Re: [Full-disclosure] No anti-virus software? No internet connection
...snip... The product that fail miserably, throughout the year(s?) should be declared unfit for purpose ...like an expired food which is harmful for health. Basically it is an interesting thought. I see a challenge though. Is 3 failures per year miserable? Or should we raise the limit to 10? Or lower it to 1? You get the point. The criteria to determine if a product fails miserably is not a fact, but a decision. Comparing it with expired food: I throw away food before the expiration date because I can see the fungus on it and decide it is not safe to eat it. On the other hand I consume food way after the expiration date because it is perfectly fine food. This error margin is caused by the statistics behind the expiration date: be on the safe side and prefer the chance to throw away good food than the chance to accept bad food. If its a technological problem overall, maybe they should move to application white-listing or something better... Sure, awareness and thinking is better. But some people don't think and than technological measures is about all the protection they really have. thanks, -bipin Cor ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
I recognize that. You'll learn fast to turn off your anti virus software when you want to use cain, netcat and a lot more. The anti virus software doesn't only protect you against attacks, but it also prevent you to attack others. Cor -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full- disclosure-boun...@lists.grok.org.uk] On Behalf Of Jan Schejbal Sent: woensdag 23 juni 2010 19:24 To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] No anti-virus software? No internet connection Am 22.06.2010 17:16, schrieb Paul Schmehl: Yes, you should use antivirus software if you're running windows Nope. For regular users clicking every link and using firefox and office and nothing else, maybe. But for somewhat experienced people with a large toolset on the machine: NO! Approximately once a month I had to persuade the AV vendor that they REALLY need to check if some tool is a false positive. It always was. The most annoying part was when the MS malware removal tool had a false-positive and deleted without asking. It would be interesting to compare the damage actually avoided by virus scanners to the damages and costs they cause (including false-positives wiping out system files, the hassle with updates/deployment and the cost of the products). Gruß Jan -- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
On Thu, June 24, 2010 09:42, Cor Rosielle wrote: ...snip... The product that fail miserably, throughout the year(s?) should be declared unfit for purpose ...like an expired food which is harmful for health. Basically it is an interesting thought. I see a challenge though. Is 3 failures per year miserable? Or should we raise the limit to 10? Or lower it to 1? You get the point. The criteria to determine if a product fails The answer to that kind of question is quite often related to the industry average. For example no more failures than one standard deviation below the industry average. Regards, Walter ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
On Thu, 24 Jun 2010 09:47:01 +0200, Walter van Holst said: The answer to that kind of question is quite often related to the industry average. For example no more failures than one standard deviation below the industry average. Ahh.. but that doesn't really help either. Consider that not all failures are created equal. Should a failure to detect some unknown basically harmless strain that's only been seen on 4 machines in Zimbabwe count the same as failing to notice that a machine is still infected with Code Red or something that's virulent and malicious and on a very large current burn? Do you even care it didn't detect the Zimbabwe strain your machine has never been exposed to? For that matter, do you really want to create a situation where the various A/V companies now have an *incentive* to make sure their competitors don't detect something (either by failing to share data, or resorting to having malware custom-crafted)? The only reason the whole A/V industry manages to keep up safe at all is because they're in general cooperating. If each one had to do all the research themselves, the prices would go up and quality would go down. pgpvwd5dZHPMu.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
On Thu, June 24, 2010 11:08, valdis.kletni...@vt.edu wrote: The answer to that kind of question is quite often related to the industry average. For example no more failures than one standard deviation below the industry average. Ahh.. but that doesn't really help either. Consider that not all failures are created equal. Should a failure to detect some unknown basically harmless strain that's only been seen on 4 machines in Zimbabwe count the same as failing to notice that a machine is still infected with Code Red or something that's virulent and malicious and on a very large current burn? Do you even care it didn't detect the Zimbabwe strain your machine has never been exposed to? Of course any way of measuring it will be fundamentally flawed in certain ways. There is always that pesky 80/20 or 90/10 rule. And you can of course figure out a way of correcting for corner cases, but that will only create additional corner cases. That's what makes lawyering on product liability a craft at best and usually some form of black magic. For that matter, do you really want to create a situation where the various A/V companies now have an *incentive* to make sure their competitors don't detect something (either by failing to share data, or resorting to having malware custom-crafted)? The only reason the whole A/V industry And yes, there may very well be unintended consequences. Nonetheless, I feel the era of complete exoneration from product liability is coming to an end for packaged software. Especially in the security industry. It is just a matter of an 'unsafe at any speed' moment occurring and there will be legislation, however braindead such legislation may be from an engineering viewpoint. Call me a pessimist, but we've been putting way too much critical stuff on internet connected systems while at the same neglecting basic hygiene at every level not to have some disaster to happen. It isn't so much a question of if but when that will happen. Regards, Walter ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
I wonder if someone writes down all that pseudo-intellectual philosophical bullshit that is so carefully crafted by FD members (myself included)? Maybe I should: ??? Profit -Travis On Thu, Jun 24, 2010 at 5:45 AM, Walter van Holst walter.van.ho...@xs4all.nl wrote: On Thu, June 24, 2010 11:08, valdis.kletni...@vt.edu wrote: The answer to that kind of question is quite often related to the industry average. For example no more failures than one standard deviation below the industry average. Ahh.. but that doesn't really help either. Consider that not all failures are created equal. Should a failure to detect some unknown basically harmless strain that's only been seen on 4 machines in Zimbabwe count the same as failing to notice that a machine is still infected with Code Red or something that's virulent and malicious and on a very large current burn? Do you even care it didn't detect the Zimbabwe strain your machine has never been exposed to? Of course any way of measuring it will be fundamentally flawed in certain ways. There is always that pesky 80/20 or 90/10 rule. And you can of course figure out a way of correcting for corner cases, but that will only create additional corner cases. That's what makes lawyering on product liability a craft at best and usually some form of black magic. For that matter, do you really want to create a situation where the various A/V companies now have an *incentive* to make sure their competitors don't detect something (either by failing to share data, or resorting to having malware custom-crafted)? The only reason the whole A/V industry And yes, there may very well be unintended consequences. Nonetheless, I feel the era of complete exoneration from product liability is coming to an end for packaged software. Especially in the security industry. It is just a matter of an 'unsafe at any speed' moment occurring and there will be legislation, however braindead such legislation may be from an engineering viewpoint. Call me a pessimist, but we've been putting way too much critical stuff on internet connected systems while at the same neglecting basic hygiene at every level not to have some disaster to happen. It isn't so much a question of if but when that will happen. Regards, Walter ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C http://pgp.mit.edu:11371/pks/lookup?search=tbiehnop=indexfingerprint=on http://pastebin.com/f6fd606da ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
On 23 Jun 2010 at 19:23, Jan Schejbal wrote: It would be interesting to compare the damage actually avoided by virus scanners to the damages and costs they cause (including false-positives wiping out system files, the hassle with updates/deployment and the cost of the products). The mathematical relationship between this total cost of ownership and malware mutation rates will be particularly interesting. I suspect that TCO is proportional to malware numbers, and as malware is mutating at 243% per year, +/- error, that would imply that TCO is rising by the proportionate amount, purely due to malware mutation. This in addition to the numerous other aspects of certain desktop platforms, also known to inflate TCO. The solution? Dump the platform. That, or hitch your budget to an exponential curve. Stu --- Stuart Udall stuart a...@cyberdelix.dot net - http://www.cyberdelix.net/ --- * Origin: lsi: revolution through evolution (192:168/0.2) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
Ok, so let them make it mandatory. Everyone will just run Fake AV. Business as usual. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
Cor , Sometimes you need anarchy to spread awareness! Which is primary priority... Rest are secondary issues. What next? Government should keep an updated statistic of antivrus software that can survive the wild (well most of the time) and those softwares that fail to do so at largest occasions. A public, unbiased statistics should be published about it for the welfare of the consumers. Freedom of information act? The product that fail miserably, throughout the year(s?) should be declared unfit for purpose ...like an expired food which is harmful for health. If its a technological problem overall, maybe they should move to application white-listing or something better... thanks, -bipin On 6/22/10, Cor Rosielle c...@outpost24.com wrote: Believe it or not, I do use anti virus on my Windows machine at home and even accept automatic updates (although MacAfee proved this is a serious threat). But anti virus is only the second line of defense or the third. The first line of defense is to think before you launch a file. If a file is unexpected, then I simply don't trust it. On several occasions this prevented virus infection with an up to date AV-scanner (Symantec - I put the file in a folder to further explore it after some days and then the AV-scanner did recognize the virus). AV software does fail too. For any home user who doesn't think or doesn't care, AV-software is probably a good starting point to give some limited protection for Windows systems. But such an home should realize he/she also runs risk when running AV-software and might experience a false sense of security. And if they don't think or don't care, they should think twice before complaining when it turns out bad. For any home user who do think or do care, AV-software can be a good addition to protect Windows systems, but that is not guaranteed. Realize that sometimes the cure is worse than the disease and also that malicious anti virus software does exist. Anti virus is not bad by definition. It is neither good by definition. And I repeat: Tom has a point that end-users must take some responsibility for their own computer. I just regret politicians make a lot of fuzz about legislation that only helps a bit in some cases and invite civilians to lean backward and believe they are secure because they have followed the rules. Cor -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full- disclosure-boun...@lists.grok.org.uk] On Behalf Of Tom Grace Sent: dinsdag 22 juni 2010 11:29 To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] No anti-virus software? No internet connection What would you advise a typical home user do to stay virus/trojan/other shit free ? Working on the assumption that they can't tell the difference (and really, shouldn't have to) between dangerous and safe files. AV software is pretty lacking, and the best advice I can think to give users is that everyone on the Internet is out to get you Tom On 06/22/2010 10:11 AM, Cor Rosielle wrote: Brilliant thinking. Let's install anti virus and increase the computers attack surface without further thinking. That must be safe because politicians tell us to do so. And we all know that politicians always tell the truth and happen to know a lot about PC's an security. Sigh. Tom has a point that end-users must take some responsibility for their own computer, but that doesn't mean that anti virus is the one and only solution. But if you think anti virus is the silver bullet to make this world saver, then dream your dreams and I'll dream mine. Cor From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Christian Sciberras Sent: dinsdag 22 juni 2010 10:56 To: Tom Grace Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] No anti-virus software? No internet connection I completely agree with Tom. A good fraction of all vulns out there rely on the user taking the wrong action, and it's way common (just face the truth). How many people install cracked OSes? I was once incredulous that a person willingly installed a virus because he claimed it was harmless (while the anti-virus shouted trojan). Sometimes I get to fix people's computers. I'm always amazed by the amount of crap I get in contact with. Hundreds of browser toolbars, antiviruses, shareware, adware, trials, torrent clients, media players etc. That not counting the local IT shops which format PCs replacing (typically) Windows OS with a cracked one. On Tue, Jun 22, 2010 at 9:42 AM, Tom Gracet...@deathbycomputers.co.uk wrote: In a way having a requirement that end-users take some responsibility for their own computer is a good thing. Similar to prosecuting people for fraud if they fall for one of the cash scams. On 06/22/2010 05:37 AM, Ivan . wrote: yep
Re: [Full-disclosure] No anti-virus software? No internet connection
Am 22.06.2010 17:16, schrieb Paul Schmehl: Yes, you should use antivirus software if you're running windows Nope. For regular users clicking every link and using firefox and office and nothing else, maybe. But for somewhat experienced people with a large toolset on the machine: NO! Approximately once a month I had to persuade the AV vendor that they REALLY need to check if some tool is a false positive. It always was. The most annoying part was when the MS malware removal tool had a false-positive and deleted without asking. It would be interesting to compare the damage actually avoided by virus scanners to the damages and costs they cause (including false-positives wiping out system files, the hassle with updates/deployment and the cost of the products). Gruß Jan -- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
In a way having a requirement that end-users take some responsibility for their own computer is a good thing. Similar to prosecuting people for fraud if they fall for one of the cash scams. On 06/22/2010 05:37 AM, Ivan . wrote: yep, your tax $$$ at work Don't forget there Internet filter as well.. With these rocket scientist running the show, what's there to worry about http://blogs.news.com.au/techblog/index.php/news/comments/finally_theres_protection_against_spams_and_scams On Tue, Jun 22, 2010 at 2:32 PM, Jubei Trippataka vpn.1.fana...@gmail.com wrote: They had a committee working on this for a year and that's the best they could come up with? HAHAHAHA. Belinda Neal - With idiots like you and your colleagues tackling this issue, tax payers deserve to burn you at the stake. BTW... are you really a du0d? -- ciao JT ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
I completely agree with Tom. A good fraction of all vulns out there rely on the user taking the wrong action, and it's way common (just face the truth). How many people install cracked OSes? I was once incredulous that a person willingly installed a virus because he claimed it was harmless (while the anti-virus shouted trojan). Sometimes I get to fix people's computers. I'm always amazed by the amount of crap I get in contact with. Hundreds of browser toolbars, antiviruses, shareware, adware, trials, torrent clients, media players etc. That not counting the local IT shops which format PCs replacing (typically) Windows OS with a cracked one. On Tue, Jun 22, 2010 at 9:42 AM, Tom Grace t...@deathbycomputers.co.ukwrote: In a way having a requirement that end-users take some responsibility for their own computer is a good thing. Similar to prosecuting people for fraud if they fall for one of the cash scams. On 06/22/2010 05:37 AM, Ivan . wrote: yep, your tax $$$ at work Don't forget there Internet filter as well.. With these rocket scientist running the show, what's there to worry about http://blogs.news.com.au/techblog/index.php/news/comments/finally_theres_protection_against_spams_and_scams On Tue, Jun 22, 2010 at 2:32 PM, Jubei Trippataka vpn.1.fana...@gmail.com wrote: They had a committee working on this for a year and that's the best they could come up with? HAHAHAHA. Belinda Neal - With idiots like you and your colleagues tackling this issue, tax payers deserve to burn you at the stake. BTW... are you really a du0d? -- ciao JT ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
Brilliant thinking. Lets install anti virus and increase the computers attack surface without further thinking. That must be safe because politicians tell us to do so. And we all know that politicians always tell the truth and happen to know a lot about PCs an security. Sigh. Tom has a point that end-users must take some responsibility for their own computer, but that doesn't mean that anti virus is the one and only solution. But if you think anti virus is the silver bullet to make this world saver, then dream your dreams and I'll dream mine. Cor From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Christian Sciberras Sent: dinsdag 22 juni 2010 10:56 To: Tom Grace Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] No anti-virus software? No internet connection I completely agree with Tom. A good fraction of all vulns out there rely on the user taking the wrong action, and it's way common (just face the truth). How many people install cracked OSes? I was once incredulous that a person willingly installed a virus because he claimed it was harmless (while the anti-virus shouted trojan). Sometimes I get to fix people's computers. I'm always amazed by the amount of crap I get in contact with. Hundreds of browser toolbars, antiviruses, shareware, adware, trials, torrent clients, media players etc. That not counting the local IT shops which format PCs replacing (typically) Windows OS with a cracked one. On Tue, Jun 22, 2010 at 9:42 AM, Tom Grace t...@deathbycomputers.co.uk wrote: In a way having a requirement that end-users take some responsibility for their own computer is a good thing. Similar to prosecuting people for fraud if they fall for one of the cash scams. On 06/22/2010 05:37 AM, Ivan . wrote: yep, your tax $$$ at work Don't forget there Internet filter as well.. With these rocket scientist running the show, what's there to worry about http://blogs.news.com.au/techblog/index.php/news/comments/finally_theres_pro tection_against_spams_and_scams On Tue, Jun 22, 2010 at 2:32 PM, Jubei Trippataka vpn.1.fana...@gmail.com wrote: They had a committee working on this for a year and that's the best they could come up with? HAHAHAHA. Belinda Neal - With idiots like you and your colleagues tackling this issue, tax payers deserve to burn you at the stake. BTW... are you really a du0d? -- ciao JT ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
What would you advise a typical home user do to stay virus/trojan/other shit free ? Working on the assumption that they can't tell the difference (and really, shouldn't have to) between dangerous and safe files. AV software is pretty lacking, and the best advice I can think to give users is that everyone on the Internet is out to get you Tom On 06/22/2010 10:11 AM, Cor Rosielle wrote: Brilliant thinking. Let’s install anti virus and increase the computers attack surface without further thinking. That must be safe because politicians tell us to do so. And we all know that politicians always tell the truth and happen to know a lot about PC’s an security. Sigh. Tom has a point that end-users must take some responsibility for their own computer, but that doesn't mean that anti virus is the one and only solution. But if you think anti virus is the silver bullet to make this world saver, then dream your dreams and I'll dream mine. Cor From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Christian Sciberras Sent: dinsdag 22 juni 2010 10:56 To: Tom Grace Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] No anti-virus software? No internet connection I completely agree with Tom. A good fraction of all vulns out there rely on the user taking the wrong action, and it's way common (just face the truth). How many people install cracked OSes? I was once incredulous that a person willingly installed a virus because he claimed it was harmless (while the anti-virus shouted trojan). Sometimes I get to fix people's computers. I'm always amazed by the amount of crap I get in contact with. Hundreds of browser toolbars, antiviruses, shareware, adware, trials, torrent clients, media players etc. That not counting the local IT shops which format PCs replacing (typically) Windows OS with a cracked one. On Tue, Jun 22, 2010 at 9:42 AM, Tom Gracet...@deathbycomputers.co.uk wrote: In a way having a requirement that end-users take some responsibility for their own computer is a good thing. Similar to prosecuting people for fraud if they fall for one of the cash scams. On 06/22/2010 05:37 AM, Ivan . wrote: yep, your tax $$$ at work Don't forget there Internet filter as well.. With these rocket scientist running the show, what's there to worry about http://blogs.news.com.au/techblog/index.php/news/comments/finally_theres_pro tection_against_spams_and_scams On Tue, Jun 22, 2010 at 2:32 PM, Jubei Trippataka vpn.1.fana...@gmail.comwrote: They had a committee working on this for a year and that's the best they could come up with? HAHAHAHA. Belinda Neal - With idiots like you and your colleagues tackling this issue, tax payers deserve to burn you at the stake. BTW... are you really a du0d? -- ciao JT ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I agree in principal, security does start with the user. However, computers and connected computing devices with the advent of locked down systems and cartoon like user interfaces, have become consumer devices. These devices no longer require any knowledge of how they work nor skill beyond basic reading and rudimentary hand eye co-ordination to operate. They are being used by six year olds and grandmothers, IT security guru's and those with learning difficulties. This is true of the Internet also, it is a consumer playground. Hardware, software and system developers have done a great job in making all this power and connectivity available to those who can't or don't want to think. But a features first, security second approach seems all too prevalent. It's only the stuff on show that sells! Should the security of complex consumer devices be the responsibility of a potentially incompetent user, or the developers of such systems who are fully aware of the failings in their target audience? regards On 22/06/2010 09:56, Christian Sciberras wrote: I completely agree with Tom. A good fraction of all vulns out there rely on the user taking the wrong action, and it's way common (just face the truth). How many people install cracked OSes? I was once incredulous that a person willingly installed a virus because he claimed it was harmless (while the anti-virus shouted trojan). Sometimes I get to fix people's computers. I'm always amazed by the amount of crap I get in contact with. Hundreds of browser toolbars, antiviruses, shareware, adware, trials, torrent clients, media players etc. That not counting the local IT shops which format PCs replacing (typically) Windows OS with a cracked one. On Tue, Jun 22, 2010 at 9:42 AM, Tom Grace t...@deathbycomputers.co.ukwrote: In a way having a requirement that end-users take some responsibility for their own computer is a good thing. Similar to prosecuting people for fraud if they fall for one of the cash scams. On 06/22/2010 05:37 AM, Ivan . wrote: yep, your tax $$$ at work Don't forget there Internet filter as well.. With these rocket scientist running the show, what's there to worry about http://blogs.news.com.au/techblog/index.php/news/comments/finally_theres_protection_against_spams_and_scams On Tue, Jun 22, 2010 at 2:32 PM, Jubei Trippataka vpn.1.fana...@gmail.com wrote: They had a committee working on this for a year and that's the best they could come up with? HAHAHAHA. Belinda Neal - With idiots like you and your colleagues tackling this issue, tax payers deserve to burn you at the stake. BTW... are you really a du0d? -- ciao JT ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ - -- Mankind's systems are white sticks tapping walls. Thanks Roy http://www.propergander.org.uk -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBTCCFA7Ivn8UFHWSmAQKPywf8CmdPJvwibGI2f6/3dJKMo2glRAvGzWNi 9VY6cU0ymjEGdC53gcbz7pb/D60aotU5xu6LvSx4qqQLJnvjFl2yKPGleT8VVvP8 UUqe891ZLnWDtWTHrdhP8REoSdsdyuQpZisnvBmb7r4gZVdhnzZVaoZcF5okn5wI Wm7XWrNFjj4fJkXCsv1r/3g2CDgRpHLDgTfd4xt5t2hqYUcnusjb9CO+6lRABtOW sbBDXa3y4PTAzAkD0MdlIXmEzjQsGopkNKJt1Uw6X57h1rjg31KOjCZea+/S9ozn 0CedmA7DT257hJpKOssboP1LyaLyvmEhVwBfsu4eeH490TE18NKIZQ== =pUSe -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
On 2010-06-22 11:28, Tom Grace wrote: What would you advise a typical home user do to stay virus/trojan/other shit free ? Working on the assumption that they can't tell the difference (and really, shouldn't have to) between dangerous and safe files. Give them an iPhone/iPad instead? ;) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
Exactly. Or a jail cell. On Tue, Jun 22, 2010 at 11:38 AM, Dimitry Andric dimi...@andric.com wrote: On 2010-06-22 11:28, Tom Grace wrote: What would you advise a typical home user do to stay virus/trojan/other shit free ? Working on the assumption that they can't tell the difference (and really, shouldn't have to) between dangerous and safe files. Give them an iPhone/iPad instead? ;) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
Believe it or not, I do use anti virus on my Windows machine at home and even accept automatic updates (although MacAfee proved this is a serious threat). But anti virus is only the second line of defense or the third. The first line of defense is to think before you launch a file. If a file is unexpected, then I simply don't trust it. On several occasions this prevented virus infection with an up to date AV-scanner (Symantec - I put the file in a folder to further explore it after some days and then the AV-scanner did recognize the virus). AV software does fail too. For any home user who doesn't think or doesn't care, AV-software is probably a good starting point to give some limited protection for Windows systems. But such an home should realize he/she also runs risk when running AV-software and might experience a false sense of security. And if they don't think or don't care, they should think twice before complaining when it turns out bad. For any home user who do think or do care, AV-software can be a good addition to protect Windows systems, but that is not guaranteed. Realize that sometimes the cure is worse than the disease and also that malicious anti virus software does exist. Anti virus is not bad by definition. It is neither good by definition. And I repeat: Tom has a point that end-users must take some responsibility for their own computer. I just regret politicians make a lot of fuzz about legislation that only helps a bit in some cases and invite civilians to lean backward and believe they are secure because they have followed the rules. Cor -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full- disclosure-boun...@lists.grok.org.uk] On Behalf Of Tom Grace Sent: dinsdag 22 juni 2010 11:29 To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] No anti-virus software? No internet connection What would you advise a typical home user do to stay virus/trojan/other shit free ? Working on the assumption that they can't tell the difference (and really, shouldn't have to) between dangerous and safe files. AV software is pretty lacking, and the best advice I can think to give users is that everyone on the Internet is out to get you Tom On 06/22/2010 10:11 AM, Cor Rosielle wrote: Brilliant thinking. Let's install anti virus and increase the computers attack surface without further thinking. That must be safe because politicians tell us to do so. And we all know that politicians always tell the truth and happen to know a lot about PC's an security. Sigh. Tom has a point that end-users must take some responsibility for their own computer, but that doesn't mean that anti virus is the one and only solution. But if you think anti virus is the silver bullet to make this world saver, then dream your dreams and I'll dream mine. Cor From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Christian Sciberras Sent: dinsdag 22 juni 2010 10:56 To: Tom Grace Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] No anti-virus software? No internet connection I completely agree with Tom. A good fraction of all vulns out there rely on the user taking the wrong action, and it's way common (just face the truth). How many people install cracked OSes? I was once incredulous that a person willingly installed a virus because he claimed it was harmless (while the anti-virus shouted trojan). Sometimes I get to fix people's computers. I'm always amazed by the amount of crap I get in contact with. Hundreds of browser toolbars, antiviruses, shareware, adware, trials, torrent clients, media players etc. That not counting the local IT shops which format PCs replacing (typically) Windows OS with a cracked one. On Tue, Jun 22, 2010 at 9:42 AM, Tom Gracet...@deathbycomputers.co.uk wrote: In a way having a requirement that end-users take some responsibility for their own computer is a good thing. Similar to prosecuting people for fraud if they fall for one of the cash scams. On 06/22/2010 05:37 AM, Ivan . wrote: yep, your tax $$$ at work Don't forget there Internet filter as well.. With these rocket scientist running the show, what's there to worry about http://blogs.news.com.au/techblog/index.php/news/comments/finally_there s_pro tection_against_spams_and_scams On Tue, Jun 22, 2010 at 2:32 PM, Jubei Trippataka vpn.1.fana...@gmail.comwrote: They had a committee working on this for a year and that's the best they could come up with? HAHAHAHA. Belinda Neal - With idiots like you and your colleagues tackling this issue, tax payers deserve to burn you at the stake. BTW... are you really a du0d? -- ciao JT ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full
Re: [Full-disclosure] No anti-virus software? No internet connection
I don't run anti-anything on my systems and haven't in over 7 years..I have never gotten anything on my systems. it's pretty easy to do..it's mostly behavior driven to keep yourself form getting malware. Also I can't find it now but there was a research paper that showed the a/v software could be used to instlal malware w/o the a/v software's knowledge..no thanks. On 6/21/2010 10:55 PM, Ivan . wrote: Security is as easy as that.. http://www.news.com.au/technology/no-anti-virus-software-no-internet-connection/story-e6frfro0-1225882656490 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
On Tue, 22 Jun 2010 12:55:25 +1000, Ivan . said: Security is as easy as that.. http://www.news.com.au/technology/no-anti-virus-software-no-internet-connection/story-e6frfro0-1225882656490 OK. I'll bite. 1) What antivirus are they going to force me to install on my Fedora laptop? 2) How will they verify the presense of A/V software on a properly firewalled system? 3) If the answer to (2) is run some sort of agent software on every box, in how many different ways can this end badly? pgp1fUzIpAb0W.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
I would presume that that would happen after you got infected and started spreading malware. Scaring people from the start ought to bring more consciousness. On Tue, Jun 22, 2010 at 1:41 PM, valdis.kletni...@vt.edu wrote: On Tue, 22 Jun 2010 12:55:25 +1000, Ivan . said: Security is as easy as that.. http://www.news.com.au/technology/no-anti-virus-software-no-internet-connection/story-e6frfro0-1225882656490 OK. I'll bite. 1) What antivirus are they going to force me to install on my Fedora laptop? 2) How will they verify the presense of A/V software on a properly firewalled system? 3) If the answer to (2) is run some sort of agent software on every box, in how many different ways can this end badly? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
How do you know you have never gotten anything on your system if you don't have an anti-anything ? Main aim of current threats is to hide any activity. 2010/6/22 William Warren hescomins...@emmanuelcomputerconsulting.com I don't run anti-anything on my systems and haven't in over 7 years..I have never gotten anything on my systems. it's pretty easy to do..it's mostly behavior driven to keep yourself form getting malware. Also I can't find it now but there was a research paper that showed the a/v software could be used to instlal malware w/o the a/v software's knowledge..no thanks. On 6/21/2010 10:55 PM, Ivan . wrote: Security is as easy as that.. http://www.news.com.au/technology/no-anti-virus-software-no-internet-connection/story-e6frfro0-1225882656490 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
If the ISP's are being expected to do the policing (which a less than thorough read of the paper indicates), who's shelling out for all the NAC kit? The ISP? On top of all the kit required to log all users Internet activities for an as yet undetermined period of time? On top of the kit to implement the great firewall of .au? Welcome to China, we hope you enjoy rice. Although, at least in China the govt's policy and intention is fairly clear. On Tue, Jun 22, 2010 at 9:41 PM, valdis.kletni...@vt.edu wrote: On Tue, 22 Jun 2010 12:55:25 +1000, Ivan . said: Security is as easy as that.. http://www.news.com.au/technology/no-anti-virus-software-no-internet-connection/story-e6frfro0-1225882656490 OK. I'll bite. 1) What antivirus are they going to force me to install on my Fedora laptop? 2) How will they verify the presense of A/V software on a properly firewalled system? 3) If the answer to (2) is run some sort of agent software on every box, in how many different ways can this end badly? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
--On Tuesday, June 22, 2010 12:55:25 +1000 Ivan . ivan...@gmail.com wrote: Security is as easy as that.. http://www.news.com.au/technology/no-anti-virus-software-no-internet-connecti on/story-e6frfro0-1225882656490 I don't have a problem with cutting off connections for infected machines. In fact I think that's an excellent idea. However, the suggestion to require antivirus and firewall software to access the internet is naive and dangerous. Neither of those technologies will guarantee you an infection-free system, and promoting the idea that they will promotes a false sense of security. Yes, you should use antivirus software if you're running windows, and yes, it's a good idea to use a firewall. Neither is a panacea, however, and neither will keep you from getting a trojan from the latest attack methodologies. -- Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. *** It is as useless to argue with those who have renounced the use of reason as to administer medication to the dead. Thomas Jefferson ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
On Tue, Jun 22, 2010 at 9:41 PM, valdis.kletni...@vt.edu wrote: On Tue, 22 Jun 2010 12:55:25 +1000, Ivan . said: Security is as easy as that.. http://www.news.com.au/technology/no-anti-virus-software-no-internet-connection/story-e6frfro0-1225882656490 OK. I'll bite. 1) What antivirus are they going to force me to install on my Fedora laptop? 2) How will they verify the presense of A/V software on a properly firewalled system? 3) If the answer to (2) is run some sort of agent software on every box, in how many different ways can this end badly? Trust you to break through the idealistic AV discussion with an ACTUAL logical implementation question. Shame on you! You've just made Belinda's shitlist. -- ciao JT ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] No anti-virus software? No internet connection
Security is as easy as that.. http://www.news.com.au/technology/no-anti-virus-software-no-internet-connection/story-e6frfro0-1225882656490 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
yep, your tax $$$ at work Don't forget there Internet filter as well.. With these rocket scientist running the show, what's there to worry about http://blogs.news.com.au/techblog/index.php/news/comments/finally_theres_protection_against_spams_and_scams On Tue, Jun 22, 2010 at 2:32 PM, Jubei Trippataka vpn.1.fana...@gmail.com wrote: They had a committee working on this for a year and that's the best they could come up with? HAHAHAHA. Belinda Neal - With idiots like you and your colleagues tackling this issue, tax payers deserve to burn you at the stake. BTW... are you really a du0d? -- ciao JT ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No anti-virus software? No internet connection
They had a committee working on this for a year and that's the best they could come up with? HAHAHAHA. Belinda Neal - With idiots like you and your colleagues tackling this issue, tax payers deserve to burn you at the stake. BTW... are you really a du0d? -- ciao JT ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/