|
Khablam posted:Yes.
|
# ¿ Nov 2, 2013 23:10 |
|
|
# ¿ May 21, 2024 01:31 |
|
Alereon posted:It comes down to a simple choice: Do you want your system to work, or do you want high scores in detection and blocking benchmarks? Those desires are mutually exclusive because the apps that achieve those high rates do so by aggressively blocking entire classes of content and using loose generic/heuristic detections. This is visible to users as certain websites and applications not working. Realistically users getting hit by malware aren't going to avoid it more by having a different vendor solution in front of them. They'll still make the same ill-informed decisions as they've not been told to do anything else. It comes down to education, making sure their software auto-updates and ultimately reducing risk. Pay attention to when you're just treating symptoms rather than the underlying issue. It's a shame this thread turned into CJs yelling about how their favourite antivirus is better, or how another forum is incompetent. Has anyone seen any notable viruses lately? What propagation methods were they using? Any interesting vulnerabilities being leveraged or just phishing? How deep did it dig into the system and did it bring any friends? Got a sample variant for someone else to look at?
|
# ¿ Mar 2, 2014 18:23 |
|
Install Windows posted:This is correct. Android "scanners" are almost entirely useless.
|
# ¿ May 22, 2014 03:12 |
|
Khablam posted:Yes, that's the one, adoption of updates including the vulnerability fix hasn't been great, which is mainly why I think AV on android is a good idea.
|
# ¿ May 23, 2014 00:56 |
|
While file previews exist the answer is still wrong.
|
# ¿ Aug 10, 2014 01:09 |
|
Khablam posted:"Relatively easy productivity and security upgrades" often don't get used much for the first part, and in most cases don't supply the latter (unless it's out of support). Docx compatibility was patched into every version of word after '97 - so, 200x and XP, so format compatibility is not really an issue.
|
# ¿ Aug 20, 2014 17:36 |
|
Airgap anyone posting here
|
# ¿ Nov 25, 2014 20:36 |
|
your password systems are dumb and insecure and you should all feel bad
|
# ¿ Oct 16, 2015 15:21 |
|
mindphlux posted:you have given some decent advice in this thread, but.......... really? your linked thread doesn't address malware removal at all, and the advice given is.... errr.... ??? "unplug your machine from the internet and run an (undefined) scan"? or reformat? dunno what you're on about dude...
|
# ¿ Oct 22, 2015 07:27 |
|
mindphlux posted:it has been effective in practice for me for the past 5 years, I can think of only 2 machines out of several hundred where I wasn't able to identify/remove the malware, and had to reflatten. I'm not saying you're wrong, but seriously, outline a better generic malware removal workflow top to bottom or gtfo. e: I see you have edited your post. mindphlux posted:it has been effective in practice for me for the past 5 years, I can think of only 2 machines out of several hundred where I wasn't able to identify/remove the malware, and had to reflatten. I mean, I do this for a living. mindphlux posted:rkill Wiggly Wayne DDS fucked around with this message at 08:33 on Oct 22, 2015 |
# ¿ Oct 22, 2015 08:17 |
|
mindphlux posted:If you think flattening and reinstalling every time a machine gets infected with malware is sane advice, you are either a. an individual with lots of time on your hands, b. someone who has never worked in a business environment, or c. a sysadmin at a large organization that has the luxury of a standard system image with poo poo already preinstalled that you can just push out to any machine that gets infected.
|
# ¿ Oct 22, 2015 17:21 |
|
mindphlux posted:Yes, I'm completely willing to do this, and have already several times. They are diagnostic tools that help identify malware, provide their user with logs, and allow me (or one) to rehabilitate otherwise unusable systems. And yes, of course scanning offline.
|
# ¿ Oct 22, 2015 17:44 |
|
Khablam posted:Beandip and Wiggly aren't wrong, they're just approaching the problem as though every piece of malware is custom written for their machine and they're a middle-eastern state starting a nuclear program. So you're just arguing a POV, and they won't ever budge. Just give up.
|
# ¿ Oct 22, 2015 18:38 |
|
Geemer posted:How do you trust your computer not to be infected already? Maybe it's such a good malware that you can't even find it. quote:Also, what do consumer protection laws in the US have to do with malware anyway? Malware is made to steal info or coerce the user to spend money, not the most legitimate business practices. Do you really think a malware writer stops to think if they are handling the passwords and credit card numbers they steal in accordance to the relevant legislation?
|
# ¿ Oct 22, 2015 19:37 |
|
Khablam posted:You're the IT equivalent of the anti-vax people, where evidence there's no harm is just more proof to them there is, and no-ones opinion is worth anything to you if you disagree, and such any differing opinion is moot to you. You have never "proven" anything in this or any thread, you've simply kept screaming whilst the people less invested walk away.
|
# ¿ Oct 22, 2015 20:27 |
|
Tapedump posted:Wait, is this indicative of your own siding with the anti-vax stance, or is it just you drawing an analogy to the info sec argument here?
|
# ¿ Oct 23, 2015 20:04 |
|
mindphlux posted:also let's not bother to provide any positive examples of what we think 'the right way' is, and instead just troll people on the internet, it will be great, I promise.
|
# ¿ Oct 27, 2015 08:48 |
|
mindphlux posted:no, I actually have asked about 5 times for examples of how you guys propose to handle malware/virus problems in a reasonable amount of time. I outlined my SOP line by line, please outline yours line by line.
|
# ¿ Oct 27, 2015 15:04 |
|
i'm glad code signing certs are hard to obtain
|
# ¿ Oct 27, 2015 20:47 |
|
redeyes posted:There are certainly problems with compromised certs recently but it seems like the industry revokes them pretty fast. I've yet to see a boot sector virus or anything like it on systems with secure boot enabled. redeyes posted:That was a question not a statement pal. Windows 10 is not Windows 8 so maybe this is fixed.
|
# ¿ Oct 27, 2015 20:55 |
|
Khablam posted:- If the malware is invisible to a "free web tools" / paid AV analysis, why are you looking for it?
|
# ¿ Oct 28, 2015 00:33 |
|
This thread really wasn't doing anything important beforehand.
|
# ¿ Oct 28, 2015 16:43 |
|
Any lurkers who give a poo poo about security you're welcome to join us in http://forums.somethingawful.com/showthread.php?threadid=3712267
|
# ¿ Oct 28, 2015 17:27 |
|
|
# ¿ May 21, 2024 01:31 |
|
MF_James posted:yospos/whateverthefuckitisnow screams of serious posting about serious security seriousness Subjunctive posted:Intel Management Engine is good times.
|
# ¿ Oct 28, 2015 20:30 |