hmm...I wonder how come antivirus companies get the virus before us and then they make a antivirus for it lol..
anyone know lol...maybe its just a mystery and it should always stay a mystery.. :D...but nah I wanna know lol
Printable View
hmm...I wonder how come antivirus companies get the virus before us and then they make a antivirus for it lol..
anyone know lol...maybe its just a mystery and it should always stay a mystery.. :D...but nah I wanna know lol
That isn't always the case. The "I love you" virus/worm was out in the wild and the AV companies had to respond in about 3 hours of it propogating like mad. Often, someone has gotten it and passed the information on to the AV companies, who then create the fix and post updates. Some AV companies I noticed have daily to twice a day updates.
Personally, I don't think it's a conspiracy by the AV companies. I do think it's stupidity on MS' part (given that 99% of viruses affect Windows machines) to continue to propogate the same errors with every generation (ie., the idea of "make it easy for the user so they don't have to think" scripting)
That is what they get for making VBScript interact with all their software and not doing enough bug/exploit testing before releasing it. :)Quote:
Personally, I don't think it's a conspiracy by the AV companies. I do think it's stupidity on MS' part (given that 99% of viruses affect Windows machines) to continue to propogate the same errors with every generation (ie., the idea of "make it easy for the user so they don't have to think" scripting)
-Cheers-
I think that some companies works with HK or have some contacts with them. It say's "If you want find him you must think like he". Alone HK is a bigger problem for users and AV Co.
Lot of AV using some own kind of "heuristic" analys to find new viruses.
Just one problem: poor users that cant buy AV. And lot of freeware AV havent quick and good update vs new viruses. I tesded some of them and it can take up to 2 month for some AV (not only freeware) to get requid updates vs viruses. I crashed my pc lot of times, updated AV could not find "Virus".
I can say just "BE CARE WHEN YOU ARE DOWNLOADING SOME FREEWARE PROGRAMS"
and USE MORE THEN ONE AV ON YOU SYSTEM, ONE FOR REALTIME POTECTION and ONE JUST FOR SCAN AND REPORT.
It works for me.
There are free working copies of Norton that are availble. :D I enjoy it.Quote:
Just one problem: poor users that cant buy AV. And lot of freeware AV havent quick and good update vs new viruses. I tesded some of them and it can take up to 2 month for some AV (not only freeware) to get requid updates vs viruses. I crashed my pc lot of times, updated AV could not find "Virus".
-Cheers-
PS: What is heuristic scanning and how is it different from "normal" scanning?
I need to retaliate, MS haters are somewhat critical in there approach to te way things are. Simply 99% of all virus attack Windows, 99% f all computers are windows based. Some how your figures are biased. Somebody read The Hitch Hikers guide To the Galaxy and bang theres proof we don't exist your statements are just as truthfull as his. Sure MS OS are big lunking redunadamt pieces of software, but it is obvious they are targetted far more than any other OS becuase they are more common. Perhaps people should stop Bill Gates Bashing and actually focus on addressing the issues at hand. If yo all so smart make me an operating system I can sell to my PC Illit Clients thats as compatible as windows and as secure as unix.. cuase you all make it sound like its that easy
How's this for an issue: MS insists on making things easier for users. Let's put scripting into email and by default, not turn it off or allow it to turn off. And we won't just do it once. We'll do it multiple times (Office products, Outlook, etc.). MS has put user needs before security for years. That's the biggest issue when it comes to security. No matter how you paint it, that is MS's attitude.Quote:
.. actually focus on addressing the issues at hand.
Now, that said, MS has made some changes. IIS 6 apparently is modular and by default, has no services running. FINALLY. From versions 3-5 they had everything running. 4 and 5 were the worst (by version 5 you'd think they would have removed gopher!)
I have an issue with a company that doesn't take security seriously until it finally potentially threatens their bottom line.
As for creating an OS, it's already out there. It's called Novell. The reality is they need a system that thinks like Novell has for years. It's different trains of thought:
Microsoft: enable everything and let the admin turn off what's not needed.
Novell: disable everything and let the admin allow only what's needed.
When it comes down to it, it's all about attitude. MS is finally shifting but it will be interesting to see what changes they actually do down the road.
I believe Script Kiddie is talking about all the virii in the definitions files which say "Never found in Wild"
I agree with him that perhaps some of the virii that are out there but were labeled in this way were perhaps pets of antivirus companies which got leaked.
Ah... is it possible that someone sent them their code from test environment? like a POC?Quote:
I believe Script Kiddie is talking about all the virii in the definitions files which say "Never found in Wild"
I think it is more likely that they have a team of neds sitting in a dark room writing crappy virii.
Ever noticed how the decent virii are ones which start in the wild before definition updates.
Note : I used decent and virii in the same sentance this does not indicate I condone or agree with virii writers.
Heh it'be easy for AV companies to get more money lol...like if they make a virus and they send it out...since they made it..they are the only ones with a antivirus for it...that is on the begining. But it might be hard for 'em to cover it up :D
Yah, that would be hard to cover up. Lol
-Cheers-
I know a couple of virii writers and they think of themselves as whitehats. They do research in to vulnerabilities (in this case propagation of unwanted code), write a POC of it to test it and then send that to the AV companies to let them know how it can be done and give the AV companies time to write a definition file. They say they do this to help the AV companies incase someone else out there is doing the same type of research but with nefarious ideas behind it.
Now I don't know if I completely buy this, but that's the line that has been given to me by some people that actually write the virus codes... they also say that nothing they have ever written has made it in the wild. /shrug
I'd say this is likely, especially in light of the University of Calgary's Virus Writing Course. This might become more prevelant. When you think about it, how is it not that different from white hats finding errors in a particular OS or application and writing a POC and sending it to the software manufacturer to fix?Quote:
Now I don't know if I completely buy this, but that's the line that has been given to me by some people that actually write the virus codes.
I work for an AV company and we definately dont write any viruses. We do however get targeted by a lot of virus writers. What they some how dont realise is that every file that comes through our mail gateway gets stripped off and goes straight into the virus lab to be analysed.
We will normally see viruses before the majority of users for these reasons:
1. Virus writers target AV companies
2. Some virus writers, write proof of concept viruses and therefore send to AV companies to make them aware (like whitehat hackers)
3. Users that are turned on and find something strange on there system, will normally call there AV supporter and send in a sample of the file
4. We also (starngely enough) have a very strong group of individuals who troll the newsgroups for new viruses (normally trojans) and send them into us
5. Lastly, all of the AV companies share all the viruses that they have. The process involves sending a catalogue of all viruses found that month to each other AV company. This changes when a particularily nasty little buggar surfaces, and this is of course sent to all AV companies as soon as analysis starts on it.
The vast majority of viruses are windows based. Near enough all of them are 'in the zoo', and not 'in the wild'. We detect over 86,000 viruses, about 200 ish are in the wild.
Keep Safe
lets face it making a virus for win is easier than linux though why make them at all?only people who benefit in the long term are antivirus agencys and security agencys(giving people o job)!!!!
Yeah that is true.
But virus writers tend to have some kind of grudge against society and what to get their own back.
Lots of people hate microsoft, and so we get lots and lots of viruses aimed at the windows platforms.
Because viruses have existed, there will never now be a time when AV companies do not exist. Corporate customers will now always be paranoid about viruses, even we stopped seeing any new ones being written.
Let's not forget the exploration issues. While a virus can be purely destructive without any interesting code in it, some people really push things forward and get some dangerous tools out there. In all honesty, I'd rather have such things happening, than some 'ingenious' blackhat taking down the county powergrid with some virus. In a sense, while exploits usually refer to remote systems, I guess we can think of virii as exploits of local systems, in order to [but not only] crumble that system.
ghostofanonion, while I can understand sometimes MS haters tend to be very biased in their comments about the company [we all are biased some way, but I'm dealing with the quality of their arguments here], the issue here is, indeed, that the company has repeatedly released software just waiting to be exploited in malicious ways. It looks more like a test-OS for future H/C rather than a serious OS. The very fact it is more common should determine the software giant to secure everything better. I read somewhere - unfortunately don't have the link anymore - that if source code to Windows was released, some stuff could be found in there that may posses a threat to national security if it would be known. And, btw, it was a MicroSoft official that declared that [interestingly enough, shouldn't the NSA be investigating if something like this is out in the open? Are commercial rights more important than individual freedoms?]
If an AV Company was discovered as writing virii and releasing them on purpous for economical reasons the company would go bust very fast this fact would destroy their reputation, clients wouldn't by their AV product anymore ...
cl: An AV company would risk more by writing virii than what the could get back
Sorry I had forgotten about novell, in fact the post on this site is the first time I've heard about it since I played with 3.2 on my ol P75.. I was sure it was dead.. but.. My Bad