Slashdot Mirror

← Back to Stories (view on slashdot.org)

Malware vs. Anti-Malware, 20 Years Into The Fray

Posted by timothy on from the might-as-well-enjoy-it dept.

jcatcw writes "Steven J. Vaughan-Nichols considers the dissimilarities between malware of yore and current infiltrations as we approach the 20th anniversary of the Robert Morris worm. Modern malware apps curl up and make themselves at home in your system, where they wait for a chance to snatch an important password or a credit card number. Welcome to the era of capitalist hacking. Any self-respecting malware program today is polymorphic, making signature-based antivirus approaches difficult. Heuristics and virtual sandboxes offer alternatives, but all such methods are reactive. Unfortunately, monitoring lists and networks is about the only current alternative."

3 of 62 comments (clear)

  1. Re:There is no cleanup anymore by wizardforce · · Score: 3, Insightful

    not only that but a more varied OS/software environment would lessen the damage that could be caused by malware/baddies in general. homogenization is likely one of the worst things to have ever happened to software in general.

    --
    Sigs are too short to say anything truly profound so read the above post instead.
  2. Throw out 2 level access control! by Anonymous Coward · · Score: 3, Insightful

    The whole way security is treated needs to be changed. Having root and an ordinary user just doesn't offer the level of granularity that users need. As a user I want to be able to do everything on my computer, what's really needed is fine grained access control per program. Of course, that has issues with users having to grant those privileges but you could have profiles. Imagine installing Evolution or something and it pops up and says "This software says it's a mail client, does that sound right to you?" and then what privileges it gets granted will be set by a "mail client" profile already installed on the system.

    When you need to install something esoteric then you would have to do some more advanced steps but if you are installing something strange then you probably know what you are doing anyway.

    This could maybe be combined with some sort of trust network. Say your friend installs something that needs non-standard access rights, they could grant the required permissions and create a new profile. You would have them in your trusted list and would have access to all of their profiles so when you install that application, it can categorise it using the info your friend provided.

    I think this system provides a good balance between really fine grained permissions and not blindly clicking through loads of confirmation dialogs.

  3. Alarmist by redelm · · Score: 3, Insightful
    Sorry, I'm not paranoid. Go peddle your fear somewhere else. Yes, there are real threats. There is also a cost both in money and peace-of-mind of fighting them.

    There is a balance to be struck, and "Better safe than sorry" can be answered "better neither than either".