AV & Freeware Paranoia...

[JW]

Lots of articles recently on crime syndicates designing more and more clever
viruses, trojans and spyware programs, with the ultimate intention of stealing
credit card #'s, ss #'s, and other personal info. We're not talking about script
kiddies or programmers that are interested in notoriety. We're talking about
highly trained software engineers who are responsible for billions in CC fraud
and identity theft (not to mention professional sabotage of IT & web resources.)

Forbes recently did an article on this, available free online (but you gotta
signup first) http://www.forbes.com/business/forbes/2004/1227/116.html They
make the claim that Russian mobs are behind much of this.

OK, so now I've been using Avast as my anti-virus software. Who is Alwil,
anyway? I dunno, just that they're an outfit from PRAGUE, in the Czech Republic,
that gives away an excellent program for free. (That they make a commercial
product doesn't negate my thesis.)

<paranoia>

I use Sygate for outbound filtering, and give Avast permission to update itself,
which it does on a regular basis mostly for signature updates. But do I REALLY
know what Avast is doing when it does a program update? There are many, many
malicious scenarios that one could dream up, and the most clever could render
detection almost impossible unless one was constantly monitoring outbound
packets at an external firewall.

</paranoia>

This isn't to impugn the integrity of Alwil. I'm just using that company as an
example since I personally use their product. But to be honest, is there anyone
here who would not trust a large, publicly traded company like McAfee or
Symantec more than some unknown Czech company? (That's a non-European- centric
question. Perhaps someone will counter that it's a well-known company that has
build a reputation on responding quickly to the proliferation of new viruses
coming out of the old Eastern bloc countries. And please leave aside the fact
that the two USA companies mentioned charge $$ and - at least based on my many
years of experience - churn out lots of bloated crapware...)

There's always that little voice in my head that says "just because you're
paranoid doesn't mean that they're not out to get you!"

jw

 

[me]

There's always that little voice in my head that says "just
because you're paranoid doesn't mean that they're not out
to get you!"

jw

Er, forgot to take the medication by any chance? :/

J

 

[socrtwo]

Heh, paranoia can pay off. Lighten up a little.

 

[Bob Adkins]

<paranoia>

On one end of the spectrum there's you. On the other end is a friend of mine
that sent $5,000 to Nigeria. Who's smarter? You are!

Anyway, true paranoids do not recognize their own paranoia. You're just
being smart and careful.

In the case of Alwil, I think you're OK. Just to be safe, maybe you should
switch to Kasperski.

-- Bob

 

[Dan Goodman]

But to be honest, is there anyone here who would not trust a large,
publicly traded company like McAfee or Symantec more than some unknown
Czech company?

I wouldn't.

That a company is large and that it's publicly traded aren't a guarantee to
me. Think of Enron, and numerous others.

--
Dan Goodman
Journal http://www.livejournal.com/users/dsgood
Predictions and Politics http://dsgood.blogspot.com
All political parties die at last of swallowing their own lies.
John Arbuthnot (1667-1735), Scottish writer, physician.

 

[Dan Goodman]

Heh, paranoia can pay off. Lighten up a little.

Wrong. _By definition_, paranoia is _not_ sane suspicion.

Yes, it's true that even paranoids have real enemies. Those are the people
they're likely to trust.

It's been said (by people close to him) that Stalin only trusted one person
-- Hitler.

--
Dan Goodman
Journal http://www.livejournal.com/users/dsgood
Predictions and Politics http://dsgood.blogspot.com
All political parties die at last of swallowing their own lies.
John Arbuthnot (1667-1735), Scottish writer, physician.

 

[elaich]

<snip>

None of this is really beyond the realm of possibility. Probability?
Likely not.

Yes, Avast is in the Czech Republic, as is Kerio Personal Firewall, and
AVG is also based in Eastern Europe. I don't think that makes them any
more likely to suspect than a US company.

Still, it's not at all beyond the realm of possibility that a syndicate
could set up some freeware program (like a firewall or antivirus,) get
millions of people using it, and then use it's update program to load a
Trojan or keylogger onto user's computers. For a good example, look at
the scandal with Kazaa hiding spyware in it's installer a few years ago.

The best thing to do is to keep your credit card numbers and other
sensitive info off your computer. Since this makes it impossible to shop
online, here's a better idea.

Establish a special account only for online shopping, and deposit only
enough money into it to cover what you buy. Use a debit card rather than
a credit card and don't allow the account to be tied into any of your
others in any way. That way, if the account IS somehow compromised, you
won't be out anything. Also, keep info like your back tax returns, etc.
stored on CDs rather than the hard drive.

Practice safe computing, which minimizes the need for antivirus. Dump
Outlook Express and use a secure email client. Stay out of dark places
and leave warez, cracks and other shady apps alone. Be careful what you
download. Keep your browser updated. I really recommend switching to
Firefox and dumping IE. Vulnerabilities are found in Firefox too, but are
patched almost immediately. It might take Microsoft 6 months and a
lawsuit before they patch IE.

If you just use common sense, you can avoid almost all problems. Just
having the good sense not to use OE made one invulnerable to the Sasser
worm which took down millions of machines last year. Listen to what
people say and ignore "pooh poohers." They are the next victims.

 

[KHaled]

... deleted ... see original post.

Well, there is certain logic to what you are saying, but
where does one draw the line ?? I'd say that if you use any
windows os then the author is most probably doing things to
your system that you have no idea about, and certainly not
until it is too late.. (look at some of the groups on
new://news.microsoft.com)

As to the technical side of what you are concerned about,
then you should use a packet sniffer type of software which
will show you in realtime what is being sent.

I'd venture and say that such "security" related software is
very heavily scrutanized by the community, and I doubt that
it would pass if it does things like what you are concerned
by.. You may want to look at news://news.grc.com which is
frequented by some technically excellent folks..

Wishing you a happy new year, and may 2005 be a SAFE
computing year for all !!

--
KHaled

e-mail: khaledihREMOVEUPPERCASELETTERS at fusemail dot net
(correcting antispam crap..)
please start your subject line with the string "==NG=="

 

[Onno Tasler]

JW scribebat:

I dunno, just that they're an outfit from PRAGUE, in the Czech Republic,

To make you a bit calmer, the Czech Republic just recently became a member
of the European Union, so it is not the Wild West (or rather east, in this
case). Russia is MUCH worse, because people there have much less hope
getting wealthy in an honest way than in East Central Europe (Prague is
west of Vienna and not much further east than Berlin).

But do I REALLY know what Avast is doing when it does a program update?

No, you don't. You cannot. It is the same as allowing MS Windows to update
itself, or any other product. You can never be sure that it won't do
something you dislike.

But to be honest, is there anyone here who would not trust a large,
publicly traded company like McAfee or Symantec more than some unknown
Czech company?

Yes, reputation, such an important good still. Well, you are right for some
degree. But, mind you, there are several reasons for a company to offer
their product for free. For example, Awil could do this because they are
not well known and try to prove their trustworthiness by giving away free
samples -- to build up reputation for finally being able to sell software.
(Other companies spend a lot of money on advertising -- they offer their
software for free for certain people and hope to get better known that way)
Anti-virus vendors are also in need of many users around the world to get
samples for signatures.

Also, offering such a big program costs a lot of money, if it really were
just a Trojan horse which shall rip people they would offer a smaller
program that needs less support and is thus cheaper. Or, I would even sell
it -- selling a program makes it less suspicious and brings some money in.
But supporting a virus program for three years costs probably more money
than you could get with credit card fraud, I mean you cannot do this on
your own and you (and your colleagues) need to eat as well.

Taking this together, just because they offer a free program does not make
them less trustworthy per se. As the example of Kapersky (Russian company)
shows, just because a product comes from a certain country it is not more
dangerous than a domestic program.

Or, as they say in economics, you have to take you decision in insecurity.
Do not forget that human society depends on mutual trust.

There's always that little voice in my head that says "just because you're
paranoid doesn't mean that they're not out to get you!"

Well, you should learn the difference between paranoia (which is a
psychological illness) and awareness of dangers. You are aware of a
possible danger, not paranoid. Furthermore, you are willing and capable of
getting rid of this fear.

 

[Aaron]

<snip>

Still, it's not at all beyond the realm of possibility that a
syndicate could set up some freeware program (like a firewall or
antivirus,) get millions of people using it, and then use it's update
program to load a Trojan or keylogger onto user's computers. For a
good example, look at the scandal with Kazaa hiding spyware in it's
installer a few years ago.

A much better example would be all those anti-spyware proggies out there.
dubious popup blockers as well.

 

[James A. Smith]

Just because a company is "big" or well known does not make it 100% trusted.

Someday one of these trusted companies will have a hacker or upset
employee/ex-employee insert code into a "trusted" program and thousands if
not millions of people will be "hacked".

Already MS and others have shipped CD's that have had a virus on them.

That's why it's a great idea to keep "personal" info on your computer
encrypted.

As far as a AV goes you might want to turn off autoupdate or have it lag a
few days so you would have a chance to catch the news about your program
going bad if it ever did.
But then you could get hit by a new virus.

It's a trade off.
You just got to go with what you think the bigger threat is.

 

[John Hood]

JW wrote:

here who would not trust a large, publicly traded company like McAfee or
Symantec more than some unknown Czech company? (That's a non-European- centric
question. Perhaps someone will counter that it's a well-known company that has
build a reputation on responding quickly to the proliferation of new viruses
coming out of the old Eastern bloc countries. And please leave aside the fact
that the two USA companies mentioned charge $$ and - at least based on my many
years of experience - churn out lots of bloated crapware...)

So? Don't trust either. Trust the data. The anti-virus program that
performs better, with fewer reports of annoyances and no reports of
spurious Internet connection should be used.

"From the little voice in my head that says "If it can't be expressed in
figures, it's not fact, it's opinion."

John Hood
Web Site www.jhoodsoft.org
"The best home and business free software, no ads, no time limits, no
fluff."
"No kidding."

 

[Bob Adkins]

Just because a company is "big" or well known does not make it 100% trusted.

MS is so big, rich, and widely hated they are paranoid about class action
lawsuits. There are a million greedy lawyers just drooling and waiting for
MS to make 1 little mistake to parlay into a multi-billion dollar suit. MS
knows this, keeps everything on the up-and-up and benign. The information
they keep is statistical and impersonal. Not that MS wouldn't LIKE to spy on
us more than they do.

-- Bob

 

[Richard Steven Hack]

But to be honest, is there anyone
here who would not trust a large, publicly traded company like McAfee or
Symantec more than some unknown Czech company?

Yes - because I already know that Symantec and McAfee are more
concerned about their stock price than their customers - as virtually
every large corporation is.

I'd rather trust some struggling company in Czechoslovakia.

Not to mention the fact that any hanky-panky in the field is generally
quickly discovered and seized on by competitors and would be exposed
rather quickly.

Which is why I don't trust any corporation - and don't need to.

There's always that little voice in my head that says "just because you're
paranoid doesn't mean that they're not out to get you!"

If you were truly paranoid, you'd realize that all humans ARE out to
get you, and you'd conduct yourself accordingly, so that it wouldn't
MATTER that they're all out to get you.

 

[Dan Goodman]

If you were truly paranoid, you'd realize that all humans ARE out to
get you, and you'd conduct yourself accordingly, so that it wouldn't
MATTER that they're all out to get you.

No. Paranoids do trust some people -- usually (in my observation) the
people who really _are_ out to get them.

--
Dan Goodman
Journal http://www.livejournal.com/users/dsgood
Predictions and Politics http://dsgood.blogspot.com
All political parties die at last of swallowing their own lies.
John Arbuthnot (1667-1735), Scottish writer, physician.

 

[Milan Kosina]

...
OK, so now I've been using Avast as my anti-virus software. Who is Alwil,
anyway? I dunno, just that they're an outfit from PRAGUE, in the Czech
Republic, that gives away an excellent program for free. (That they make a
commercial product doesn't negate my thesis.)
.... But to be honest, is there anyone
here who would not trust a large, publicly traded company like McAfee or
Symantec more than some unknown Czech company? (That's a non-European-
centric question. Perhaps someone will counter that it's a well-known company
that has build a reputation on responding quickly to the proliferation of new
viruses coming out of the old Eastern bloc countries. And please leave aside
the fact that the two USA companies mentioned charge $$ and - at least based
on my many years of experience - churn out lots of bloated crapware...)

And why not? It is really well-known firm in Czech Republic (we have
several very good antivir products here - Avast, AVG and NOD32
(Slovakia)). And such attitude is really problem for firms from outside
of USA. How do you suppose you can know them? Probably just by giving
you the software for free to use it, find it useful and buy it for your
company And you will also find that such firm is really results
oriented and respond to threats more quickly than such a big firm as
McAfee.

Ehm, I'm from Czech Republic and I'm not connected to any of antivir
software company here.

 

[Rod]

Ehm, I'm from Czech Republic and I'm not connected to any of
antivir software company here.

Love your homepage.

 

[JW]

(some paranoid ranting)

Well, thanks everyone for your reassurance. I'll be continuing to use Avast, of
course, and continuing to recommend their product. And continuing to avoid
Symantec and McAfee unless otherwise necessary (Partition Magic still is best of
breed...)

jw

 

[Richard Steven Hack]

(Partition Magic still is best of breed...)

I've never had anything but trouble from Partition Magic.

I mean, when the "best of breed" can't even READ my partition table -
while Windows, Linux, DOS, and everybody else CAN with NO problems -
there's something wrong with this picture!

 

[jo]

I've never had anything but trouble from Partition Magic.

I've used it quite a few times and it has always behaved absolutely
flawlessly.