« previous next »
Pages: [1]   Go Down

Author Topic: Alternate views on the malware problem  (Read 3553 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33925
  • malware fighter
Alternate views on the malware problem
« on: April 10, 2006, 02:38:52 PM »
Hi malware fighters,

You should be informed about these unorthodox views, just to be aware of the ramnifications and to adopt what you think are valid points there.
Read: http://www.softpanorama.org/Malware/index.shtml

Interesting to hear what you think about this?

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Spiritsongs

  • Guest
Re: Alternate views on the malware problem
« Reply #1 on: April 10, 2006, 08:25:04 PM »
 :)  Hi Damien :

      HOW do you come across such info !? Which of the 27
     "categories" at the top of that site should we look into
      more in depth ?
Logged

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33925
  • malware fighter
Re: Alternate views on the malware problem
« Reply #2 on: April 10, 2006, 08:55:47 PM »
Well Spiritsongs,

There all well worth reading, but as I say "cum grano salis".
I would take the FAQ and this: http://www.softpanorama.org/Malware/Malware_defense_history/index.shtml

Well what I learned from the info on this site, always read up various malware description from various sources on a particular malware infection you want to take out.
Second thing that the particular outlay of the Microsoft OS is not very, very malware vector "un"friendly, to put it mildly.
Here are some examples from the past and present:
    *

      A incorrect implementation of read-only attribute (as well as other attributes) for files starting with MS Dos.
    *

      A buggy implementation of the program loader (no even simple check for CRC correctness was implemented, although the field did existed in the EXE files header).
    *

      Virus-friendly implementation of IPL in BIOS;
    *

      No compression for executables to make tampering more difficult and time consuming (despite the fact that lzexe, diet and PKlite are around for more than a decade ;-)
    *

      A systematic ignorance of security issues in OLE implementation (MS Office documents are pretty good example).
    *

      hiding of the extension of the files (configurable setting in File Explorer) in versions of Windows starting with Windows 95

You will find a couple of examples put out there, some are very plausible.
Then there are more ways to combat malware than "on the fly scanning". AV false finds are a double-edged sword really, on the one hand they are vital, on the other hand ignoring them gives a false feeling of security.
And then the big thing I learned here is. Always establish first of your particular OS or software means that you are vulnerable to a specific malware vector, if not you have a worry less.
I do not agree fully with the extremes stated there, that av scanning can be harmful in some cases. Anyway taking the wrong files out, can be detrimental.
All in all good info for giving you a fresh look. Was not it John FK
who said that "the truth is endangered most by "myths", not lies". And how right this President was.

polonus
« Last Edit: April 10, 2006, 10:39:53 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »