Slashdot Mirror
Microsoft's Vista AV Fails Certification
An anonymous reader writes "Microsoft's much-hyped anti-virus solution, Live OneCare and three other Vista AV products failed to achieve the Virus Bulletin's VB100 certification. The other products are McAfee's VirusScan Enterprise, G DATA's AntiVirusKit 2007, and Norman's VirusControl. All failed to pass a series of tests that are required to display the VB100 badge. 'With the number of delays that we've seen in Vista's release, there's no excuse for security vendors not to have got their products right by now,' said John Hawes, technical consultant at Virus Bulletin."
Now, if you're excuse me, I need to get back to setting up my Linkskey router...
Well, how many people run AV on their linux/BSD boxes?
Now, since Vista is securebydesign, it too no longer needs any anti-viruses!
Obama likes poor people so much, he wants to make more of them.
This may be tough on my karma, but I have to get it out: goddammit what's with the worthless tagging? I know the feature's beta, but if I see "haha" or "yes" followed by "no" one more time ... (ok I have no recourse). But seriously guys this feature is supposed to, as far as I can tell, eventually provide a useful augmentation or even replacement for search. Please try not to screw it up.
If we talking about trashing the system instead of trashing ~, you would be right in the case of a single user system.
However, we are talking about trashing everything, against trashing just ~. Obviously just ~ is better.
In the case of a multi-user system, trashing one users ~ is much better than trashing everything. Most home PCs are multi users. Office PCs are invariably single user, but they should get backed up.
It is much easier to back up a single user's directory than an entire system.
Finally, limited access to the system makes it harder for viruses to propagate. How is it going to run again after a log out? Most people do not regularly run executables from their own directories: the executables they do run will not be infected. Certainly something like bash_profile or an autostart directory, but cleaning these up should be trivial. Am I missing anything here?
... Symantec and McAffee to get their shit together and make an antivirus that doesn't suck.
I'm not sure such a thing is even possible anymore. The usefulness of AV software has always been pretty questionable, and they never seem to have gotten over the threat model of months or years-old viruses being passed from floppy to floppy. Most threats are one-off now, like social engineering spam, one-day long trojan horse attacks, adware, and exploiting OS vulnerabilities to run spam zombies. As far as I can tell, my resource-hogging, system-destabilizing virus scanner does effectively nothing against any of those and there's no reason to believe it can be changed to do so.
As far as I can tell, my resource-hogging, system-destabilizing virus scanner does effectively nothing against any of those and there's no reason to believe it can be changed to do so.
ABSOLUTELY. I gave up on AV programs some time ago. A good firewall, firewall-like execution protection such as Process Guard, not using the most popular email programs or web browsers, and severely restricting web-based application execution (i.e., boycott ActiveX and hamstring Java and Javascript) are far more effective techniques for tripping up a virus as such attacks will almost always try to 1) exploit networking applications most common to the OS, 2) try to run some kind of executable that you haven't run before, and/or 3) attempt some kind of network operation in order to propagate itself. Trying to recognize virus signatures is a lousy use of CPU resources, and has not been seen to be very effective.
AV software companies are addicted to the subscription model that signature-based AV provides, and consequently are in a serious conflict-of-interest with regards to best security practices. Symantec in particular seems to be short of ideas for an alternative business model, and have opted instead to whine like a six-year-old who's mommy won't let them buy candy at the checkstand.