesn't protect you against drive-by exploits on hacked legitimate sites :/ - the only thing I've been hit by the last 10+ years. (I still don't run any AV software, though :)).-f0dder (February 18, 2010, 07:06 AM)
--- End quote ---
True, but AV software can't "protect" you from a hacked legitimate site either. Drive-bys ... part of Common Sense (these days) involves reduced permissions & UAC which is a combo that even works on the 0 day stuff the AV types haven't had time to respond to yet.
wraith808:
I've been harboring much the same ill feelings toward AV companies for years. I'm an advocate for common sense, it's twice as effective, uses (wastes) no system resources, and is free.-Stoic Joker (February 18, 2010, 07:04 AM)
--- End quote ---
And unfortunately doesn't protect you against drive-by exploits on hacked legitimate sites :/ - the only thing I've been hit by the last 10+ years. (I still don't run any AV software, though :)).
-f0dder (February 18, 2010, 07:06 AM)
--- End quote ---
It is also not feasible when you have young children using the computer. They only go to sites which I approve, but even the advertising on some of those sites is suspect and a prime candidate for someday having a drive-by.
f0dder:
True, but AV software can't "protect" you from a hacked legitimate site either. Drive-bys ... part of Common Sense (these days) involves reduced permissions & UAC which is a combo that even works on the 0 day stuff the AV types haven't had time to respond to yet.-Stoic Joker (February 18, 2010, 09:35 AM)
--- End quote ---
UAC is nice, and I depend on a combo of UAC and FireFox with adblock+noscript - obviously noscript won't help me if a legitimate whitelisted site is hacked, though. And UAC wouldn't have protected me against the NTVDM local privilege escalation if I had been on a 32bit system.
OTOH an antivirus product (or rather, HIPS) depending not just on stupid static analysis but some decent kernel-mode hooks wcould add an extra layer of protection.
Stoic Joker:
True, but AV software can't "protect" you from a hacked legitimate site either. Drive-bys ... part of Common Sense (these days) involves reduced permissions & UAC which is a combo that even works on the 0 day stuff the AV types haven't had time to respond to yet.-Stoic Joker (February 18, 2010, 09:35 AM)
--- End quote ---
UAC is nice, and I depend on a combo of UAC and FireFox with adblock+noscript - obviously noscript won't help me if a legitimate whitelisted site is hacked, though. And UAC wouldn't have protected me against the NTVDM local privilege escalation if I had been on a 32bit system.-f0dder (February 18, 2010, 09:54 AM)
--- End quote ---
Bad enough we're going off on a tanget, now I gota dice through which context we're in. :) Neither of us is a typical/average user and it's pointless to drag through the move countermove NTVDM exploit could be avoided by killing unused 16bit subsystem vs. Joe average has no Idea what/how/where that is/is done nonsense. ...As it's nowhere near the threads topic.
OTOH an antivirus product (or rather, HIPS) depending not just on stupid static analysis but some decent kernel-mode hooks wcould add an extra layer of protection.
--- End quote ---
Sure (layers are good), and it would even be an effective one if the AV sales drones would stop hyping it as a Magic Bullet.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version