Main Area and Open Discussion > Living Room
Antivirus companies support virus writers?
wraith808:
"Drive-by" a really cute buzzword loved by paranoid people since it means WHATEVER amount of common sense you have, you can still be screwed! = BUY a sucurity package, you MUST. Almost entirely BS...
--- End quote ---
Scary in it's coincidence, but I almost got screwed by a drive-by this morning. AVG saved me from it... so I don't know about that BS claim. It was my first time running afoul of a virus in a long time, and I hate to think what would have happened had I browsed to the site on my desktop that doesn't have AV software installed...
Bamse:
I am not sure about it either but know I will visit any url on the internet with the exception of those containing pdf, flash exploits. I will not exclude problems with those 2 though most are harmless as long as updates are in place. Javascript turned off in Adobe might help too. Many stretch "drive-by" term just a little bit. Like fake av-scanners are also drive-by etc. They do that for a reason and that is BS. Seems a bit desperate to me but of course you need updated browser, updated everything. Not like nobody is trying to attack.
Well you can fire up any http/web scanner and it will get triggered! Matter of time. What the deal is you will have to find out for your self. Iframe, javascript, can be anything. Msg. from AV are not always that constructive.
f0dder:
Drive-by, by my definition, only covers exploits that can target you without any intervention. I do my daily surfing habits in FF with Adblock and Noscript, with UAC turned on, so I should be mostly safe. But I often forget uninstalling olde JRE versions when a new update has been installed, and I honestly don't remember keeping flash up to date... The day one of my whitelisted sites are hacked (thankfully not just a banner server used by whitelisted site, as I run ABP) I could get hit by malware. Combine that with a successful privilege escalation, and I'd end up rootkitted.
Bamse:
Good that Java updates now patch old version and you no longer has to remove leftovers.
I am hysteric with updates. Usually get them few hours after release. Secunia rules :)
Try turn it 180 degrees. Look at webservers, webscripts like Wordpress. Huge problems if stuff is not updated. Majority have no clue so say thanks to autoupdate there as well.
This afternoon I was testing Filezilla server. 10 min. after it was active I noticed activity. A known brute force IP from China tried to log in, like for 45 min :) I watched all the time. Now I did set pword but what if I did not. Was just testing. May be I had to get a beer and forgot. One must think security all the time without getting all crazy. Also take notice and learn. I had no clue a ftp-server could be target so fast.
f0dder:
Bamse: thing is, you and I and a whole bunch of other people around here are power users - regular users can't really be expected to be as cautious. As for 10mins before automated ftp exploit attempt, that's not superfast really... the net is full of garbage traffic, NAT'ing routers = :-*. Try putting an unpatched XP box in your DMZ... I'll be surprised if it lasts 10min before being rooted :)
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version