Antivirus Co. and Us...

[scriptkiddie18]

hmm...I wonder how come antivirus companies get the virus before us and then they make a antivirus for it lol..
anyone know lol...maybe its just a mystery and it should always stay a mystery.. ...but nah I wanna know lol

[MrLinus]

That isn't always the case. The "I love you" virus/worm was out in the wild and the AV companies had to respond in about 3 hours of it propogating like mad. Often, someone has gotten it and passed the information on to the AV companies, who then create the fix and post updates. Some AV companies I noticed have daily to twice a day updates.

Personally, I don't think it's a conspiracy by the AV companies. I do think it's stupidity on MS' part (given that 99% of viruses affect Windows machines) to continue to propogate the same errors with every generation (ie., the idea of "make it easy for the user so they don't have to think" scripting)

[PM8228]

Personally, I don't think it's a conspiracy by the AV companies. I do think it's stupidity on MS' part (given that 99% of viruses affect Windows machines) to continue to propogate the same errors with every generation (ie., the idea of "make it easy for the user so they don't have to think" scripting)

That is what they get for making VBScript interact with all their software and not doing enough bug/exploit testing before releasing it.

-Cheers-

[MrBabis]

I think that some companies works with HK or have some contacts with them. It say's "If you want find him you must think like he". Alone HK is a bigger problem for users and AV Co.
Lot of AV using some own kind of "heuristic" analys to find new viruses.
Just one problem: poor users that cant buy AV. And lot of freeware AV havent quick and good update vs new viruses. I tesded some of them and it can take up to 2 month for some AV (not only freeware) to get requid updates vs viruses. I crashed my pc lot of times, updated AV could not find "Virus".

I can say just "BE CARE WHEN YOU ARE DOWNLOADING SOME FREEWARE PROGRAMS"
and USE MORE THEN ONE AV ON YOU SYSTEM, ONE FOR REALTIME POTECTION and ONE JUST FOR SCAN AND REPORT.

It works for me.

[PM8228]

Just one problem: poor users that cant buy AV. And lot of freeware AV havent quick and good update vs new viruses. I tesded some of them and it can take up to 2 month for some AV (not only freeware) to get requid updates vs viruses. I crashed my pc lot of times, updated AV could not find "Virus".

There are free working copies of Norton that are availble. I enjoy it.

-Cheers-

PS: What is heuristic scanning and how is it different from "normal" scanning?

[ghostofanonion]

I need to retaliate, MS haters are somewhat critical in there approach to te way things are. Simply 99% of all virus attack Windows, 99% f all computers are windows based. Some how your figures are biased. Somebody read The Hitch Hikers guide To the Galaxy and bang theres proof we don't exist your statements are just as truthfull as his. Sure MS OS are big lunking redunadamt pieces of software, but it is obvious they are targetted far more than any other OS becuase they are more common. Perhaps people should stop Bill Gates Bashing and actually focus on addressing the issues at hand. If yo all so smart make me an operating system I can sell to my PC Illit Clients thats as compatible as windows and as secure as unix.. cuase you all make it sound like its that easy

[MrLinus]

.. actually focus on addressing the issues at hand.

How's this for an issue: MS insists on making things easier for users. Let's put scripting into email and by default, not turn it off or allow it to turn off. And we won't just do it once. We'll do it multiple times (Office products, Outlook, etc.). MS has put user needs before security for years. That's the biggest issue when it comes to security. No matter how you paint it, that is MS's attitude.

Now, that said, MS has made some changes. IIS 6 apparently is modular and by default, has no services running. FINALLY. From versions 3-5 they had everything running. 4 and 5 were the worst (by version 5 you'd think they would have removed gopher!)

I have an issue with a company that doesn't take security seriously until it finally potentially threatens their bottom line.

As for creating an OS, it's already out there. It's called Novell. The reality is they need a system that thinks like Novell has for years. It's different trains of thought:

Microsoft: enable everything and let the admin turn off what's not needed.

Novell: disable everything and let the admin allow only what's needed.

When it comes down to it, it's all about attitude. MS is finally shifting but it will be interesting to see what changes they actually do down the road.

[mark_boyle2002]

I believe Script Kiddie is talking about all the virii in the definitions files which say "Never found in Wild"

I agree with him that perhaps some of the virii that are out there but were labeled in this way were perhaps pets of antivirus companies which got leaked.

[MrLinus]

I believe Script Kiddie is talking about all the virii in the definitions files which say "Never found in Wild"

Ah... is it possible that someone sent them their code from test environment? like a POC?

[mark_boyle2002]

I think it is more likely that they have a team of neds sitting in a dark room writing crappy virii.

Ever noticed how the decent virii are ones which start in the wild before definition updates.

Note : I used decent and virii in the same sentance this does not indicate I condone or agree with virii writers.