How should I interpret these virus statements by F-Prot

How should I interpret these virus statements by F-Prot
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
How should I interpret these virus statements by F-Prot Stan Hilliard 04-28-2007
Posted by Sebastian G. on May 3, 2007, 2:52 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
RedForeman wrote:

>> RedForeman wrote:
>>> I use AVG, aVast and CA-EZ all together, and have now for 4 years,
>>> (knock-knock) and have never gotten a virus or a web-script
>> I never used virus scanner and never got any system infection either. Seem
>> like your argument has no base whatsoever.
>
> You're right... of course...
>
> I have no argument... I have no base... I have no system.... I have
> nothing whatsoever...


Maybe you didn't get the point, hein? If a system without these exists that
is clean as well, there's no indication whatsoever that your system being
clean (presumably you're competent to make such a judgement) has any
relation to the stated virus scanners. This is even further surported by the
simple technical fact that virus scanners can't protect against viruses.

Posted by RedForeman on May 4, 2007, 9:05 am
If you were  Registered and logged in, you could reply and use other advanced thread options
> RedForeman wrote:
> >> RedForeman wrote:
> >>> I use AVG, aVast and CA-EZ all together, and have now for 4 years,
> >>> (knock-knock) and have never gotten a virus or a web-script
> >> I never used virus scanner and never got any system infection either. Seem
> >> like your argument has no base whatsoever.
>
> > You're right... of course...
>
> > I have no argument... I have no base... I have no system.... I have
> > nothing whatsoever...
>
> Maybe you didn't get the point, hein? If a system without these exists that
> is clean as well, there's no indication whatsoever that your system being
> clean (presumably you're competent to make such a judgement) has any
> relation to the stated virus scanners. This is even further surported by the
> simple technical fact that virus scanners can't protect against viruses.

I got it, I just don't believe it... and don't want to argue about it
because I don't know as much about the subject as you...


Posted by Sebastian G. on May 4, 2007, 10:18 am
If you were  Registered and logged in, you could reply and use other advanced thread options
RedForeman wrote:


> I got it, I just don't believe it...


Hm... seems you like have a problem with reality.

> and don't want to argue about it because I don't know as much about the

> subject as you...

Well, let me rephrase this: You don't know what a virus scanner works like,
where its limits are and how to use it correctly. Yet you want to use it to
increase the security of your computer system. May I call BULLSHIT?

Posted by RedForeman on May 4, 2007, 11:49 am
If you were  Registered and logged in, you could reply and use other advanced thread options
> RedForeman wrote:
> > I got it, I just don't believe it...
>
> Hm... seems you like have a problem with reality.
>
> > and don't want to argue about it because I don't know as much about the
>
> > subject as you...
>
> Well, let me rephrase this: You don't know what a virus scanner works like,
> where its limits are and how to use it correctly. Yet you want to use it to
> increase the security of your computer system. May I call BULLSHIT?

I used to love playing that game.... Bulllll shit....

Virus scanners work on signatures... signature based scanners see the
'signature' of the virus in a file, thus reacting to the file's finger-
print on/in the file. right or wrong? and no I didn't google it...
yet...

Ok, a fully patched OS, sitting behind a firewall, with properly setup
ACLs and firewall rules will be as protected from the external world
as a pc with virus scanners, sitting behind the same firewall... that
much I agree.... both machines are protected by inbound rules, access
list, and packet rules.... if the perimeter had AV scanning there,
then you wouldn't need a desktop AV solution...

Well, my web saavy friend likes to get on the web and look at old car
pictures.... one day his friend sent him a link that sent him to a
page that he downloaded... and the rest is history....

Isn't alot of this trivial? We're splitting hairs when it's all said
and done....

The fact remains, security is a state of mind, and is relative to the
situation, the setup, configuration, etc....


Posted by Sebastian G. on May 4, 2007, 3:37 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
RedForeman wrote:

>> RedForeman wrote:
>>> I got it, I just don't believe it...
>> Hm... seems you like have a problem with reality.
>>
>>> and don't want to argue about it because I don't know as much about the
>> > subject as you...
>>
>> Well, let me rephrase this: You don't know what a virus scanner works like,
>> where its limits are and how to use it correctly. Yet you want to use it to
>> increase the security of your computer system. May I call BULLSHIT?
>
> I used to love playing that game.... Bulllll shit....
>
> Virus scanners work on signatures... signature based scanners see the
> 'signature' of the virus in a file, thus reacting to the file's finger-
> print on/in the file. right or wrong?


Which has two trivial implications:

- a malware whichs signature is not in the list will slip by
- attack vectors not involving files (f.e. exploiting webbrowsers) can't be
checked either

Thus, in general virus scanners fail and therefore don't protect. They can't
replace safe hex and keeping the system up-to-date and well-configured.

(However, they might be usable as intrusion detection system)

> Ok, a fully patched OS, sitting behind a firewall, with properly setup
> ACLs and firewall rules will be as protected from the external world
> as a pc with virus scanners, sitting behind the same firewall... that
> much I agree.... both machines are protected by inbound rules, access
> list, and packet rules.... if the perimeter had AV scanning there,
> then you wouldn't need a desktop AV solution...


You don't need any virus scanners, especially if a system is protected that
well (according to your description). Heck, it simply won't change anything,
except for possibly creating new security holes.

> Well, my web saavy friend likes to get on the web and look at old car
> pictures.... one day his friend sent him a link that sent him to a
> page that he downloaded... and the rest is history....


Your point being?

> The fact remains, security is a state of mind, and is relative to the
> situation, the setup, configuration, etc....

While I agree with the latter, the first one is bullshit. Security is an
objective property of a system (wrt. to some criteria) and must be well
measurable, calculable and reliable to a certain anything. Just believing in
security ("state of mind") won't change anything.

Similar ThreadsPosted
Can anyone interpret this paragraph from "Connected: An Internet Encyclopedia"? July 1, 2007, 2:06 pm
Sample virus or bit pattern to verify anti-virus software is working? December 1, 2004, 12:47 pm
new virus(es) ? July 4, 2004, 6:09 am
virus January 15, 2005, 9:49 pm
virus? June 3, 2005, 12:24 am
I need a virus June 15, 2005, 7:51 am
Some virus questions May 2, 2005, 6:57 am
LOL: Strong Bad gets a virus e-mail! November 15, 2004, 12:00 pm
AnswerAuctions: Virus Software December 10, 2004, 5:28 pm
Spyware and virus killer February 23, 2005, 11:02 am

The site map in XML format XML site map

Contact Us | Privacy Policy