Discussion in 'Article Discussion' started by CardJoe, 10 May 2010.
Now my PC is ever safe.
Like it ever was.
To be 100% safe, you should unplug your internet connection and throw your hard drive out of the window.
Well, at least we should expect the AV makers to patch themselves up eventually
Biggest anti virus and firewall is yourself. If you go to azi0npr0nx0x all day long - well... Then you might need a bit more than a strong anti virus.
Just be carfull when browsing, use firefox with no script and don't download anything you don't trust.
Yay for MS Security Essentials!
But then anyone could just pick up your hard drive and walk off with it!
Anyway, since the biggest danger to any pc is the user, good practice should still help with this one.
Also, how does the "bad" code get onto the system with the "good" code in the first place? Wouldn't it be caught in a file scan?
Anyone who thought their anti virus was protecting them was just deluding themselves.
For this software to get on your computer, you'd have to download and run it, just like 99% of other malware, and anti-virus software does nothing to stop that.
UAC is a step in the right direction, but let's be honest, people are too narcissistic to ever stop and think "maybe I've just downloaded a bad program, I should double check where I got it from is legitimate" ... everyone just turns UAC off and installs every exe they receive in an e-mail that says 'click me to speed up your computer'.
The problem with Windows users is that they have not been told what good security practice is. The "install AV; set and forget" is downright sloppy.
You don't need AV when you change the default approach from:
"Default Allow"; (Allow ANYTHING to run.)
"Default Deny". (Only allow what you need and nothing more.)
* Get the edition of Windows with Software Restriction Policy (SRP) or AppLocker. Set it to deny everything except for the apps you need to work with. (So your Limited/Restricted account can read and write in its assigned folders; but not allowed to execute any random code in those areas. Only Program Files or Windows folders are allowed to have executables running by default.)
* Use Limited/Restricted User for day-to-day usage.
(The reason is because you don't have write access to Program Files or Windows folders. Only Read and Execute.)
* Only use Administrator account for maintenance, troubleshooting, etc.
(This is from the Linux/Unix way. Using root for day-to-day computer use is considered bad practice and looked down upon.)
* Be strict in where you get your software from. If you don't know where it came from (untrusted or unverified source). Don't run it; just delete it.
...I have tested this approach against real drive-by downloads and such with various folks from business and home. It works. Malware doesn't infect if it can't run. (Malware is just software written for a purpose. You're just preventing execution of it with SRP.)
Breaking bad computing habits and replacing them with effective practices is the key.
The AV approach is the dumbest, most insecure way to computer security. It has never been an effective method of prevention against real world attacks.
but it's a good first step.
like i always have said.
The best way to be protected againts virus its common sense.. that's all you need
(just dont click on that "you won money" or "hey look my pics at www.face-book/virus.exe") DAMN IT DONT DO IT
Security is a process, not a product.
Lock the user out of the room where the PC is housed.
Ha, I love how there's just a subtle picture of some of the code
(Could be code for anything, but y'know.. The effects priceless )
hmmm, what exactly am I doing reading all these articles on bit-tech when I could be picking up a virus at any time !
How to stop your pc from getting infected : use antibacterial wipes!!
The old switcheroo!
wouldnt a good firewall stop this?
comodo blocks everything from running (i admit it wouldnt work for noobs becasue they would be worse off)
but it treats everything as a virus unless you sepcify otherwise and it asks you everytime it tries to accses anything like system settings unless you allow that program to do it
For the bulk of the 'buy and use computer' users out there, they need a robust AV software. Even still that does not make them safe. Educating these users helps, but many don't have the time or the basic awareness to care about security notifications. The threats will continue to evolve and even us that are somewhat savy may find themselves vulnerable to attack.
Running as a non-admin account is probably the best defense with or without AV software.
if i read the article correctly, this particular exploit would work wether you are an admin user or a limited user, so in this case running as a limited account wouldnt matter, it would infect you
Separate names with a comma.