The summary left out some important information. From TFA:
...the samples detection rates are only one of the two elements evaluated for the antivirus final classification, being the number of false positives the other. Rising a false alarm about a malware on a legit software can cause as much troubles like a real infection, the report states, and it is for this reason that AVIRA, Kaspersky and other products, even if they have obtained very good results in identifying samples, have been penalized with a lower classification.
So the certification level ADVANCED+ has been achieved by ESET NOD32 only, that has detected 20% less of the samples that AVIRA AntiVir has discovered but has triggered only 7 false alarms.
Mozilla needs your permission to install plugins from unverified sources.
But since windows standard practice is to click on everything that has an OK on it, I think it doesn't matter.
IIRC, it doesn't need your permission, it simply won't do it without manually editing the configuration file. The Bitdefender article has some insight on how it works.
is intended to be delivered onto a compromised computer system by other malware for subsequent download into Mozilla Firefox's Plugin folder. Once installed it gets to work every time Firefox is started.
All that crap about "drive by downloads" is BS. The only way you could get this is if your machine was already compromised.
is intended to be delivered onto a compromised computer system by other malware for subsequent download into Mozilla Firefox's Plugin folder. Once installed it gets to work every time Firefox is started.
Apparently Firefox has protections so plugins can only be downloaded from addons.mozilla.org, but if they are downloaded by another program, and placed in the appropriate folder, Firefox will use them.
There are two things to know about this:
1) Another piece of malware has to be present on the machine for this to happen.
2) There is a "feature" in Firefox that allows it to run any program in the plugin folder.
Yeah, there's a bug in Firefox, but it's not the root cause.
The way I see it, two things could happen:
1. Google and Yahoo could partner, leading to a monopoly.
2. Yahoo will go out of business, leading to a monopoly.
There is no way to prevent a monopoly.
Old news. Price of scrap has bottomed out in the past few months.
The root word of news is new, therefore this isn't news at all. It would have been news a few months back, but the media was too busy covering the high price of gas to cover this story.
Commodities prices overall have gone down due to the recession. Over the summer I used to go for evening walks and pick up any aluminum cans I found along the way. I could sell them for over $0.70/lb around here. I figured that came to $0.02/can. Now the price of aluminum has dropped to about $0.20/lb. It's not worth going out into the cold for that.
What it sounds like to me is that police departments will be able to search other police departments' computers. Not police searching civilian computers. The whole article is vague by using the term "remote searches" and not giving any more explanation.
While I was in college I once spent the summer installing computers at a small company. After a few installations I received a few calls from people having trouble with their mouse. I soon discovered that these people had one thing in common, red mousepads.
Sure this new blue mouse will work on a variety of surfaces, but will it work on my blue mousepad?
Perhaps programmers that have consistently good code should have some value placed on them. We'll call it "Karma". Programmers with good Karma get audited less often than others. If they fail an audit, they loose some "Karma" and have to write a bunch of excellent code to get it back.
There's a limit to even "professional" theives' skills.
You have never seen the TV show Masterminds have you? It's all risk vs. reward. If the reward is high enough, professional thieves will go to great lengths. Howstuffworks has an interesting article about the biggest diamond heists in history.
The important thing is to make sure the risk vs. reward is in your favor. A pro will do the homework and realize it's not worth his/her time and energy defeat all kinds of security measures to sell your laptop for $500 on the street.
I have the same setup Jason Wynn had in the movie adaptation of Spawn. Except, instead of releasing a deadly virus when my heart stops, it releases my usernames and passwords.
Thieves typically dont have the IQ to do any of that.
Remember, there are two kinds of thieves. There are amateurs and there are pros.
Amateurs are desperate people, usually because of an addiction of some sort, who steal whenever an opportunity presents itself. They see a car with an unlocked door, or an open window and they act. These people are the most common type of thieves, and will be caught with this technology.
Professionals steal things for a living. They are very calculated and know all of the security measures people use, and how to avoid them. This technology will not stop a professional. In fact, nothing will stop a professional. Professionals are why you buy insurance.
Fortunately, there aren't many professional thieves. When you think about it, it's very difficult to become a professional thief. This is because a pro cannot be desperate. They need to have time to study their target and come up with a plan of attack. This requires a person with a certain personality, that doesn't steal out of last resort, but steals for some other reason. There aren't many people like this in the world, and most of them are caught before they become very good at stealing.
My favorite piece of information about stopping thieves can be found here. (Warning, link contains flash video)
there's a survival kit device that is basically a straw with a filter laminate in it - the claim is that you can stick the end of this thing in raw sewage, suck on it and get a drink of pure water.
And I was amazed at how much fun these kids had with TuxMath
I just found out about SAGE. I looked at this screenshot and the first thing I thought of was education. Of course SAGE is geared towards high school and above.
What the OP did was noble, but this is a solution that doesn't scale. If schools started excepting donations of old computers, everybody would bring in their broken computers and the schools would be stuck with a pile of e-waste. This e-waste could potentially cost more to dispose of than the cost of purchasing a few new computers.
Slashdot Mirror
This one comment demonstrates why the entire article is bogus. Thanks.
If you actually read the fine article it goes on to note Avira's high rate of false positives and recommends NOD32 instead.
Mozilla needs your permission to install plugins from unverified sources. But since windows standard practice is to click on everything that has an OK on it, I think it doesn't matter.
IIRC, it doesn't need your permission, it simply won't do it without manually editing the configuration file. The Bitdefender article has some insight on how it works.
All that crap about "drive by downloads" is BS. The only way you could get this is if your machine was already compromised.
Apparently Firefox has protections so plugins can only be downloaded from addons.mozilla.org, but if they are downloaded by another program, and placed in the appropriate folder, Firefox will use them.
There are two things to know about this:
1) Another piece of malware has to be present on the machine for this to happen.
2) There is a "feature" in Firefox that allows it to run any program in the plugin folder.
Yeah, there's a bug in Firefox, but it's not the root cause.
Firefox was written so all addons had to come from addons.mozilla.org. How is such a drive by download even possible?
to separation of church and space?
Just hand these out to teenage girls and we'll have enough power to supply the entire world for all its needs.
gt W d tyms! tlkN OTP S so lst wk. It's ll bout txt msgN now.
Translation: Get with the times! Talking on the phone is so last week. It's all about text messaging now.
The way I see it, two things could happen:
1. Google and Yahoo could partner, leading to a monopoly.
2. Yahoo will go out of business, leading to a monopoly.
There is no way to prevent a monopoly.
Well, the news is that the government is slow...
That's not news either.
Sorry for the selective quote.
Old news. Price of scrap has bottomed out in the past few months.
The root word of news is new, therefore this isn't news at all. It would have been news a few months back, but the media was too busy covering the high price of gas to cover this story.
Commodities prices overall have gone down due to the recession. Over the summer I used to go for evening walks and pick up any aluminum cans I found along the way. I could sell them for over $0.70/lb around here. I figured that came to $0.02/can. Now the price of aluminum has dropped to about $0.20/lb. It's not worth going out into the cold for that.
Ok, if it's police computers searching other police computers, WTF do they need trojans for? :P
Trojans aren't mentioned in TFA. You must be thinking of another article about the same topic.
What it sounds like to me is that police departments will be able to search other police departments' computers. Not police searching civilian computers. The whole article is vague by using the term "remote searches" and not giving any more explanation.
While I was in college I once spent the summer installing computers at a small company. After a few installations I received a few calls from people having trouble with their mouse. I soon discovered that these people had one thing in common, red mousepads.
Sure this new blue mouse will work on a variety of surfaces, but will it work on my blue mousepad?
Who performs the audits?
Programmers with good karma are selected at random. You must be new here.
Perhaps programmers that have consistently good code should have some value placed on them. We'll call it "Karma". Programmers with good Karma get audited less often than others. If they fail an audit, they loose some "Karma" and have to write a bunch of excellent code to get it back.
I don't feel I even need to give examples, we all know them. These are the people to be truly afraid of.
Lawyers?
Exactly!
There's a limit to even "professional" theives' skills.
You have never seen the TV show Masterminds have you? It's all risk vs. reward. If the reward is high enough, professional thieves will go to great lengths. Howstuffworks has an interesting article about the biggest diamond heists in history.
The important thing is to make sure the risk vs. reward is in your favor. A pro will do the homework and realize it's not worth his/her time and energy defeat all kinds of security measures to sell your laptop for $500 on the street.
I have the same setup Jason Wynn had in the movie adaptation of Spawn. Except, instead of releasing a deadly virus when my heart stops, it releases my usernames and passwords.
Even with all that extra 'default' weight Ubuntu still shines on except when running, eh, Java.
From my personal, and non-scientific experience, I've found OpenSolaris to have more 'default' weight than Ubuntu.
That video link doesn't work outside of the United States. Do you have another?
Sorry, I don't.
Thieves typically dont have the IQ to do any of that.
Remember, there are two kinds of thieves. There are amateurs and there are pros.
Amateurs are desperate people, usually because of an addiction of some sort, who steal whenever an opportunity presents itself. They see a car with an unlocked door, or an open window and they act. These people are the most common type of thieves, and will be caught with this technology.
Professionals steal things for a living. They are very calculated and know all of the security measures people use, and how to avoid them. This technology will not stop a professional. In fact, nothing will stop a professional. Professionals are why you buy insurance.
Fortunately, there aren't many professional thieves. When you think about it, it's very difficult to become a professional thief. This is because a pro cannot be desperate. They need to have time to study their target and come up with a plan of attack. This requires a person with a certain personality, that doesn't steal out of last resort, but steals for some other reason. There aren't many people like this in the world, and most of them are caught before they become very good at stealing.
My favorite piece of information about stopping thieves can be found here. (Warning, link contains flash video)
there's a survival kit device that is basically a straw with a filter laminate in it - the claim is that you can stick the end of this thing in raw sewage, suck on it and get a drink of pure water.
It's called the LifeStraw.
And I was amazed at how much fun these kids had with TuxMath
I just found out about SAGE. I looked at this screenshot and the first thing I thought of was education. Of course SAGE is geared towards high school and above.
What the OP did was noble, but this is a solution that doesn't scale. If schools started excepting donations of old computers, everybody would bring in their broken computers and the schools would be stuck with a pile of e-waste. This e-waste could potentially cost more to dispose of than the cost of purchasing a few new computers.