Antivirus Software Isn't Very Secure, Researchers Find

bluefirecorp

legendary

Activity: 882

Merit: 1000

Quote from: vit1988 on July 29, 2014, 02:38:21 PM

Quote from: bluefirecorp on July 28, 2014, 10:04:08 PM

Congratulation, you have no idea how security works!

Security works in layers. Say you have a security guard right? Well, a security guard can actually be a HUGE vulnerability in your company if he's bribed to help during the theft.

That means we should get rid of all security guards because it's possible for them to be corrupted, right?

nah. not because they are corrupted but because they are blind. do you really need that blind security guard at your front door who is molesting your friends and only keeping the really obvious stupid thieves out when on the other hand you have a dozen backdoors and windows open?

This blind guy kinda helps:

But seriously, are you really that naive? That's like saying a firewall is insecure because technically once you get access to it, you can see ALL the rules on it to find all the weak points of access on the network.

Sure, it's possible that some of the AV software has escalation vulnerability, but really, in today's world, so fucking what? Cryptolocker doesn't give a shit rather you're root or not. The only AV's security vulnerability that'd actually scare me is enterprise AV with it's ability to deploy to multiple workstations in a domain network.

b!z

legendary

Activity: 1582

Merit: 1010

AV is snakeoil.

rohnearner

sr. member

Activity: 350

Merit: 252

REAL-EYES || REAL-IZE || REAL-LIES||

I'm not good with explaining things but I'll prefer to have an AV protection rather not having it.
I don't listen to those studies most of the times tonight they will say this works and next day they'll say that sucks :p few times they are simply not worth it and few times these studies are misinterpreted by readers that looks like the case here.
Its true that you can't totally rely on AV for you security online and you have to be careful while choosing one , but clearly having one helps.

vit1988

sr. member

Activity: 313

Merit: 250

i ♥ coinichiwa

Quote from: bluefirecorp on July 28, 2014, 10:04:08 PM

Congratulation, you have no idea how security works!

Security works in layers. Say you have a security guard right? Well, a security guard can actually be a HUGE vulnerability in your company if he's bribed to help during the theft.

That means we should get rid of all security guards because it's possible for them to be corrupted, right?

nah. not because they are corrupted but because they are blind. do you really need that blind security guard at your front door who is molesting your friends and only keeping the really obvious stupid thieves out when on the other hand you have a dozen backdoors and windows open?

catena5260

sr. member

Activity: 476

Merit: 501

Anything would be unsecure if an idiot is using it. Antivirus did really help a lot, but you have to remain vigilant. You should know how to keep your computers safe. No system is 100 percent secure even the software use by the government.

crystalsum

full member

Activity: 182

Merit: 100

Welll surely having an AV is better than not having one ?

TheIrishman

legendary

Activity: 1049

Merit: 1006

Quote from: Brewins on July 29, 2014, 05:21:12 AM

The virus are too dynamic for the antivirus be an effiecient way to block then, plus the user will fell overconfident with an antivirus, and will engage in risky behavior, unlike the situation without antivirus.

That's precisely the point. The whole multibillion "antivirus" industry grew using scaremongering tactics while offering users the illusion that they'd be protected if they installed their crappy programs (which 99.999999% of the time won't stop the viruses that will effectively cause harm, mostly the so-called zero-day viruses). The main effect of that was to help turn generations of computer users into lazy idiots with no clue as to how things work in their computer systems. There is no way around that - either users learn the basics of how their operating systems work and learn about good basic security practices, or they are going to get infected by some type of malware sooner or later. There are no multiple "layers of protection", it all comes down to one single "layer" in the end: the user's awareness of what he is doing. The best "antivirus" ever will always be a little something called common sense.

DrG

legendary

Activity: 2086

Merit: 1035

Quote from: Brewins on July 29, 2014, 05:21:12 AM

That is what people in the info security said.

The virus are too dynamic for the antivirus be an effiecient way to block then, plus the user will fell overconfident with an antivirus, and will engage in risky behavior, unlike the situation without antivirus.

Humans are constantly striving to become better idiots. Unfortunately the safety net of antivirus software doesn't help these improved idiots, it enables them to do more stupid stuff. Stupidity should be more painful than it currently is.

medUSA

legendary

Activity: 952

Merit: 1005

--Signature Designs-- http://bit.ly/1Pjbx77

These researchers are stating the obvious. However, it is a message they should be repeating over and over again to warn complacent users that they are at risk. They made a good point though, vulnerability comes from the common things most people install thinking they are safe:

Quote

"With Java, or Adobe Reader, or Flash, you have good targets — if you find a vulnerability, you know that millions of PCs are affected," Marx said. "There are a lot more antivirus products on the market, so you won't easily reach a high infection rate if you exploit a security vulnerability there."

Brewins

legendary

Activity: 1120

Merit: 1000

That is what people in the info security said.

The virus are too dynamic for the antivirus be an effiecient way to block then, plus the user will fell overconfident with an antivirus, and will engage in risky behavior, unlike the situation without antivirus.

DrG

legendary

Activity: 2086

Merit: 1035

AV software is just another hurdle for viruses. If you really want to get an infection on your machines just sit a 15 year old teenager in front of it and they will defeat it. The multiple layers noted above work as long as they keep moving (like cars in the frogger game).

bluefirecorp

legendary

Activity: 882

Merit: 1000

Quote from: lihuajkl on July 29, 2014, 03:17:07 AM

Quote from: bluefirecorp on July 28, 2014, 10:04:08 PM

Congratulation, you have no idea how security works!

Security works in layers. Say you have a security guard right? Well, a security guard can actually be a HUGE vulnerability in your company if he's bribed to help during the theft.

That means we should get rid of all security guards because it's possible for them to be corrupted, right?

None sense! The company hired wrong security guard or applied outdated antivirus software. It's their own fault.

Anyone can be converted. Rather it be blackmail, extortion, family being held ransom, a huge bribe, people can be swayed.

As I said, security works in layers. Doesn't matter if you have the absolute best AV in the world if your user just disables it because it "popped up and was being annoying".

lihuajkl

legendary

Activity: 1596

Merit: 1000

Quote from: bluefirecorp on July 28, 2014, 10:04:08 PM

Congratulation, you have no idea how security works!

Security works in layers. Say you have a security guard right? Well, a security guard can actually be a HUGE vulnerability in your company if he's bribed to help during the theft.

That means we should get rid of all security guards because it's possible for them to be corrupted, right?

None sense! The company hired wrong security guard or applied outdated antivirus software. It's their own fault.

strijelac2311

member

Activity: 61

Merit: 10

Antivirus Software Isn't Very Secure this is true , you have proffesional virus and anti virus , but antivirus cannot find a strong virus this is true , but the most of them are home made

so they are low and your antivirus can find them but you also have and strong and great made virus ! If you ask me the best are Nod 32 7/8 and Avast !

zetaray

hero member

Activity: 658

Merit: 500

Antivirus is 100% fool proof. We all know that. Viruses and malware evolve everyday, it is unreasonable to assume it can detect every new string of virus. The best security is yourself: Don't click and open every link you see.

chogath

newbie

Activity: 54

Merit: 0

Antivirus software's are effective when you also stay aware of your data usage, some may slow down your system usage, some may kill important activities which you need. So better take the one with high market reputation.

bluefirecorp

legendary

Activity: 882

Merit: 1000

Quote from: TheIrishman on July 29, 2014, 12:52:21 AM

Quote from: bluefirecorp on July 28, 2014, 10:04:08 PM

Congratulation, you have no idea how security works!

Security works in layers. Say you have a security guard right? Well, a security guard can actually be a HUGE vulnerability in your company if he's bribed to help during the theft.

That means we should get rid of all security guards because it's possible for them to be corrupted, right?

Wow! Thanks for enlightening me! What a perfect metaphor! You're the man!

I'm pretty awesome, aren't I?

But seriously, people don't start uninstalling your anti-virus software. Doing so would be rather silly and killing one of your last layers of security.

TheIrishman

legendary

Activity: 1049

Merit: 1006

Quote from: bluefirecorp on July 28, 2014, 10:04:08 PM

Congratulation, you have no idea how security works!

Security works in layers. Say you have a security guard right? Well, a security guard can actually be a HUGE vulnerability in your company if he's bribed to help during the theft.

That means we should get rid of all security guards because it's possible for them to be corrupted, right?

Wow! Thanks for enlightening me! What a perfect metaphor! You're the man!

bluefirecorp

legendary

Activity: 882

Merit: 1000

Congratulation, you have no idea how security works!

Security works in layers. Say you have a security guard right? Well, a security guard can actually be a HUGE vulnerability in your company if he's bribed to help during the theft.

That means we should get rid of all security guards because it's possible for them to be corrupted, right?

TheIrishman

legendary

Activity: 1049

Merit: 1006

Antivirus Software Isn't Very Secure, Researchers Find

http://www.tomsguide.com/us/antivirus-software-insecure,news-19227.html

<< Antivirus software is often just as insecure as the software it's meant to protect — and running it might make you even more insecure, according to a researcher with Singapore-based security firm Coseinc. >>

P.S.: nothing new here, but the number of morons who trust these pieces of crap is astounding. Flame on!

Topic: Antivirus Software Isn't Very Secure, Researchers Find (Read 1410 times)