Should I trust the company that built the AV software?

[Lucas Jr.]

hi,

I know that good code is presented in simposiums about security, and, given
enough money, anyone can use "the new engine". but when a virus is found it
has to reported to let someone create an antidote, so, can I be more secure
when a large company, that lots of people are aware of (and so, are gonna
send them new viruses and other kind of deseases , is building the
software?

my question is:

should I ONLY use AV soft from big manufactures, such as mcafee or symantec?

I know there are many soft houses that would answer yes to this, and I feel
like these are the larger ones...

thanks,
Lucas.

 

[Duane Arnold]

hi,

I know that good code is presented in simposiums about security, and,
given enough money, anyone can use "the new engine". but when a virus
is found it has to reported to let someone create an antidote, so, can
I be more secure when a large company, that lots of people are aware
of (and so, are gonna send them new viruses and other kind of deseases
, is building the software?

my question is:

should I ONLY use AV soft from big manufactures, such as mcafee or
symantec?

I know there are many soft houses that would answer yes to this, and I
feel like these are the larger ones...

thanks,
Lucas.

Why do you even care about it? They all have trialware you can try. You
should just get an AV you're happy with and be done with it.

Duane

 

[madmax]

In

Why do you even care about it? They all have trialware you can try.
You should just get an AV you're happy with and be done with it.

Duane

You can't trust AV to protect your computer,
only you can protect your computer.
-max

 

[Lucas Jr.]

because I don't like viruses. think.

Why do you even care about it? They all have trialware you can try. You
should just get an AV you're happy with and be done with it.

Duane

 

[Lucas Jr.]

I'm not praying to god to be good with my pc, I'm tryng to figure out what
companies can do what they claim they do... I'm gonna think about your post
as a "from any company" message.

thanks anyway,
Lucas.

 

[FromTheRafters]

hi,

I know that good code is presented in simposiums about security, and, given
enough money, anyone can use "the new engine". but when a virus is found it
has to reported to let someone create an antidote, so, can I be more secure
when a large company, that lots of people are aware of (and so, are gonna
send them new viruses and other kind of deseases , is building the
software?

my question is:

should I ONLY use AV soft from big manufactures, such as mcafee or symantec?

They have created a system where the malware, when reported,
is shared amongst AV software developers. Most, if not all, of the
adequate program's vendors get samples of new malware.

If you educate yourself sufficiently, you can use any of the adequate
AV programs to great success. In fact with sufficient education you
could conceiveably do without all but the on demand free versions
that are available and not have to worry about bloat and resource
hogging.

Education is *the best* anti-virus tool available anywhere.

 

[Lucas Jr.]

good, if I write my own virus scanner, from say clav (isnt it one GPL virus
scanner?), I can join these list to get virus reportings? who cares about
the credibility of these postings?

thanks,
Lucas.

 

[Heather]

If you are going to *write your own virus scanner* with your obvious lack of
knowledge of even the name of KAV.....not clav.....then don't come on
here......we don't want your viruses!!

And we do care about credibility......a facet you seem to be woefully short
of.

Rafters.......your turn.......Figgs

 

[Lucas Jr.]

I made a mistake here...

I didn't expressed my self very well... I wanted to write "who takes care of
the credibility of these postings?" (the virus reporting, not the Mr.
Rafters writing), I'm really sorry.

 

[Lucas Jr.]

well, I'm C/C++ programmer, belieave you or not.

Please, take a look at this site http://www.clamav.net/

what kind of posting is yours?

 

[Heather]

OK......let's start over here. With all the anonymous names, etc. I didn't
realize where you were from......but your english is quite good. I assume
you are the one called Luca from Italy.

It is difficult to express yourself properly in a language that is not your
first one. So I misunderstood you. It is Clam.....not clav, I see.

I am not a programmer by any means.....but not sure what you mean by 'what
kind of posting is yours'......

Shall we try this again? )

Heather

 

[Heather]

Hi Lucas.......again it is the language barrier. He just meant that it is
up to the computer user to use common sense to look after his computer,
first. An AV is second. Don't click on attachments and that sort of thing.

Comprendez? Heather

 

[William W. Plummer]

should I ONLY use AV soft from big manufactures, such as mcafee or symantec?

Lucas' concern is well founded. It is only a matter of time until a
foreign power attempts an "information warfare (IW)" attack on the free
world. Using what appears to be a legitiment antivirus program appears to
me to be a simple and effective means. Right now we have products from
Russia, the Czech Republic, etc. How long will it take a hacker or real
military/political IW person to launch the attack? It could be as simple as
failing to include a certain virus in the virus data file and then launching
that particular virus.

Perhaps we need a national level certifying authority, e.g., NSA. This
group would stamp virus engines as "Certified" and everytime your copy is
started, it will check its certification back at NSA. Same for the
database. This technique will work for the sea of standard viruses out
there, but it won't protect against new ones *unless* the avenues of
approach are closed to new ones cannot get in your machine.

 

[FromTheRafters]

good, if I write my own virus scanner, from say clav (isnt it one GPL virus
scanner?), I can join these list to get virus reportings?

I'm not sure what criteria there are for being accepted. Maybe
someone here can help out in this area. I am just going from
things that I have read in this group and in a.c.v. across the hall.

who cares about the credibility of these postings?

I don't think it matters much, they are samples, and can
be tested by the recipient.

 

[FromTheRafters]

If you are going to *write your own virus scanner* with your obvious lack of
knowledge of even the name of KAV.....not clav.....then don't come on
here......we don't want your viruses!!

He may be talking about something different here, but I see
your concern. I think he wants to determine how someones
credibility is to be determined for inclusion in any virus sample
distribution scheme. I'm sure that there are some failsafes in the
system so that it won't become too VX-like.

And we do care about credibility......a facet you seem to be
woefully short of.

Gaining credibility on that score may involve some face time
with those already involved. I'm sure that I couldn't subscribe
and start receiving virus samples without some "real world"
meetings.

Rafters.......your turn.......Figgs

I read it differently, but I *do* see a slight "begging for viruses"
undertone. I don't believe that was his intention though. I am
reasonably sure that even "the little guys" can get samples if
they are a legitimate AV developer.

[snip]

 

[FromTheRafters]

I made a mistake here...

I didn't expressed my self very well... I wanted to write "who takes care of
the credibility of these postings?" (the virus reporting, not the Mr.
Rafters writing), I'm really sorry.

No problem, I think that I understood you anyway. It is my
belief that AV vendors share samples but not technology.
I thought that I had heard mention of a system whereby some
samples could be distributed to all of the major players. How
to become a major player was not addressed iirc.

Not being an AV professional myself, I can't offer any additional
information on this.

 

[FromTheRafters]

Lucas' concern is well founded. It is only a matter of time until a
foreign power attempts an "information warfare (IW)" attack on the free
world. Using what appears to be a legitiment antivirus program appears to
me to be a simple and effective means. Right now we have products from
Russia, the Czech Republic, etc. How long will it take a hacker or real
military/political IW person to launch the attack? It could be as simple as
failing to include a certain virus in the virus data file and then launching
that particular virus.

The problem with an AV "crutch" is what happens when someone
kicks that crutch out from under you. It need not be an AV program
that applies....it could be an OS.

Perhaps we need a national level certifying authority, e.g., NSA. This
group would stamp virus engines as "Certified" and everytime your copy is
started, it will check its certification back at NSA.

Network dependency TCPA style. Don't worry, your special purpose
"Internet" computer is in the works. Who knows, it may even replace
the telephone some day as the preferred communications device.

....until it goes "on the fritz" so to speak. ;o)

Same for the
database. This technique will work for the sea of standard viruses out
there, but it won't protect against new ones *unless* the avenues of
approach are closed to new ones cannot get in your machine.

In that case, you would need "trusted viruses" in order to gain access.
(talking TCPA again)

 

[Heather]

As you can see.....I did misunderstand his English and apologized.....

I would have one hell of a time trying to speak Italian (forget the last
name, it is spanish, grin.....but pronounced FIGARO).......anyway, he did a
pretty good job.

Like our Frederic......I admire people that can converse fluently in 2 or
more languages......

Cheers.....Figgs

 

[Lucas Jr.]

Hi Heather,

I'm Brazilian and my mother tongue is portuguese. "Com muito
orgulho." what made you think about Italy? my brown eyes?
just to be true, I intended one command line scanner to linux, I do not
like that much the ones that are around... ravav (before being broght by
microsoft) were too verbose, and bdc too silent, I wanted one to show what
directory were being scanned with a "tree -A" pattern... that's it about the
coding, did not intent to write a core new engine...

I think I'm gonna start it over posting a new message with a better
topic. it would help a bit.

thanks,
Lucas.

 

[Lucas Jr.]

there are lots of things about security with you software, and grows as
grows the responsability of what your processes do with you data, and your
data itself. think about the exemple from Mr. Plummer. some postings
below...

rgds,
Lucas.