Results 31 to 52 of 52
-
2017-05-16, 12:26 AM (ISO 8601)
- Join Date
- Apr 2007
- Location
- London
- Gender
Re: What's good in AV software these days?
The best and most reliable defense against ransomware is to backup your data on a removable media of some sort, on a remote server or an isolated machine. As long as you do that regularly you will always be able to retrieve almost anything the malware encrypts.
To anyone reading this thread, I would be wary of relying on the advice in this thread. Security is definitely not my field and I have not by any means read the entire thread, but of the things I have read nothing has inspired in me any great confidence. There is some really silly and pompous stuff in here.
I would advise you look through dedicated tech forms, or perhaps try to find something on stackexchange.com which is a site that has served me very well on technical matters. Note that it may not be very comforting, I believe the general consensus is that no AV software is particularly reliable and that the best defense is prudent and cautious behaviour.
Personally, I use Avast as an active AV and malwarebytes for scans when I feel I need them.Last edited by 1dominator; 2017-05-16 at 12:27 AM.
-
2017-05-16, 06:25 AM (ISO 8601)
- Join Date
- Aug 2013
Re: What's good in AV software these days?
No, I don't have any proof of similar issues. I also don't have any way of monitoring what resources antivirus software is actually using, because they typically inject their behaviour into other applications. The Norton example is worth mentioning because it was particularly severe, and looked like a memory leak in firefox.
I should make clear that this is not advice. It is a general rant on the mercenary nature of AV software. I run linux on my main computer, and refresh windows periodically on my old one, (I don't need malware to break it!). I am simply commenting that there is no 'good' AV, at least as far as developers are concerned. AV insists on an interface to the inards of all software, and the existance of such an interface is inherently insecure. As a developer you can either attempt to seal off your software, in which case AV will just hack it's way in (leaving an entrance), or deliberately open up an attack surface.
AV companies hamstring and hold to ransom developers, no matter how good their intentions.
The third party thing is about modularity. Modules from different developers are fine, that's the whole point. Companies that were not involved in the development of a module modifying that module is not. 3rd party security experts being involved in the creation of software is to be encouraged, but once that software is in the wild it should not have more than one developer with access to it's behavior. AV breaks down modularity.
As for not having a virus for 6 or 7 year, how do you know it is doing anything then? With no confirmed positives, how do you know that the flags it is throwing are not false positives (in the sense that the exploits they aim at would not work on your computer anyway)? It's the old "not been ill for years, must be this snake oil" line of logic. Not saying that AV doesn't work, just that you can't know if you are safer without it without trying to go without it.
I'm also not a security expert, but there certainly are experts who are advocating this approach. Personally I work on the assumption that I am not safe either way, and then try the option that avoids overheads that may be unneccesary (I need to guard against failure either way anyway). It is a question of being able to afford the risk. I certainly can, and it has not bitten me yet.I play dwarf mode: Play to win, never be sober, and always die horribly despite everyone's best efforts (DM included).
I have a blog now! I make no claims to be that fool on that hill, but I do like to think I think the same way. Check it out for some of my more nutty thoughts.
-
2017-05-16, 07:49 AM (ISO 8601)
- Join Date
- Apr 2017
- Location
- It's kind of dark.
- Gender
Re: What's good in AV software these days?
As opposed to other kinds of software, that isn't in any way at all attempting to make a profit for its developers? You make less sense with every post you make.
We can go in circles about this forever... OP's question has been answered by those who actually attempted to give helpful advice. Hopefully anyone else who comes to this thread looking for just that is smart enough to see through the white noise and obfuscation and benefit from the helpful suggestions that some of the posters have given.I say we can go where we want to, a place where they will never find. And we can act like we come from out of this world, leave the real one far behind. We can dance.
The Adventures of Amber Yarrowhill, IC and OOC
In the Hands of an Angry God June 2017 - November 2018. RIP.
My Player Registry Entry
-
2017-05-16, 09:09 AM (ISO 8601)
- Join Date
- May 2012
Re: What's good in AV software these days?
Yep, ditto. I'm a sophisticated PC user, but even I can get fooled at times.
I inadvertently got my PC infected with a bug back a few months ago. It was a clever thing, too - nothing detected it, and it only installed the payload a full 24 hours afterwards. Windows Defender didn't stop the payload from installing (though it kept trying to kill the process, which is how I knew I had a problem in the first place.) What's more, my usual stand-by for removal - Hitman Pro - didn't even detect it. I was able to do a manual removal with some process-killers and file unlockers, and then MalwareBytes took care of the remnants. Little to no damage was done, fortunately. This could have been ransomware instead of a random trojan trying (and failing) to steal my bank info.
Moral of the story - I bought a subscription to BitDefender that night, and slept more soundly. The ability to have it installed on my PC, my laptop, and my 70-year-old parents' laptop for like $25 a year was a no-brainer. Since then it's killed a few suspicious web pages.PAD - 357,549,260
-
2017-05-16, 10:37 AM (ISO 8601)
- Join Date
- Feb 2008
- Location
- Enköping, Sweden
- Gender
-
2017-05-18, 01:49 AM (ISO 8601)
- Join Date
- Feb 2008
- Location
- Enköping, Sweden
- Gender
Re: What's good in AV software these days?
I switched to a DNS service with some basic protection too, as extra security. Meaning it blocks known phishing sites and weird redirects. I also opted in on filter for known adware and spam sites.
Blizzard Battletag: UnderDog#21677
Shepard: "Wrex! Do we have mawsign?"
Wrex: "Shepard, we have mawsign the likes of which even Reapers have never seen!"
-
2017-05-18, 02:11 AM (ISO 8601)
- Join Date
- Aug 2013
Re: What's good in AV software these days?
I would assume it refers to the propensity for AV programs to play up their usefullness. I've seen them "overreport" threats, often you'll get the same kind of message for say tracking cookies as actual honest viruses.
And the whole spiel to sign up to ever more services. I get that AVG Free kinda has to bug me for upselling, but that can continue even if you buy a product.
Oh, and if you want to get rid of an AV installation they are as tenacious as viruses.
-
2017-05-18, 03:12 AM (ISO 8601)
- Join Date
- Feb 2008
- Location
- Enköping, Sweden
- Gender
Re: What's good in AV software these days?
Oh I recognize that, but again it depends on the product. Bitdefender and Norton are quiet as soon as you purchase their product.
(I have Internet Security and could upgrade to Ultimate but Bitdefender never bugs me about it or the fact that I have turned off the anti-spam). Also never yells about tracking cookies. If you run a free malware scanner though you usually get 500+ warnings about security threats that are just normal cookies.
Though you of course can cut down on those as well if you block most tracking in your browser.Last edited by Avilan the Grey; 2017-05-18 at 03:13 AM.
-
2017-05-18, 03:58 AM (ISO 8601)
- Join Date
- Sep 2013
Re: What's good in AV software these days?
I like to call it the Shareholder death spiral. Shareholders want more dividends, making a quality product and keeping up with the current threats takes a back seat to marketing and adding as much bloated "Added product value" as possible, until eventually the antivirus is so bloated it slows your computer down. As insult to injury, around this time it will also start displaying a dialog box that you can't get rid of, containing an advertisement the devs based on a "system optimizer" malware they saw a few weeks ago- with a little bit of customization detailing how it can speed up
their shareholder earningsyour computer for you if you just buy this one extra feature.My Homebrew A Return to Exile, a homebrew campaign setting.
Under Construction: Skills revamp for the Campaign Setting. I need to make a new index thread.
-
2017-05-18, 04:45 AM (ISO 8601)
- Join Date
- Feb 2008
- Location
- Enköping, Sweden
- Gender
Re: What's good in AV software these days?
Blizzard Battletag: UnderDog#21677
Shepard: "Wrex! Do we have mawsign?"
Wrex: "Shepard, we have mawsign the likes of which even Reapers have never seen!"
-
2017-05-18, 08:00 AM (ISO 8601)
- Join Date
- Apr 2017
- Location
- It's kind of dark.
- Gender
Re: What's good in AV software these days?
I say we can go where we want to, a place where they will never find. And we can act like we come from out of this world, leave the real one far behind. We can dance.
The Adventures of Amber Yarrowhill, IC and OOC
In the Hands of an Angry God June 2017 - November 2018. RIP.
My Player Registry Entry
-
2017-05-18, 12:18 PM (ISO 8601)
- Join Date
- May 2012
-
2017-05-18, 03:08 PM (ISO 8601)
- Join Date
- Sep 2013
Re: What's good in AV software these days?
They've all done it at varying points in time. Last time I saw Norton AV it was advertising their online backup service with excessive toast notifications that ignored the disable checkmark while breaking TCP/IP because their firewall broke, and McAfee has a longstanding tradition of releasing nagware along with every copy of Adobe Acrobat Reader ever, just for the easy starters.
If they don't do it now, they will in the future when their shareholders get antsy because numbers are down.My Homebrew A Return to Exile, a homebrew campaign setting.
Under Construction: Skills revamp for the Campaign Setting. I need to make a new index thread.
-
2017-05-18, 03:51 PM (ISO 8601)
- Join Date
- Feb 2007
- Location
- Manchester, UK
- Gender
Re: What's good in AV software these days?
I don't think you can make general pronouncements about AV software based on Norton, which is now and always has been a terrible piece of software. I'd rather put Wannacry on my machine than Norton--it gets broken either way, but at least Wannacry isn't pretending to do anything good!
-
2017-05-18, 04:21 PM (ISO 8601)
- Join Date
- Feb 2008
- Location
- Enköping, Sweden
- Gender
Re: What's good in AV software these days?
Blizzard Battletag: UnderDog#21677
Shepard: "Wrex! Do we have mawsign?"
Wrex: "Shepard, we have mawsign the likes of which even Reapers have never seen!"
-
2017-05-18, 07:41 PM (ISO 8601)
- Join Date
- Sep 2013
Re: What's good in AV software these days?
Others had already been pointed out how naggy the A* free antiviruses were. I didn't think I needed to rehash that or tirade about every naggy AV I've ever used was, just point out that every antivirus will become naggy and unviable eventually.
Symantec's taken that program from Good to Terrible so many times that it isn't a question of "if" but "when" it becomes unusable again. Trust them at your own peril.My Homebrew A Return to Exile, a homebrew campaign setting.
Under Construction: Skills revamp for the Campaign Setting. I need to make a new index thread.
-
2017-05-18, 11:41 PM (ISO 8601)
- Join Date
- Feb 2009
- Location
- Germany (North)
Re: What's good in AV software these days?
Pretty well, I'd say. It tries to not get in the way of AV programs, due to the way it works at the low level.
(Btw, upgrading from Home to Pro is likely gonna do very little beyond unlock various features and allowing you to disable more things. It's not gonna make it more secure.)
-
2017-05-19, 12:24 AM (ISO 8601)
- Join Date
- Jun 2005
- Location
- Oz county
- Gender
Re: What's good in AV software these days?
Going for the pro upgrade is not about making it secure. It's about the features and disabling more things.
In any case, I do more "high risk" online stuff than my mother, but she's the one who gets viruses, malware, and ransom ware on a regular basis. When I had to do a clean reinstall for her the last time, I gave her all the tools and showed her how to use them. That she chose not to use them was her choice. When she told me about the ransomware scam she fell for (she had no clue until I clued her in), I decided I have to wash my hands of trying to save her computer. It's like a person dying of thirst in the desert refusing water. Whereas I actually implement security practices and programs.I used to live in a world of terrible beauty, and then the beauty left.
Dioxazine purple.
-
2017-05-29, 05:46 AM (ISO 8601)
- Join Date
- Feb 2016
Re: What's good in AV software these days?
Wannacry is covered by the IPS module in Symantec/Norton.
General ransomware protection is not very reliable yet. Threats tend to be polymorphic and/or based on commercial encryption software that is difficult to blacklist without risking a lot of false positives.
Besides black hats are putting more resources into ransom-/extortion-ware, since it pays well. The number of attacks has been growing exponentially for the last few years.
A year or so ago Sophos developed a new type of ransomware defense that is called Intercept X.
Instead of relying on file fingerprinting or meta-behaviour, it actually keeps an eye on your files and checks if they start getting encrypted. If so, it takes backup copies of the affected files, and asks the user after a number of files have been encrypted if they want to allow the detected behaviour to continue.
Haven't checked it out yet, but the idea seems sound, and the reviews I've read were pretty favorable.-
What is dead may never die, but rises again, harder, stronger, in a later edition.
-
-
2017-05-31, 10:43 AM (ISO 8601)
- Join Date
- Nov 2010
- Location
- Toledo, Ohio
- Gender
Re: What's good in AV software these days?
It was also preemptivly blocked by Microsoft more than a month before it hit, because they identified and patched the vulnerability that it used. The only people that got hit were Windows pirates (who don't get updates), people that took measures to block Windows Update, and people with no-longer-supported versions of Windows (which don't get regular patches, although Microsoft did release an anti-Wannacry patch for XP when the ransomware hit).
-
2017-05-31, 04:00 PM (ISO 8601)
- Join Date
- Feb 2007
- Location
- Manchester, UK
- Gender
Re: What's good in AV software these days?
Actually, Windows XP didn't really get hit by Wannacry, mainly because it would usually bluescreen when the worm hit rather than getting infected. It was newer versions of Windows that were not kept up to date that were the main problem.
-
2017-06-01, 04:08 AM (ISO 8601)
- Join Date
- Feb 2016
Re: What's good in AV software these days?
-
What is dead may never die, but rises again, harder, stronger, in a later edition.
-