According to the well-known rootkit expert Joanna Rutkowska using av software is useless. This Pani does not use any virusscan. She has nothing good to comment about the way in which many av vendors tacle the problem e.g. only blocking known malware. She does not believe in Host Intrusion Detection Systems either and in stopping unknown malware vectors using artificial intelligence.
“I am very careful when I surf the Internet, I am using NoScript and never open suspicious mails or PowerPoint/PDF documents”. She knows that this is not enough, because there are many ways to get her system infected with malicious code. That is why Pani Rutkowska regularly runs her own tool to check on the integrity of her system. Furthermore she uses Wireshark to check traffic.
Who I am to say anything against a well-known rootkit expert ;D ;D
Who are we to believe just in her? ;D ;D
I won’t be surprised that the expert will be employeed by a very huge company and change her mind, saying the best is having a very strong and secure operational system, this is enough
Am I joking? Judge yourself ;D
There is a difference in not using an AV and being unprotected. With her level of experience and the additional protection measures she has implemented she will probably have no problems.
But, for your average Joe or Joanna they need all the help they can get in the form of an AV, Firewall, anti-spyware, keeping their OS fully up to date and having a back-up and recovery strategy.
David, even thinking in this way… I cannot take in a serious way her opinion: only an off-line computer (without floppy or USB) could be this secure.
We’re not talking on overpowering secure, we’re talking on common users… Or she is arrogant (the only one with reason and common sense), or I can’t take her assumptions seriously.
I’m pleased that this lady can supposedly do what she does in operating her system. This probably is an exception to the real world though. I know I won’t put my pc station in that situation.
Not everyone has the command to restore the operational system like it is running inside a sandbox. Well I am almost certain that Dr Joanna Rutkowska uses a very good implimented firewall, but the advanced powerusers have that layered defence that they seldom run into malware, and then it is just hard luck. Polonus get the creeps when he cannot scan a download with his DrWeb pre-link av scanner add-on, and when he vists sites with full script and flash installed or surfing with full admin rights.
You have to fine tweak all the processes that you run on your machine and fully understand what Windows means with the term “trust”, or know all the dos workings that make some obfuscated files unhide. In this way I think Joanna Rutkowska has a full grip on the workings of the OS, else it is an impossible mission surfing on the automatic pilot so to say,
Well, this way until I can surf unprotected. Starting all over again, restoring a backup image, running all the system in a sandbox…
This way you can forget antivirus… I run a virtual environment without fear, if it gets problems, restore it or just start it again…
We were talking about real life
I think using non-admin account, ntfs file system, good firewall, full-updated OS and software, safe browsers (e.g. Opera) and safe computing practice habit should be enough, no need to using any anti-virus or anti-spyware to slow a system down. It’s not a panacea but it’s enough.
What is and what will be in the future safe computing practice… if virus makers don’t change their habits, you won’t have problems but, they are criative ;D :-\
But you agree with me this is only for the advanced user. You, maybe I, and the general sys admin who knows what he or she or it is doing. The advanced user with secure practices (who occasionally only need to run stinger.exe or an anti-trojan, anti-spyware database). And they have to know where dangers lures around the corner, and in my humble opinion the main vectors are unsafe scripting (java, ajax, Iframes, Flash, all these things webmasters like to use for inter-activity), services you do not need really, messaging that is not a must and secure mailing or too much rights on an account (for instance installing SafeXP can add a lot to one’s security)… In that case I would like to admit the chance of getting the occasional malware is more remote. If everybody used rich text format only, there would be very little malware around.
Well going to the real world that is way away from Mr or Mrs Average, that click on anything they think is a personal message from their computer, and that go reasoning according such lines as: "You can click right, left, and if it does not work, you can always “click it away”. Only explaining to these people what “default” means is a hell of a job, they should not be sitting behind a computer in the first place, but they are such nice “consumers”, aren’t they?. And then there is a whole scala in between that really need to be protected mostly “against themselves”, well for those there is AVAST!
But you agree with me this is only for the advanced user.
IMHO
This unfortunately sounds more like the lawyer who decides to defend himself only to find out
that he now has a fool for a client.
[b]This is the 21st century. We all need protection if we want to practice Safe Surfing.[/b] ;D
I think we may well turn that around an say: "This is the 21st century - users are the entities we should been protected against.
OK I agree that we need protection, you cannot state it as black and white as in this thread. But our main enemy here is IGNORANCE. We need education into safe practices.
How many bosses allow their staff to use webmail, even when people know about the dangers (malware - economic - libel), and warn them not to allow their workers access to webmail, still 48% are not aware they need to protect users from doing it. Here ignorance helps the malware/spyware/adware spreaders on a grand scale.
You have to agree with me and the other posters that an awful lot of problems we have to-day on the Internet are just caused by people that are outright stupid, or even worse doing things because they are not aware they are into stupid things.
That is why we have the malware arena we have to-day. It is not about the things we know, it is about the things we don’t.