Potatoes are more intelligent than grass because people can eat them - Gurdjieff
|
|
|
Antivirus vendors can't deal with security threats
AN INSECURITY FIRM claims that the antivirus software vendors can't keep up with the explosion in malware.
NSS Labs say that it takes an average of two days to block a website designed to attack a computer visiting it.
The outfit tested security software suites against a raft of fresh malware out in the wild on the Internet and found that the results should be a major wake-up call for the industry.
NSS Labs does independent security software testing and does not take cash for performing the tests.
President Rick Moy said that NSS developed a test that mimics how average people browse the world wide web. This found a number of malicious websites and then visited them with a web browser. The software recorded how and when various security software products blocked the threats.
He said that enterprises were most at risk from freshly customized malware. Security vendors do share malware samples, but if no company sees or detects the malware, it can quietly circulate and potentially infect machines, stealing data.
More than 50,000 new malicious programs are detected every day, the report said. The implication of NSS Labs' findings is that if the industry can't keep up there will be some serious trouble. µ
Share this:
Share
features like bit.ly and tinyurl and even redirects only complicate the matter in that you don't know whether you're being sent to a malware site.
I don't click on bit.ly (et al) links and am looking to avoid redirects.
from Bigger_luddite - "So long as javascript and Flash exist" Amen.
I gave up on antivirus apps, since java holds the door open for the bad guys. I browse in Sandboxie. Not for everyone or all situations, but simple, safe and easy.
50,000 a day? Someone needs to check their facts. What is the point of posting rediculous info? It's one thing to take a humorous look at daily news, but don't mess with the facts you morons.
It sounds like someone nameless needs to find another job. Is he equating separate webpages regardless of domain name serving malware as unique? Also is hacked webpages serving the same crap malware unique? What about compressed executables of the same old malware? No one asked a followup question to elaborate?
Monty Python has an apropos metaphor: you couldn't get this industry to wake up if you put 10000 volts through it!
So long as javascript and Flash exist -- invasive at best, malware vectors typically -- that's bad enough, but the main problem is OSs don't even attempt to restrict networking (once the program is installed), as without networking, there's no point to most attacks.
My solution is a really obnoxious procedure to okay it from the *PHYSICAL* keyboard. May be ways around that, of course, but it'd concentrate initial attacks on what looks to me to be an easily isolated sub-section that can then be hardened, meanwhile possibly preventing automatic download of larger programs.