Cisco CSO Says Antivirus Money "Completely Wasted"

mernil writes with an excerpt that kicks off a story at ZDNet Australia: "Companies are wasting money on security processes — such as applying patches and using antivirus software — which just don't work, according to Cisco's chief security officer John Stewart. Speaking at the AusCERT 2008 conference in the Gold Coast yesterday, Stewart said the malware industry is moving faster than the security industry, making it impossible for users to remain secure."

Quick linux question

[thecheatah]

As a desktop linux user, has anyone EVER gotten a virus? Or better yet has any anti-virus program saved your ass?

Re:Quick linux question

[Paradigm_Complex]

http://www.winehq.org/pipermail/wine-users/2005-January/016730.html Just limit wine to your ~/.wine/drive_c folder so. Should you catch a windows virus, it can't do anymore harm then messing up that one folder. I've purposefully tried to get my wine directory owned before - wine is getting pretty good, 'cuz I succeeded(ish) :D Don't know about fixing that kind of thing with some AV, I just deleted the folder and copied everything from backups, as one usually would with a VM.

Re:Agreed -Free For Personal Use

[iminplaya]

Then have a reformatting partition on your drive and press f11 during startup to clean everything out.

That's a bit complex. Why not just run a liveCD then? Cache it into RAM, and it runs very fast.

Re:Agreed

[Tom]

SELinux is far too weak in reality Come again? I've got a long list of stuff I'd wish SELinux were better in, but "weak" isn't anywhere on it and I think of myself as knowing quite a bit about it. What exactly do you mean by "weak" ?

Re:Agreed -Free For Personal Use

[Crayon+Kid]

I find it very interesting, as well as sad, to see this kind of solution. You're basically saying "you can't protect against malware, let's give up and use backup as the only defense".

Is this really what it's like? Is having malware violating your personal computer the norm? Is it really impossible to design secure OS's and applications from the ground up instead of making them full of holes and relying on "solutions" that pick up the pieces? Is it really better to do damage control than prevention?

I find that very hard to believe. I think it's more likely that the current state of the software industry is based on complacency and no respect for the customer and his or her personal data.

If it turned out that the maker of your main door lock made a shoddy product that allowed anybody to unlock it and have their way with your house... you'd be mad, right? You'd hold them responsible, want your money back, never buy from them again, maybe even sue them and ask for reparations if they acted like assholes.

But when your personal computer gets broken into you don't make a peep, you just sigh and use a backup, if they have one. Then it's back to the torture of finding and paying for antimalware, knowing full well that one day you'll get shafted again.

Someone please explain this self-abuse to me. The only explanation I've come up with is that people are ignorant and/or brainwashed into thinking there's no alternative so they'll put up with anything and think that's how it's supposed to work.

Software industry needs to grow a spine, take responsability and stop all the "no guarantees" crap. Than maybe, just maybe we'll see some improvement on the malware front.

Re:Agreed

[Thelasko]

Yes! exactly. I'm no sysadmin, but I understand that running a virtual machine firewall on a host that is insecure makes none of it more secure. To be secure, it has to be the other way around. The host has to be the secure machine.

This whole thing makes me wonder why there isn't a lightweight Linux distribution thats sole purpose is to run another OS in a virtual machine. A user could then run a firewall/etc on this hypervisor to protect the guest.

I know Vista is supposed to do this, but let's face it, it's a big target, and it's created by Microsoft.