Anti-virus software is losing the battle, and the war

Discussion in 'Virus Information' started by Virus Guy, Feb 10, 2011.

  1. Virus Guy

    Virus Guy Guest

    And I shake my head at the abortion that is the NT-line of Windoze
    operating systems, as I type and post this from my win-98 system.

    ----------------------------------------

    Anti-virus software is losing the battle, and the war

    http://www.theinquirer.net/inquirer/news/2025421/anti-virus-software-losing-battle-war

    Secure USB keys are not so secure
    By Asavin Wattanajantra
    Thu Feb 10 2011, 08:07

    ANTI-VIRUS SOFTWARE is fighting a losing battle against malware, and
    there's nothing that can be done to turn the tide, according to a
    security testing firm.

    NSS Labs, an independent security product and certification test lab,
    looked at 10 anti-virus products on the market. It found that the
    effectiveness of the software was variable, to say the least, with some
    products more effective at protecting against malware on USB keys than
    in email, and vice versa.

    "It tells us that the anti-virus engine is not applied uniformly across
    all the attack vectors," said Rick Moy, president of NSS Labs. "That's
    generally a flaw in the product architecture. There's not one product
    which gets malware the same across different vectors. Anti-virus is
    losing the battle. It's losing the war."

    He added, "I know the bad guys are doing their own testing on anti-virus
    products. Every AV product can be circumvented. Hackers can get in
    easily, because you can download them for free for 30 days, and create
    your own test lab."

    "You keep making the viruses and the malware, until one gets through.
    Once it gets through, you put it on the Internet. You can write
    software, until that gets automatic. The bad guys, in some cases, are
    doing better testing than the good guys."

    'Secure' USB keys that are advertised by vendors to offer mobile
    protection were also shown to be pretty ineffective. Moy said that NSS
    Labs did work with banks on the products using the technology, and broke
    into everything that it tested.

    "Some of that is private testing we haven't published yet. In some cases
    we're trying to work with the vendors. But secure USBs are not as secure
    as you think." µ
     
    Virus Guy, Feb 10, 2011
    #1
    1. Advertisements

  2. Virus Guy

    Dustin Guest

    Win9x is inferior on many levels, but it's a waste of time to even
    bother. If you want to run an OS that's basically a shell on top of
    MSDOS, you are welcome to do so.
    Hackers can get in where? AV products have been freely tested by Vxers
    (not necessarily, "hackers) for years now. Nothing new here. I wonder
    how long he's "known" this uber secret? heh.
    You just keep making them until one gets thru? really? I don't recall
    it being like that. In fact, you'd write the virus (not some lame ass
    trojan that you typically find these days) and scan it against the
    public and well known AV scanners; tweak your code as needed to avoid
    any hueristics alarms. I know this from 1st hand experience, not that
    of a pesky news reporter who doesn't have his information right.

    You know what? It wasn't a big deal 10+ years ago. This is ALL old
    news.
    I'm not sure I'd give NSS any credit; they could have easily used
    passware's software and just taken undeserved credit.
    of course; Why don't you save the publication for when you can keep the
    correct terminology in the paragraphs? Virus writers aren't necessarily
    hackers and vs versa. viruses and malware? LOL..

    Everything mentioned in this article aside from the insecure usb memory
    sticks (what moron actually thinks it's secure to begin with?) is all
    well documented, and well known by professionals and experts and has
    been for a very very very long time. NSS labs must be trying to drum up
    business in the form of paranoia?
     
    Dustin, Feb 11, 2011
    #2
    1. Advertisements

  3. Virus Guy

    Tecknomage Guest

    First off.... "The Inquirer" as an authoritative source on this
    issue?!!! Example, NOT providing a link to the actual NSS Labs test
    so readers could judge.

    Looking at just 10 anti-virus products, AND not listing which they
    looked at?!!!

    Otherwise, the truth has ALWAYS been that it cannot be totally
    stopped. It is a *race* between identifying/stopping malicious
    software and the purveyors/hackers.

    The Inquirer article MAY be referring to: (the link they SHOULD have
    provided)

    "NSS Labs Finds Most Endpoint Security Products Lack
    Vulnerability-Based Protection"
    (the below link is ONE line)
    http://www.nsslabs.com/company/news/press-releases/nss-labs-finds-most-endpoint-security-products-lack-vulnerability-based-protection.html
     
    Tecknomage, Feb 11, 2011
    #3
  4. It was not historically ever the job of antivirus to address the vector
    by which viruses might enter the system, it was their job to detect the
    virus once you have the possibly infected program. You have snort and
    firewalls and IPSs to address the exploit based malware.

    Thanks for this post, at least that article is by those whom understand
    what they are writing about.

    I also like the fact that they address the issue that VG seems to be
    oblivious to, that addressing the vulnerability is better than
    addressing a specific exploit that leverages the vulnerability. It is
    silly to claim W98 is not vulnerable to exploit just because the
    published exploits don't work on it.
     
    FromTheRafters, Feb 15, 2011
    #4
  5. Virus Guy

    Virus Guy Guest

    FromTheRafters used poor internet style by unnecessarily full-quoting:
    It's a known fact that the NT-line of OS, particularly XP, has more
    "services" running than win-9x does, even some arcane and unnecessary
    services for commercial or enterprise use that are turned on by default
    even for the Home version of XP, including printer and file sharing.

    XP was clearly more vulnerable than win-9x right out of the box.

    When you look at how many vulnerabilities were identified in XP-SP0,
    SP1, SP2, when you look at the rate at which new vulnerabilities were
    identified and leveraged between XP's introduction (Sept 2001) and the
    practical end-of-life of Win-98 (the end of 2004) it's a no brainer that
    hackers found a treasure in XP.

    Win-98 was still in heavy use in the most vulnerable setting imaginable
    (the home, on a broad-band internet connection) during 2004 and arguably
    into 2005, and as such it made a good target for hackers. Except
    hackers made little use of it BECAUSE they found few vulnerabilities
    they could leverage.

    Instead, XP SP0/SP1 was an absolute paradise for hackers and spammers.
    Go to secunia.org and look at the number of vulnerabilities disclosed
    for XP for the years 2001 through 2005 and compare that to Win-9x.

    Spam exploded during 2004 exclusively because XP was overtaking win-98
    in the home, and XP came complete with a raft of vulnerabilities and
    utterly unnecessary services running by default that turned XP into a
    defacto botnet platform.
     
    Virus Guy, Feb 15, 2011
    #5
  6. Probably all true, but irrelevant to the point I was making.
     
    FromTheRafters, Feb 16, 2011
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.