Can this be made into an imprison able offence?
1 in 6 Windows PCs naked as a jaybird online
One in six Windows PCs worldwide are hooked up to the internet with no basic security software, according to a study by McAfee. The computer security firm's study, conducted across 24 countries using data from an average of 27 to 28 million personal computers each month, found 17 per cent of machines were running with either …
-
-
Wednesday 30th May 2012 17:48 GMT Lee Dowling
In terms of firewall, I would agree with you. But to be honest, the amount of machines that expose port 139 or anything remotely dangerous to an external interface is probably quite minimal, whether by virtue of Windows Firewall, basic network settings, router NAT, or ISP controls (PlusNet used to monitor port 139 / 445 and block you if they saw traffic, when I was with them).
If you honestly think that antivirus works in any other capacity than a "miner's canary" (i.e. when that AV stops reporting back to the network, you go wipe that machine out), you're sadly mistaken. I've cleaned far too many machines that supposedly had full, paid-for, up-to-date antivirus on and the viruses just walked past it and then (ironically) shut it down in a way that the user wouldn't notice.
Basic security precautions vastly outweigh any bit of automated blacklisting and heuristics, I'm afraid. In over 15 years, I haven't had a virus and I don't run antivirus. Sure, I have it. And I submit things to TotalVirus all the time to check them for other people. And I clean machines (provably successfully) that are riddled with them at least two-three times a month (nothing from MY networks, but people's personal machines, etc). But on my personal machine antivirus doesn't scan my disks and doesn't run all the time just to save against me downloading and running executable files (which, 99.9% of the time, is how viruses get into home machines). On a properly managed machine / network, there is no NEED for antivirus, whereas a firewall is pretty invaluable. It's good to have around and a good "canary" on a network if you have a central console it talks back to, but that's about it. I've yet to see an antivirus package of ANY name manage to intercept, quarantine and totally clean a virus infection that wasn't written by a 5-year-old.
And the free ones are just as good as any other. Putting a user on a decent browser and breaking their hands if they run anything without checking will make infinitely more difference to their productivity and safety concerning viruses than any antivirus package you put on there.
-
Wednesday 30th May 2012 20:16 GMT adnim
You talk sense
But most computer users are just consumers with little to no sense when it comes to computer/Internet technology. The last virus to infect any of my systems was the Saddam virus on my Amiga. I do have AV installed but it sits idle most of the time. It is like most AV solutions, next to useless at discovering new viruses. Still, not all viruses are new and it has proved useful in some instances when scanning downloaded exe's. If I do not trust the source of an exe and my AV states that it is clean, I will run the exe in a VM first and monitor it's behaviour before using proper. For most computer users/consumers this kind of practice doesn't even cross their mind. They have a... Computer doesn't say no, it must be OK then kind of attitude.
-
Wednesday 30th May 2012 21:28 GMT jason 7
Re: You talk sense
I always tell my customers getting a virus is like having a broken windscreen. You can go years without one and then have two in as many weeks.
If you are going to get hit you'll get hit. The only things I see from my customers are the daily written card detail seeking drive-bys. The old classic virus has long gone.
All of them have AV installed some paid some free but they all get by-passed (I would say McAfee more than most in my experience).
I agree that if you are a vaguely experienced user then running AV in order to prevent all types of infection is largely a waste of time. You may as well not bother as it's often quicker to format and rebuild your PC (or re-image it) than sit and scan the HDD in another PC and run it through three different scanners to clean up the worst of it.
I do however, rarely see a PC with no AV on it. I'd put it more at 1 in 20 say.
-
Thursday 31st May 2012 16:10 GMT eulampios
@jason 7
>>getting a virus is like having a broken windscreen.
It is good that you don't use the "getting killed by the lightning" analogy. This would be equally inadequate though. The probabilities might be several magnitudes apart.
Pretty much every Windows user I personally know had a virus, while very few of those that drive have cracked windshields.
-
-
Thursday 31st May 2012 07:19 GMT Alan W. Rateliff, II
Takes me back...
I remember getting some Digital Corruption crap on my Amiga which stole my Miami* and several other purchased program keys. IIRC, it was a fake AmIRC update or something along that line. That was one of only two viruses I've ever had over the course of almost 30 years (dear God, has it been so long?) of computing. The second of which came along when I was a freshly-minted administrator and thought I knew everything already: I was requested to test out a program and the neither a trial nor free version were available... but a crack for the full version was. It happens, and the threat-scape has changed immensely since those days.
In deference to my earlier post, my active and running anti-virus software caught that crack nuisance, and has protected me from a little over a handful of web-borne threats. Including one almost 10 years ago in our very own El Reg!
Paris, there's a crack available...
* I contacted Holger Kruse of Miami fame about my situation at the time. He berated me for installing pirated software (of which I had none) and refused to assist in reissuing my Miami keys. Then a number of years later he fell off the face of the planet, going to Rebol I believe.
-
Thursday 31st May 2012 07:52 GMT Anonymous Coward
@adnim Re: You talk sense
Oh for god sake listen to yourself!
I run the exe in a VM first and then if it's ok, run it live.
For gods sake, get a grip on reality. Most and by most, I mean 99.99999999% of the world neither have the time, the skills nor the inclination to even do this, for them life kind of gets in the way of uber geekness
When you go to a resturaunt, do you order a tiny sample of the food. Wait a few hours to check it doesn't make you ill then buy the whole meal? When you put petrol in the car, do you add 1 litre, drive few miles then go back to carry on filling up?
No? Why? Surely that's the most sensible thing to do.
It's a simply case of risk vs achievement. We do it hundreds of time without knowing, it's what makes us human and have the ability to develop.
And we wonder why IT has such a f'ing bad rep of being full of nerds.
-
Thursday 31st May 2012 08:52 GMT adnim
Re: @adnim You talk sense
"Most and by most, I mean 99.99999999% of the world neither have the time, the skills nor the inclination to even do this, for them life kind of gets in the way of uber geekness"
Read my post again. I think you will find this is paraphrasing what I actually said.... Most users are consumers and unless something on their system tells them they are about to install malware they will blindly trust whatever they download.
For god sake please read and understand what people actually write before jumping in feet first.
-
Thursday 31st May 2012 12:40 GMT mark 63
Re: @adnim You talk sense
no adnim, I think "lost all faith" was pretty spot on.
you made sense until when you mentioned the VM you see.
I quote: "......and my AV states that it is clean, I will run the exe in a VM first ......"
You run it in a VM even if its reported CLEAN???
How many people even knmopw what a VM is for christs sake?
never mind where to get one , how to set it up , how to set up the actual virtual machine ....
AND THEN to tell if said exe has done any damage on the virtual machine???
The example with the petrol station - I wouldnt have said "do you drive a few miles to make sure its ok?" a better analogy for nerdyness on that scale would be "Do you take a gallon home, and subject it to a range of experiments in you purpose build laboratory?"
-
-
Thursday 31st May 2012 12:39 GMT Pascal Monett
Re: "When you go to a resturaunt"
No I don't because if I eat the food and get sick from it, then there will be a tidal wave of sanitary officials picking the place apart and maybe even shutting it down.
Same for gas - I don't need to worry about the quality of the gas because if my engine dies within a mile from a station, there will be inspections and reports (after I file a complaint, of course) and the place will probably be shut down for the time it takes federal officials to discover what went wrong, how it happened and how to prevent it from happening again.
You see, the very basic mistake you made in your comparisons is that you forget that the things you compare with getting a virus are things that have already been extensively examined and legislated, and the long arm of the law is on your side, with the means to back it up. It has nothing to do with "risk vs achievement" because other people have risked it before you came into this world and the society you live in has decided that such risks were not tolerable, period. Yes, I know that that means you have to realize that the world has had an existence before yours. Check out the History aisle, you'll find that it's not just cardboard boxes with words on it.
Getting a virus, on the other hand, has no legal repercussions and there is absolutely no Bureau of Illegal Penetrations Office to file a complaint with - not that they'd have the police power to do anything about it either.
So please, the next time you decide to go all high and mighty spluttering out scathing comparisons, please take a moment to examine whether or not they are applicable to the subject matter and not just something tailor-made for you to feel smug about.
-
-
-
Thursday 31st May 2012 07:01 GMT Alan W. Rateliff, II
Your metrics
I'm interested in your claim that downloading and running executable file is how viruses get into home machines 99.9% of the time. I can counter that with 99.9% of the time the machines I clean are infected by browse-by installs, on both home and business machines and even in the hands of more seasoned individuals.
I'm not talking about browsing those naughty websites, either -- those days are long past. I'm talking about simply going to a hobby website, pulling up an industry website, reading a recent report on some chemical topic, or even going to a news site. All of these scenarios have happened, and I have successfully cleaned all of them save one. Without having kept exact records of infections and vectors, I would say that of the viruses I have cleaned within the past twelve months not a single one was due to a customer-executed program but rather a Java, Flash, or Acrobat exploit executed in the context of the browser. Even, yes, within the confines of the almighty Chrome.
NoScript, I hear some saying. Such blockers are not always feasible in a business environment for which numerous websites of affiliate government or government funded agencies have employed the latest whiz-bang developer who infuses the entire site with Java, JavaScript, or Flash. (In one case Silverlight, UGH!) Of course as developers and their contracts are often transient, these sites will languish with multitudes of vulnerabilities just waiting to be exploited to infect the unsuspecting user. Then there's the reliance upon certain web-mail sites, and so on.
As for home users, in my own test bed I found that users eventually just disabled the blocking add-on, be it NoScript, Flashblock, or any of their brethren, because it made browsing annoying, difficult, or time consuming.
While it might be absolutely possible to live a virus-free life without anti-virus on a personal machine, your claim that a properly managed network has no need for antivirus has two faults: first it denigrates the hard work and efforts of skilled network admins who administer unreliable or less knowledgeable users, users who vary in browsing needs and requirements including those forced upon them who are otherwise reliable and knowledgeable, or in multiple varied environments with some combination thereof; secondly it provides a false level of security faith and encourages bad behavior in freshly-minted administrators who think they know everything already, thereby putting an entire organization at risk, home users who aren't willing to admit there's something he or she doesn't know, and PHBs and CFOs who already don't like spending money and prefer to put out fires rather than prevent them. Having the canary in the coal mine doesn't obviate the need for protection apparatus; once the canary has squawked its last with its dying breath it is possibly far too late to be reactive, and pro-activeness and readiness is the order of the day. In no way does any of this invalidate anti-virus software which can be taken out by advanced attacks against the underlying operating system
Free anti-virus products are indeed adequate for many users, but IMNSHO certainly not the majority. I have confidently put free anti-virus on some home customers (as most free products are not licensed for anything but non-commercial usage, save Security Essentials for up to 10 machines) computers with no bad results. Then there are others who absolutely need the paid versions for the extra protections and capabilities offered, either by way of their own habits or needs or those of the youngsters which have access. No, no one package is practically perfect in every way nor infallible, but then neither are condoms, "the pill," or the rhythm method as contraceptives. None the less, some protection is far better than no protection.
Common sense (or any sense at all) in users also goes a long way. Almost all of my customers ring me if something just doesn't seem right, and that alone has saved several butts in the course of the past decade. A strange email, website not functioning the way it normally does, or other odd computer behavior all make for good flags which my users detect themselves. But the combination of sense and anti-virus has saved more as the software component works to prevent what the wetware can't, and the two work in tandem
Now I have to call rubbish on this tidbit: "Web surfers who install Scan Plus are likely to have a problem with their computers that prompted them to use the technology in the first place - so they might be less well protected than the general population."
I have to remove this from customer machines with fair frequency as it gets installed as click-through crapware with various software updates (in particular I'm looking at you, Oracle, though there are others.) If McAfee wants to perform mass-target surveying it should do so without installing some kind of click-through crapware and encouraging vendors to include such. For this I would agree with Lee on the user-executed installation vector.
Paris, installation without protection may bring unwanted add-ons.
-
-
Wednesday 30th May 2012 18:18 GMT Anonymous Coward
Dear McAffee
If it weren't for your (IMO lousy) pre-installed "Virus protection" which of course will only run for 3 months then many computer illiterates wouldn't start off with a feeling of security and then ignoring the possible warnings because: "Nah, my friend told me virus protection is free. I don't have to worry.".
Because THAT is what happens in many of occasions. If virus companies /really/ - cared - for security they wouldn't be pushing free trial-licensed products which expire in a few months but they'd put free versions onto those new PC's and try to convince the new buyer why it would be a better idea to upgrade to a paid version (which, in all honesty, can sometimes provided advantages for the specific user IMO).
Quite frankly; studies like these annoy me. Because the company which performed the study is IMO also largely responsible for the end result.
-
-
Wednesday 30th May 2012 22:44 GMT Paul Crawford
True words in jest...
In a lot of cases you have a choice between a well-sucky machine running AV all of the time that gets hosed occasionally, or a responsive one without McAfee/Norton (or other better AV) that gets hosed a little more often but is cheaper.
Which is better?
Personally the bigger worry for me is the lack of back-ups, as its not just viruses (mostly for Windows) to corrupt things, but hardware failures and "user's gross administrative error" to be recovered from.
-
Wednesday 30th May 2012 19:09 GMT Azzy
Why does security software get turned off?
Because it gets in the way!
Firewalls block programs that people want to let through - and it's much easier to turn it off entirely than figure out how to selectively let things through.
Antivirus programs occasionally periodically send out bogus updates that flag legit programs as viruses. When the bad definition is fixed, the anti-virus program does not undo the damage it did wrongfully quarantining a file, leaving the user to reinstall their software.
The "background" system scans bog down the system such that the user can't get anything done while it's running.
The free versions of commercial anti-malware software bug the user to upgrade (or stop working, demanding the user upgrade - what do you think the user is going to do? buy the paid version, or uninstall the annoying piece of software that keeps asking them to buy something?)
When firewall and antivirus software get in the way of the use of the computer, people will disable them. It's not really reasonable to place all the blame with the user, when they have a task to accomplish using the computer, and security software interferes with it...
On a somewhat different topic, it's also worth noting that not running a firewall on most home machines isn't as terrible a sin as one might think - because almost everyone nowadays has a router between their computer and the rest of the internet that refuses all incoming connections unless told otherwise....
-
Wednesday 30th May 2012 21:36 GMT jason 7
The ones to avoid are the full 'Security Suites'
I've seen Norton totally lock down a whole network after it had a brain fart and 'untrusted' all the PCs with it installed on the network.
A couple of other such Network apps have done that.
Kaspersky just shouts at you all the time. "Explorer.exe. wants to run! Which arbitrary and totally made up security group do you want to run this in, you mere mortal untechnical user!"
McAfee just bends over and pulls its cheeks apart at the slightest hint.
I remember getting sales calls from a Bulldog rep. He kept sending me free versions of the suites to try on customers PCs and I'd get a cut of the renewal each year.
I didn't use them. In the end I told him in all honesty that I actually made a living uninstalling AV/Security suites like his and installing the simpler free versions such as MSE. I must point out I don't charge for MSE just the cleaning off of the virus/trojans and failed paid for AV.
-
Wednesday 30th May 2012 22:50 GMT Paul Crawford
Re: The ones to avoid are the full 'Security Suites'
Good point jason 7 there, if you have to ask the user you have failed already, as most users know nothing, after all, they are not pro system administrators.
As for firewalls, in the modern "IPv4 + NAT router in the home" world they count for little (but it is nice to know when something is calling home if you tend to tin-foil headgear as I do), and MS has been good at turning off some infrequently needed stuff in recent years.
In the NAT-free would of IPv6 that may change...
-
-
-
Wednesday 30th May 2012 19:28 GMT Anonymous Coward
Dumbos
From another (non-computer but technical) forum
"I received my Pi last week (on my 60th birthday as it happens) but so far I am
more than a little unimpressed considering the " it will make all Britain's kids whirlwind programmers" hype.
There is no supplied documentation and the on-line stuff is very minimal for people like myself who are beginning to use Linux.
Getting any of the Linux OS onto the thing is a convoluted process (I've opted for the Debian SQUEEZE OS) and it took me a couple of days before I found, after much online browsing that by typing "startx" after boot and two different lots of logins (why do that?) the Pi sprang into something like a normal desktop environment."
So why aren't i surprised about the Windows survey?
-
Wednesday 30th May 2012 23:05 GMT Anonymous C0ward
You get an upvote from me
It's an uncased development board! Issues are being discovered even at this stage! It's meant to be hacked!
I'm not a builder, but instead of waiting for "House Kit 1.0" to be released, I just went and got some bricks and some wood. How do I put them together?
(For the record, my Pi arrived on Friday and it is tasty.)
-
-
Wednesday 30th May 2012 19:35 GMT stucs201
In part I blame the AV companies
Microsoft have a reasonable free security package. It really should be installed as a default, then every system would have some protection unless it was explicitly uninstalled. Except then McAfeee and the rest would cry foul and complain about anticompetitive practices like the browser makers did.
-
Wednesday 30th May 2012 21:49 GMT Andy Fletcher
Re: In part I blame the AV companies
Agreed, ironic that while it would be in the best interests of users, and by extension the internet at large to do it, corporations' interests would take priority. Most of the domestic machines I look at are full of the bad stuff because the user's 30 day McAfee trial has expired and they didn't want to pay, and didn't know they could get free tools.
-
Wednesday 30th May 2012 23:58 GMT Boris the Cockroach
Re: In part I blame the AV companies
I dont.
They are just exploiting the situation to earn themselves some cash
(in a paranoid tinfoil hat mode, I'd quite easily believe most viruses come from the AV labs...)
I blame microsoft and their 'lets tie the browser so deeply into the OS that any flaw in the browser f**ks your system over" idea, coupled with the lack of root and user permissions in files "Hey luser... no writing to /Sys " for example.
And then dragging out and shooting any programmer who sticks 'must run as root' on their software installers so much so that regular users go "f**k it" I'll log in as root and leave it there.
Perhaps a letter like this would work
Dear m$, if your browser lets a rogue script link to a key system file then run an attatched data file, it means your software is shit and we dont want to use it.
Yours typing Format C: -y AGAIN!
-
Thursday 31st May 2012 07:34 GMT Alan W. Rateliff, II
Re: In part I blame the AV companies
The truth in this is shitty software vendors. Around 10 years ago Microsoft pushed out the requirements that software packages not be written in a way which require elevated privileges, then broke its own missive with Office 2003. Ever try to run Outlook 2003 for the first time as a non-admin user? But products like QuickBooks are just as bad, amongst others with which I've had to tangle over the years. It's virtually impossible to enforce a least-privileged-user scenario when the software requires local administrator access. FFS, I support a vet practice management software which does this, so users have to be local administrators on a terminal server just to run the program. Truly, truly aggravating.
Paris, least privileged user.
-
-
Thursday 31st May 2012 00:36 GMT Arctic fox
RE "Microsoft have a reasonable free security package."
I agree, Defender/Essentials has a very low resource footprint in comparison to the shite that McAfee and the rest of the AV scareware industry punt out and it appears to be at least as effective as most of the paid for packages. I have to admit though that if it really is the case that one in six effectively take no interest in the security of their pc (how that security should be organised and whether an AV package contributes much is of course the subject of some debate) I am almost inclined to feel some sympathy for Microsoft on the issue. They at least appear to have learnt something since Gate's memo on the subject of computer security whereas something like 17% of customers (apparently) continue to rejoice in their own ignorance.
-
-
-
Thursday 31st May 2012 06:37 GMT richard 7
Re: McAfee Security Scan Plus
McAfeee Security Scam Plus as installed by Adobe products
Yes the same one
The same one that Spots AVG/Avast/Bullguard/Esset and goes int o meltdown telling you the world is about to end and you MUST install a McAffee product to prevent global let down.
The same one that acasionally installs their bastard toolbar/scanner app
So what we have here is in fact....
We think one in 6 PCs isnt running our software so you should install it (so we can then delete system files whenever we feel like it and brick your PC/ Disable GINA)
No News here:
A) This info was gathered by nefarious means without most users permission
B) The software in question picks and chooses what it accepts as valid AV eg <>McAfee means no AV
C) In the real world out of just under 1000 machines through our door I've seen maybe ten with no AV
-
Wednesday 30th May 2012 19:49 GMT pcsupport
Quote: "The Windows-only software checks the user's computer for threats, antivirus software and firewall protection"
Should the continuation of the sentence be "and then offers to install antivirus software which you will then end up having to pay for"?
The perfect definition of scareware if ever I've seen one :)
-
Wednesday 30th May 2012 21:04 GMT Wile E. Veteran
Better questions:
* Why isn't every network modem (cable, DSL or whatever) equipped with a built-in firewall with reasonable defaults for the technically clueless (might be a genius in some other area) but changeable for the techie expert?
* Why doesn't every PC come with an SoC firewall/filter between the network connector and the main system?
* Why don't ISPs include filtering in their own routers between "the internet" and the local addresses?
* Why isn't the OS on the PC more immune against malware?
Oh, wait. We're talking about steps that might add a few dollars to the price of a PC or network service, prevent the "sponsor's" spyware from feeding back behavioral-tracking information and might require the dominant software supplier to put security high in the requirements list as they develop the "next" OS version.
-
Wednesday 30th May 2012 21:51 GMT Sixth
What a Crappy Article
Typical NOISE from MCAFEE IDIOTS. So let me get this straight, your product prevented the spread of malware like FLAME?! I dont think so!! But yet you say every Windows user needs AV? Your crappy spying Antivirus software using 120MB (! or more!) of ram just to actively scan every single file I open and report back on a daily basis new type of heuristics that are supposed to be ANONYMOUS!? Get the F$%$ out of here. Stupid AV companies.....CONTINUING to due what they do BEST. Make money off media attention (i hope you hear me Symantec! You rich dirtbags!!)
Rant over. I never had AV installed, only way I got infected is my own fault.
-
Thursday 31st May 2012 13:05 GMT Anonymous Coward
Re: What a Crappy Article
Yeah, YOU fools. Your PRODUCT didn't prevent one particular AND highly sophisticated example OF malware, therefore AV IS (! clearly!) useless IN all cases?!!
Just like crash helmets are pointless for motorcyclists because some motorcyclists wearing helmets are still injured or killed in horrific crashes, and locks are pointless for doors because... blah... etc... etc...
PS Just because The Register has decided to capitalise some words at random doesn't mean you need to follow suit.
-
Thursday 31st May 2012 14:09 GMT Lee Dowling
Re: What a Crappy Article
Actually, whenever I do come across a virus infection on someone else's PC, the first thing I do is upload it to VirusTotal. It's quite hilarious how many big-name AV scanners totally fail to detect things you can upload from your granny's PC, and even fewer can actually do anything to FIX them without the user having to do it themselves.
AV is, basically, a waste of time when it comes to preventing or cleaning viral infections. Simple as that. Your one might work against the thing you caught this time but I guarantee you that it missed other things just as prevalent and well-known. Do it as an experiment next time you get something in your email that wants you to open it or whatever. Download the file (in a fecking mail client that doesn't execute by default!), upload it to VirusTotal, see what sees it and what doesn't. Be amazed that almost anything (even if it's from your mail archives from years ago) will be missed by at least one and probably several scanners even today, and that "new" things may not flag on ANY scanner whatsoever.
A random one I just tried that arrived in my email claiming to be from DHL with a zip attachment that contained a single exe file was only spotted by 75% of scanners they run. Strangely, an identical email with a slightly different attachment (but even the same zip and executable name) that arrived seconds after scored differently!
-
-
-
This post has been deleted by its author
-
This post has been deleted by its author
-
Thursday 31st May 2012 03:28 GMT Crazy Operations Guy
Re: Microsoft give it away
They do, if you don't have AV on your system for a certain number of days Windows Update will offer it up. Unfortunately expired copies of commercial antivirus count as AV (if they did install on such systems it'd be considered anticompetitive)
If they did it by default, then they'd get in trouble with the EC again for 'Bundling' the antivirus.
-
-
Thursday 31st May 2012 03:33 GMT Crazy Operations Guy
I don't give a shit about *their* data
What concerns me is all the zombie machines out there pounding away at my public facing servers. I've talked to so many people that were always telling me "I don't have any information on my computer a hacker would want, so why shoul I protect/clean up my computer?".
Sometimes I think I should just set their machine up as an open proxy and let nature take its course (by mature I mean the Feds)
-
Thursday 31st May 2012 08:09 GMT Neal 5
and it ain't gonna get any better
yep 1 in 6, I'd say this is pretty good considering the number of children using comps at home who don't have the first clue about security.
When I was 12 I didn't have the first idea about a condom, I blame my parents for this. I guess the blind leading the blind.
Ain't no way some redneck fascict inbred is gonna have any clue about conp security, I guess that's why they all work for (insert company here).
-
Thursday 31st May 2012 08:38 GMT Anonymous Coward
Ah, but..
"Web surfers who install Scan Plus are likely to have a problem with their computers that prompted them to use the technology in the first place - so they might be less well protected than the general population"
Also, if they're already infected then there's a high chance that the infection itself has turned off the firewall and anti-virus.
-
Thursday 31st May 2012 09:06 GMT redniels
"if security software is important, why isn't everyone running it?"
I'll tell you why:
because the so called cure is far worse than the disease, that's why!
I've seen hunderds maybe thousands of pc's (and worse: servers) dead in the water because of buggy AV software. I've seen tens of PC's dead in the water because of Virusses/etc. which one is worse? do the math..
every GD AV suite gets its dirty pawns at places where they shouldn't be: in my tcp/ip stack, in my kernel, etc. PC's slow down to a crawl, Disk IO goes through the roof.. It's just a f-ing nightmare these days with AV software. and best of all: most AV processes are hidden so your pc is slow as hell but no way to find out why...
(excluding rootkit revealers but try to explain that over the phone to your mum of 68)
buggy soddy AV software is the main reason people are so fed up with windoze. (my new mac is so much faster.. yeah right, up to the point that the norton Anti vir toolkit is installed)
No. never again. I've a server which scans everything 2 times a day, and everything which comes in, my mail is routed through 3 different providers with 3 different av solutions, (provider forwards to hotmail forwards to gmail which i read.) I've a real dedicated firewall with real logging (no software shit on my pc's ) on top of that: not logging in with root/admin rights and enabling (not disabling) UAC goes a very long way... the best AV solution? RUN ONLY LEGAL SOFTWARE. and be very skeptical about "free" software. nothing is free in life.. wel ok , the air you breath but these days even that is most likely taxed one way or another.
AV firms? nuke them all from orbit, they are killing the PC, and now Android and Mac as well.
in case you didn't got it: This (AV software) is my biggest irritation in IT. they. all. stink.
-
Thursday 31st May 2012 13:28 GMT chris lively
Wrong emphasis in the story
The emphasis in the story is wrong.
The story should be: 83% of people with an antivirus tool felt the need to use mcafees online virus scanner.
Notice the difference there? When looked at this way it implies locally installed virus scanners are crap: which most of us here know.
-
Thursday 31st May 2012 14:02 GMT Dan Paul
Worst viruses are the AV Suites, Norton/Symantec, McAfee, Etc.
I have used a Windows PC since DOS was introduced and the worst computer problems I have ever experienced have come from the updates of Anti-Virus programs.
Norton (specifically Live Update) completely screwed up my PC several times, tried McAfee which was worse, went to AVG Free which was good for several years until it became a bloated clone of Norton Security Suite and a borked update screwed up windows system files.
Now I run Avast Free and ZoneAlarm Free at home (Also running MSE) and I cannot be happier even though Avast and ZA have occasionally caused glitches (nothing serious). Add MalwareBytes and Spybot S&D and I have no issues with viruses, only the occasional attempted malware driveby but usually caught and always able to be fixed. You would be surprised what using CCleaner after every lengthy browsing session, does to prevent auto installs that ocurr when you start your machine.
At work, I have to suffer with Trend Micro Security Agent which like any so called "Security Suite" is a complete resource hog that should not be allowed anywhere. Invasive, pig of a program!
-
Thursday 31st May 2012 20:51 GMT Framitz
Of course it is bogus
I installed McAfee Security Scan Plus on a known clean and protected system.
It is obviously designed to sucker people into purchasing if they need it or not.
It showed a completely clean system and STILL tried to sell their product.
As almost always, this survey is utter bullshiat. (just as most of us already knew, but I like to prove assumptions).