Efficient WEB protection - which program?

Discussion in 'Anti-Virus' started by DK, Jan 15, 2012.

  1. Not unless they infect or modify preexisting programs in such a way as
    to cause them in turn to infect others in the same manner, recursively.

    [...]
     
    FromTheRafters, Jan 16, 2012
    #21
    1. Advertisements

  2. Yeah, I usually let it pass or just add it in as extra information.
    Sometimes it really does matter whether or not a virus is involved.
    Different things have to be considered if a malware instance really *is*
    viral.
     
    FromTheRafters, Jan 16, 2012
    #22
    1. Advertisements

  3. DK

    DK Guest

    You must have the strangest possible definition of "infection"
    in mind.
     
    DK, Jan 16, 2012
    #23
  4. Virus Guy wrote:
    [...]
    Eh, that ain't gonna happen - not just because someone calling himself
    Virus Guy doesn't understand why it remains an important distinction.
    That comes very close to the definition of a trojan, which some
    taxonomies treat as a superset of virus. If it (a trojan) replicates
    itself via infecting programs with copies of itself, it is termed a
    virus because additional tools must be brought to bear - it is that much
    more important that its viral aspect be addressed that it necessitates
    making that distinction with the terminology.
    You may be thinking about polymorphism here, but it is an important
    thing for the virus that the new set of form be functionally equivalent.
    It can't be a different program, just a different way to achieve the
    program's same functions.
    Network replication is another matter entirely. By virtue of the virus'
    ability to make a copy of its own viral function, it has the ability to
    place that code within preexisting programs (file infectors for
    instance) - programs that use network replication only, can't do this.
    ....or so it seems from recent history.

    Some virus' only goal was to use those resources to replicate, and
    perhaps help distribute a data diddling payload.
     
    FromTheRafters, Jan 16, 2012
    #24
  5. DK

    kurt wismer Guest

    all of those things reproduce, so it is not unreasonable to call them
    all infectious agents. in computers, only viral malware reproduces, so
    only viral malware can be called an infectious agent.
    if i puncture your spleen with a screwdriver, the screwdriver has not
    infected you, you are not infected with screwdrivers regardless of the
    fact that it has overwhelmed the protective covering known as skin.

    the system may become infected, but not all invaders are infectious
    agents.
    since there is no circumstance under which an automobile would be
    considered infected (except perhaps by computer viruses in more modern
    ones), the automobile analogy really seems like a non-starter.
    a trojan no more infects a system than a hypodermic needle infects a
    body. it may carry an infectious agent, but it is not itself one.
    infection is absolutely an analogy to biological systems, but not all
    things that act in or on biological systems are infectious agents.
     
    kurt wismer, Jan 16, 2012
    #25
  6. DK

    kurt wismer Guest

    this question doesn't make sense. it is trivial to write code that
    takes over a system without being capable of self-replication.
    if your malware lexicon is so small that it is useless to you, my
    condolences. but don't project your own limitations onto others. it is
    not useless. things that fall outside that definition have the
    distinction of having other names. those names impart meaning that is
    lost when you call everything a virus, just as the concept of
    identification would be lost if we called everyone bruce.
    when speaking broadly, the umbrella term you're searching for is
    malware.
    no, to 'open channels to obtain a new or different agent' is to be a
    downloader trojan. that is not self-replication. even if the file it
    downloaded was identical to it (which would be pointless), it would be
    making a copy of it's twin, not of itself.
    just because the goal is always the same, doesn't mean the actor is
    too.
    since i'm unclear on how you're using "replicate" here, i can't really
    answer your question. i suspect, however, that since you felt the need
    to put it in quotation marks it probably would be something that
    doesn't qualify as self-replication.
    narrow? one of us has a 'word bag' that only has one word in it
    ("virus"), and it isn't me.
     
    kurt wismer, Jan 16, 2012
    #26
  7. DK

    kurt wismer Guest

    i'm certain that i could come up with a stranger (albeit wrong) one.
    therefore the one i have in mind is not the strangest one possible.
     
    kurt wismer, Jan 16, 2012
    #27
  8. DK

    DK Guest

    No. Equally strange (wrong) - yes, plenty. Stranger (more wrong) -
    no, other than something completely nonsensical, it would be
    practically impossible to have one.
     
    DK, Jan 16, 2012
    #28
  9. DK

    kurt wismer Guest

     
    kurt wismer, Jan 16, 2012
    #29
  10. Sorry....

    I disagree with you so we will agree to disagree.
     
    David H. Lipman, Jan 16, 2012
    #30
  11. DK

    villandra Guest

    I love it! Someone asks a good question, and instead of anyone
    answering it. we have an idiotic semantic argument on what's a virus.

    If it's nasty, as far as I'm concerned, it's a virus. You can call
    it what you want to! When someone else uses the term virus, you know
    perfectly well what they mean.

    Now. I too want to know what anti-virus program can spot viruses.

    Yours,
    Dora
     
    villandra, Jan 16, 2012
    #31
  12. villandra wrote:
    [...]
    It was answered long ago, and "WEB protection" and "antivirus" are
    entirely different things despite user's desire to gloss over the
    differences.

    The OP provided an example malware that he desired protection from, he
    got several good answers and picked one already.
    Usually not until we identify what it *really* is can we address how to
    protect yourself from it. Chances are *very* good that a virus is not
    involved, and that simplifies matters considerably.

    The term 'virus' for some reason has popular appeal where the correct
    term of 'malware' is rather dull. It doesn't matter what you call a
    virus at your dinner table, but it matters here.
    That's an entirely different question from the one the OP asked. "All of
    them" is the answer, that's why they call them anti-virus programs. Good
    WEB protection can come from anti-malware programs (which in turn do not
    specifically target viruses).

    I use Avira Free Antivirus, and don't use any web protection thingies.
    Another computer I have running Avast! Antivirus (free).

    None of those will stop Javascript from running, which is what the OP
    really needed anyway IMO.
     
    FromTheRafters, Jan 17, 2012
    #32
  13. DK

    DK Guest

    No, not just any "javascript" but, very clearly, the javascript that installs
    and runs malware. Both of these programs are advertised to stop such
    attacks and, in fact, are supposed to be able to do it - based, at the
    very least, on the file execution real time protection (OK, so in my
    case it was aided by some other program's security hole but the
    fact is that a malicious EXE with a code normally detected by both of
    the programs was allowed to be run). That's a big FAIL for these
    antivirus products.

    Dima
     
    DK, Jan 17, 2012
    #33
  14. DK

    kurt wismer Guest

    and i love how people with no appreciation for the meanings of words
    use "semantic" like it's a slur.
    no, actually we don't know perfectly well what they mean. we'd have
    only the barest inkling of what they mean.

    ignoring the difference between viral and non-viral malware is like
    ignoring the difference between a sprain and a broken bone. unless you
    treat them both with amputation, recovery depends on knowing what
    you've actually got.
     
    kurt wismer, Jan 17, 2012
    #34
  15. DK

    kurt wismer Guest

    it hardly takes a pedant to recognize that there's no such thing as an
    infection that doesn't spread.
     
    kurt wismer, Jan 17, 2012
    #35
  16. DK

    Bear Guest

    How does it get to your computer?
     
    Bear, Jan 17, 2012
    #36
  17. DK

    Bear Guest

    Maybe this can be solved easily. Your computer gets "sick" rather than
    "infected" and leave the rest to the "doctors."

    Of course I don't go to the doctor every time I get sick.

    :)

    Are there any Doctors in the house?
     
    Bear, Jan 17, 2012
    #37
  18. DK

    kurt wismer Guest

    and? it still spreads. it still reproduces, even if it uses an
    intermediary.
     
    kurt wismer, Jan 17, 2012
    #38
  19. DK

    kurt wismer Guest

    non-viral malware can BE spread (like manure) but it doesn't spread
    itself (like an infectious disease).

    it gets on your computer by way of being purposefully placed somewhere
    (by a human being) where you (or some automated part of your computer)
    are likely to run it.

    the key difference between viral and non-viral malware is that
    dependance on intentional malicious action by a person. after a virus
    is released into a population, it just keeps going and going
    autonomously without interference, but non-viral malware doesn't go
    anywhere without someone laying some sort of trap.

    and the reason that's important is because autonomous action can (in
    theory) be mitigated with autonomous defenses, but human action cannot.
     
    kurt wismer, Jan 17, 2012
    #39
  20. The initial URL used Javascript to read, write, and compare cookies. The
    result of the comparison was to redirect to another URL with more
    Javascript else to "Bing". Some of the 'more Javascript' was obfuscated,
    but obfuscation in and of itself is not a sign of maliciousness.

    Every such "protection" program can be expected to miss some of the many
    different forms that even one malware can assume through polymorphism of
    one type or another.

    I never asked about what kind of "Web Protection" was envisioned by the
    OP, but one kind I can think of is basically a black list of domains
    known to be currently (or recently) serving up malware (sort of like the
    'hosts' file so often touted). Such 'protection' doesn't even look at
    files at all. *Viruses* have to be looked at, you generally can't
    protect yourself from them without having the ability to inspect within
    program files for their signature(s). That ability is quite a bit more
    complicated than most people realize.
     
    FromTheRafters, Jan 17, 2012
    #40
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.