A little story about Malware.....

[Mystic]

If you are referring to me I guess I can be considered to be living in the Midwest (or West, since I live in Colorado), I don't drive a Buick, and I am not a Baptist. I am also not saying that all malware problems are caused by people visiting porn sites. If you read what I said in my post, you will see that I said that a guy I know at work who likes porn constantly has his computer infected with malware. That is a simple fact. It helps to be able to read posts here with understanding.

I am fully aware that ANY website can be compromised by malware. However, there are certain websites that are more likely to be infected. These include peer to peer file sharing websites, websites that offer pirated software, online gambling and porn sites. There are reasons why some people are always having to deal with malware and other people rarely have to deal with it.

Having said that, anybody could encounter malware so matter what their online behavior is because there has been an explosion of malware all over the internet. Still, some websites tend to be safer than others. A major website probably has better security than a website that was sit up by a mom and pop business and they did not really know how to sit up a server. But on the other hand the malware writers are going to try to go after as many computers as possible and will try to compromise the major websites, or advertising at those websites.

Hey, I would not mind that Buick. My Saturn is getting old and they don't make Saturns anymore.

 

[Mark_Walk]

I hear ya...my mom drives a V8 Buick Lucerne that would smoke anything I've owned in the past 20 years. Of course she's confused...she has a Mac and a PC.

 

[440Magnum]

Originally Posted By: 91344George
The BEST malware protection is located between a humans two ears and is free to use for life.


Yuppers, that's what I've been saying in this thread. I've used Windows and Macs pretty interchangeably for years. In fact I've got a Windows VM that I run on my Mac frequently.

But historically, Unix (including MacOSX) WAS substantially safer than Windows in the past, particularly from the late 90s when Win95/98 and early Win2K/XP were leaky as sieves, up to 3-5 years ago when Msoft got really aggressive about patching security holes. Its a fact, just accept it. Apple's older OS (thru MacOS 9.x) had its pants down a lot of the time too- it was one of the first personal computer OSes that viruses were written for back in the 80s and early 90s. Just accept that too.

So far from what I'm reading and hearing from our own software developers who write embedded applications for Windows, Windows 7 looks quite a lot safer than previous versions so the difference really IS down to what happens between the user's ears.

 

[Mystic]

You are right. The person at the keyboard is the main issue. Somebody could have the best antivirus around and everything updated and still get infected if they do silly things on the internet.

There is no doubt that earlier versions of Windows and the Classic Mac operating systems had a lot of security issues. But from everything I have been able to find out Windows 7, especially 64 bit Windows 7, is much more secure. The malware writers have developed a few rootkits that can get past Microsoft's Patch Guard on 64 bit versions of Windows 7.

During the time I had Apple Computers I saw two viruses and there were two attacks on my computers that were blocked by Intego's NetBarrier. My ISP guy investigated one of those-it had come from a website that had not been used in a while and somebody was using that website to launch attacks. I also had a strange experience (while using Mac OS X) when something seemed to try to load on my computer but was not able to launch. Maybe it was some kind of malware written for Windows that would not work on a Mac. There is malware being written today that can attack either Windows or Mac computers depending on whatever a person is using. I always used antivirus software on my Macs-usually Intego's VirusBarrier. Why take chances?

Until the malware problems get really bad on Macs there will be plenty of Mac users not using antivirus software and perhaps not even turning on their software firewalls. Seems silly to me but live and learn.

 

[440Magnum]

Originally Posted By: Mystic

Until the malware problems get really bad on Macs there will be plenty of Mac users not using antivirus software and perhaps not even turning on their software firewalls. Seems silly to me but live and learn.


And we haven't even addressed users playing the role of Typhoid Mary and passing along viruses in forwarded E-mails because they don't have AV software to flag and remove it. Mac and Linux users running without AV software and firewalls can pass Windows malware to others even if it can't attack their own OS.

 

[buickman50401]

Originally Posted By: Mark_Walk

Way too much [censored] to read here beyond the first paragraph but keep preaching brother....I'm sure some one will listen. Keep spending your money on Norton if you want and I'll keep using my MacBook Pro without any problems (and clicking on the same stuff that kills a PC).

Why would I spend money on *puke* Norton or any AV for that matter when MSE or Avast are free and all that is needed other than an occasional scan with Malwarebytes (also free).

Originally Posted By: Mark_Walk

Isn't it annoying when you buy a new PC and it's loaded with software offers you have to wade through when you start the darn thing up?

Or you just flatten and reinstall Win 7 which takes about 30 mintues.

BTW, isn't it annoying that Apple loads their hardware (and I mean all their hardware - iPods and iPhones included) with an OS that only allows you to do things the way that Steve "The Second Coming of [censored]" Jobs thinks is best for you? I'm still waiting for him to rise from his tomb to deliver iPhone v6.511 totally awesome hipster edition.

Linux is open as far as what you can and cannot install. Windows is the same and most of the worthwhile freeware for Linux has been ported to Windows. You know what's really great is that I can install all sorts of (free) 3rd party software to my hearts content to do exactly what I want. Mac's? No so much.

The thing that makes Windows so open to exploits is that MS has continued to maintain backwards compatibility so that programs designed for XP (and heck even some for Win98) can still run under Win 7. Spotted Monkey Lizard Leopard... not so much. IIRC didn't the latest Mac OS update break a significant number of well-liked and frequently used programs (mostly 3rd party apps)?

Originally Posted By: Mystic

Until the malware problems get really bad on Macs there will be plenty of Mac users not using antivirus software and perhaps not even turning on their software firewalls. Seems silly to me but live and learn.

Macs still ship with the firewall turned off by default don't they? Brilliant security minded move there.

 

[FastGame]

Originally Posted By: 440Magnum
And we haven't even addressed users playing the role of Typhoid Mary and passing along viruses in forwarded E-mails because they don't have AV software to flag and remove it. Mac and Linux users running without AV software and firewalls can pass Windows malware to others even if it can't attack their own OS.


Yep I really agree with you there. The other OS (non-windows) users seem to think that all this virus/malware isn't their problem when in reality it effects everyone, including the other OS user.

Infected machines clog up and slow down the Internet for everyone. Infected machines and the possibility of infection cost companies money via security. This cost is passed on to the consumer, everyone, even those who don't use computers.

IMO the least non-windows users could do is use Bitdefender Traffic Light in their browser. I use Arch Linux and do what I can to help stop all this craziness

 

[MrHorspwer]

Originally Posted By: buickman50401
Explain how some people can go years using Windows computers and run across only a couple of instances of an infection and others inexplicably have their windows boxes riddled full of malware.


You said it yourself: Only a couple instances of infection. That's an admission that even with good surfing habits and even with good AV software, you can still get an infection.

I'm not denying that bad habits won't get you malware. It definatly will. I'm just pointing out that the way you presented that excuse is incredibly condescending, making the implication that you are somehow personally better than somebody who maybe doesn't have your technical savvy and clicked on that very official looking "Antivirus 2011" link. I worded this a bit differently in my last post, but Bill *fixed* it for me

Yet, even with AV and good habits, your PCs, like many others, have been infected. When all it takes is a legit site that's been hacked and a redirect to infect a computer, it's just dumb luck sometimes that we don't get infected.

I'm not meaning this with any insult, but you really need to check yourself if condeming others for getting malware is your thing. I know it's a pretty common theme in IT to hate on the users, but there are better ways to spend your energy than being a hater.

 

[Mystic]

That is a great point 440Magnum that I forgot to bring up. If a Mac user has even one friend who uses Windows they need to realize that a Mac can be a carrier of Windows computer viruses. It is so easy to run some kind of antivirus on a Mac even if only to protect your friends who might be using Windows. And I used Macs for a long time and I DID have two network attacks (one investigated by my ISP) and experience with two viruses (maybe three). Of course that was over a period of several years but people need to realize that Mac malware is on the increase. You can't predict when the attack you think will never happen WILL HAPPEN!

Where I work there is a guy who is working fulltime and getting a degree in Computer Science. His wife has a Mac. He seriously had no clue how to turn on the Apple software firewall. I had to tell him how to do it. He did not even know the firewall is not turned on by default. And a guy above mentioned that this is still true with Mac OS 10.6 and 10.7 (I have not used those two). You would be amazed how many Apple Computer users have no clue about how to turn on the firewall on their own computer or even if that firewall is on by default or not. Years ago when I was in an Apple Store in Littleton Colorado the employees at that store were still telling customers that they had no need for any antivirus software.

Looking at the other side of the coin the amount of malware for Windows computers is insane! Even if somebody is careful on the internet they can run into trouble. One good thing is that Microsoft, Panda, the FBI and others have recently taken down several botnets. We need to go on the offensive against these criminals.

 

[ZeeOSix]

Originally Posted By: buickman50401

Explain how some people can go years using Windows computers and run across only a couple of instances of an infection and others inexplicably have their windows boxes riddled full of malware.


It all depends on who surfs where, and what anti-virus software they are using. If you go surf sites that have tons of malware on them, then sooner or later you will get bit.

 

[DragRace]

I haven't run a av for years,no infections or anything.

Isolate the browser from the rest of the system,with Geswall,or Defensewall or Sandboxie,you'll never have any these issues.But whatever,it's the norm these days to just rely on dated protection.The worst I see is,people paying for cough *protection such as AV software* and then turn around and have to pay to get their PC's fixed!

Antivirus software is the biggest joke period! But live and learn and become educated on what actually works,some dont wanna take the time.

 

[Mystic]

The problem with a lot of sandboxes is that (unless this has changed recently) they can't be run on a 64 bit Windows 7 operating system. Kaspersky has a sandbox available in their Internet Security but it is not compatible with 64 bit Windows 7 systems. In addition, even if somebody has a sandbox, a computer could still be attacked through various network attacks. I think even with a sandbox I would still run at least the free Microsoft Security Essentials. What the heck, it is free and does not slow the computer down much.

I have heard of issues even involving virtual machines and Linux CDs. Some malware reportedly can detect a virtual machine. And I have heard that a computer can still be attacked if somebody is using Linux on a CD to browse the internet, at least in the case of one version of Linux that can read NTFS files.

 

[DragRace]

Originally Posted By: Mystic
The problem with a lot of sandboxes is that (unless this has changed recently) they can't be run on a 64 bit Windows 7 operating system. Kaspersky has a sandbox available in their Internet Security but it is not compatible with 64 bit Windows 7 systems. In addition, even if somebody has a sandbox, a computer could still be attacked through various network attacks. I think even with a sandbox I would still run at least the free Microsoft Security Essentials. What the heck, it is free and does not slow the computer down much.

I have heard of issues even involving virtual machines and Linux CDs. Some malware reportedly can detect a virtual machine. And I have heard that a computer can still be attacked if somebody is using Linux on a CD to browse the internet, at least in the case of one version of Linux that can read NTFS files.


Sandboxie has a 64-bit version.The developer for Defensewall is working on a 64-bit program. I've never seen anything escape out of Sandboxie.Set up properly,you'll be fine. Returnil System Safe 2011 for 32 and 64 bit OS.

I can tell you,any family members PC that I've setup,has never,ever been compromised.

 

[Colt45ws]

Sandboxie works for 64-bit Windows, yup. I used it for a few days until I got tired of it and dumped it.

 

[uc50ic4more]

Originally Posted By: Mystic
And I have heard that a computer can still be attacked if somebody is using Linux on a CD to browse the internet, at least in the case of one version of Linux that can read NTFS files.


Unless the live CD can *write* to the NTFS partition, a compromise to the system is impossible. (Having said that, I think most modern Linux live CD's come with ntfs-3g and can write to NTFS.)

On my Linux systems I simply put /home (where all of the user directories are located) on a separate partition from the root partition, and make the /home partition "noexec"; meaning that no application (or malware of any sort) can "run" from that partition. If the same could be done for Windows I cannot help but think that a (non-administrative) user with a /home (or whatever Windows calls it these days... Users?) partition that did not allow executable files would be pretty safe, too.

 

[Colt45ws]

noexec on home is useless if you can write and exec from someplace else like /tmp which I believe is normal behavior on a linux system. On my server that was part of the security hardened kernel; it disables execution on /tmp.

 

[OVERKILL]

Originally Posted By: DragRace
Originally Posted By: Mystic
The problem with a lot of sandboxes is that (unless this has changed recently) they can't be run on a 64 bit Windows 7 operating system. Kaspersky has a sandbox available in their Internet Security but it is not compatible with 64 bit Windows 7 systems. In addition, even if somebody has a sandbox, a computer could still be attacked through various network attacks. I think even with a sandbox I would still run at least the free Microsoft Security Essentials. What the heck, it is free and does not slow the computer down much.

I have heard of issues even involving virtual machines and Linux CDs. Some malware reportedly can detect a virtual machine. And I have heard that a computer can still be attacked if somebody is using Linux on a CD to browse the internet, at least in the case of one version of Linux that can read NTFS files.


Sandboxie has a 64-bit version.The developer for Defensewall is working on a 64-bit program. I've never seen anything escape out of Sandboxie.Set up properly,you'll be fine. Returnil System Safe 2011 for 32 and 64 bit OS.

I can tell you,any family members PC that I've setup,has never,ever been compromised.

Question:

If you are don't use any sort of antivirus or anti-malware applications, then how do you know they've never been compromised?

I use Sandboxie, but still use NOD32. I also use MWB. And in front of everything is a Juniper SSG. Layered security is the best approach. Putting all your faith in one type of solution is simply setting yourself up for failure.

 

[DragRace]

Originally Posted By: OVERK1LL
Originally Posted By: DragRace
Originally Posted By: Mystic
The problem with a lot of sandboxes is that (unless this has changed recently) they can't be run on a 64 bit Windows 7 operating system. Kaspersky has a sandbox available in their Internet Security but it is not compatible with 64 bit Windows 7 systems. In addition, even if somebody has a sandbox, a computer could still be attacked through various network attacks. I think even with a sandbox I would still run at least the free Microsoft Security Essentials. What the heck, it is free and does not slow the computer down much.

I have heard of issues even involving virtual machines and Linux CDs. Some malware reportedly can detect a virtual machine. And I have heard that a computer can still be attacked if somebody is using Linux on a CD to browse the internet, at least in the case of one version of Linux that can read NTFS files.


Sandboxie has a 64-bit version.The developer for Defensewall is working on a 64-bit program. I've never seen anything escape out of Sandboxie.Set up properly,you'll be fine. Returnil System Safe 2011 for 32 and 64 bit OS.

I can tell you,any family members PC that I've setup,has never,ever been compromised.

Question:

If you are don't use any sort of antivirus or anti-malware applications, then how do you know they've never been compromised?

I use Sandboxie, but still use NOD32. I also use MWB. And in front of everything is a Juniper SSG. Layered security is the best approach. Putting all your faith in one type of solution is simply setting yourself up for failure.


All downloads I scan with malwarebytes or Hitmanpro. In doubt,I also use Virustotal. Been clean for years.

 

[OVERKILL]

Originally Posted By: DragRace
Originally Posted By: OVERK1LL
Originally Posted By: DragRace
Originally Posted By: Mystic
The problem with a lot of sandboxes is that (unless this has changed recently) they can't be run on a 64 bit Windows 7 operating system. Kaspersky has a sandbox available in their Internet Security but it is not compatible with 64 bit Windows 7 systems. In addition, even if somebody has a sandbox, a computer could still be attacked through various network attacks. I think even with a sandbox I would still run at least the free Microsoft Security Essentials. What the heck, it is free and does not slow the computer down much.

I have heard of issues even involving virtual machines and Linux CDs. Some malware reportedly can detect a virtual machine. And I have heard that a computer can still be attacked if somebody is using Linux on a CD to browse the internet, at least in the case of one version of Linux that can read NTFS files.


Sandboxie has a 64-bit version.The developer for Defensewall is working on a 64-bit program. I've never seen anything escape out of Sandboxie.Set up properly,you'll be fine. Returnil System Safe 2011 for 32 and 64 bit OS.

I can tell you,any family members PC that I've setup,has never,ever been compromised.

Question:

If you are don't use any sort of antivirus or anti-malware applications, then how do you know they've never been compromised?

I use Sandboxie, but still use NOD32. I also use MWB. And in front of everything is a Juniper SSG. Layered security is the best approach. Putting all your faith in one type of solution is simply setting yourself up for failure.


All downloads I scan with malwarebytes or Hitmanpro. In doubt,I also use Virustotal. Been clean for years.


So you DO use antimalware software, just not real-time protection. That's a different ball of wax.

I'm a big fan of MWB, hence why I ran it on all these "protected" computers. And not surprisingly, it found all these infections.