Antivirus Vendors Headed for Court 120
SkiifGeek writes "A showdown between Rising Tech, a Chinese Antivirus vendor, and Kaspersky Lab in a Chinese court could have implications for software vendors that misidentify system files and files from their competitors as being malicious."
Why only Kaspersky? (Score:2)
Re:Why only Kaspersky? (Score:5, Interesting)
At the AV vendor I've worked for, when they get a report from another AV vendor of a false positive on that other vendor's product, they would investigate and get an update out within 24 hours to fix it.
Unfortunately, some vendors are not this fast. I've seen Spybot take years to fix false positives that have been brought to their attention.
Most are somewhere between these two. Generally, it goes like this. Company A notices that company B's product has a false positive on A's files. A contacts B about this, using B's public contact information, which generally is meant for the general public. So, A's complaint might end up in the support system, and might get kicked around there for a while as the support people try to figure out what to do with it. Eventually, it reaches some manager who has got a bunch of stuff on his plate, directly from his superiors, so he doesn't give this high priority.
A notices it is taking a long time, so looks for a better way to contact B. If A and B are reasonably big and in the same country or region, it will probably turn out someone high in A's management knows someone high in B's management, or knows someone who knows someone high in B's management who can introduce them, and then there is a high level request from A to B. That has a decent chance of getting results.
If no such contact can be found, or it fails to get action, then A calls the lawyers, and they write a letter to B's lawyers. That should get some attention at B, and whatever manager the first request got stuck at gets prompted to do something.
If nothing happens then, it is lawsuit time. When a lawsuit is actually filed, THAT gets the attention of B, all the way up to the top, and then things happen. (And the people who failed to act earlier get in a lot of trouble...companies do not like it when they get sued, even if the actual purpose of the suit is just to get someone's attention to fix a problem).
I suspect that a good percentage of lawsuits filed in the software industry (in general, not just AV) are to get the attention of upper management in the defendant to get some simple problem resolved that has fallen through the cracks.
A lesson here for anyone starting a company is to hire some top management people who are well-connected. If your Director of Engineering or CTO or Chief Scientist or whatever, in a situation like this, can say, "Hey...B's CTO went to my school and we were in the same fraternity...I can get his number, call, give the secret Alpha Delta Smegma pass phrase, and I'm sure he'll get the problem taken care of", that's great. The tech industry, just like the other industry groups, has its old boy's network, and you want to have someone who is connected to that.
Re: (Score:2)
Still, Kaspersky has been losing ground in the last, say, 2 years. 2 years ago, they were the pinnacle of AV technology. They ain't anymore. I wonder why, but they sure as hell were losing ground.
Re: (Score:2)
Re: (Score:2)
Or...you know...you could just have a separate support number/email and bug tracker for handling false positives, which are bound to come up frequently enough to require it. Then assign an employee part-time to resolve them appropriately.
Re:Why only Kaspersky? (Score:5, Insightful)
By "Spybot," do you mean "Patrick Kolla?" I know now he's got help, but how many years ago did these "years" occur?
Plus, it's still part of THE best passive/manual protection you can get:
1. Spybot w. Hosts list & immunize
2. Spywareblaster
3. IESPYADS
4. Firefox
5. WRT54G
6. Merijn's BugOff
I know a router probably isn't really passive, but to the PC it is. Oh, and besides the router, this is all free. My 2 cents.
Re: (Score:2)
Some started as far back as 2002, and are still there in the current version.
If Spybot were a brand new program, from someone unknown, it would probably make the rogue list for too many false positives. But because it was one of the first, and was very good back in the old days when the spyware problem was much smaller, it gets grandfathered in, and people overlook a lot in it that they wo
Re: (Score:2)
Re: (Score:2)
And how much $ or time did you donate to help the cause? I am just curious. I don't think it is fair to criticize spybot on the same level as software you paid for.
This is more of a Chinese/Russia showdown (Score:1)
It Could Be Rising Tech Really Is Malicious (Score:5, Informative)
The very last piece of software I would ever install on my own computers would be a Chinese or Russian anti-virus package. Sure, it may finger other viruses, but it might also allow free access to the "right" people.
I know this sounds somewhat like tinfoil hat territory, but the SANS organization is frequently publishing articles about state-sponsored hacking/attacks. Why give them an easy pass? A perfect easy pass to use your system in electronic warfare against any country - especially the USA? It is at least something to be aware of and to consider.
Rising Star antivirus? Who's star is rising? China's? And by what means?
Re:It Could Be Rising Tech Really Is Malicious (Score:5, Insightful)
How much can you trust companies like that?
Re: (Score:2, Informative)
Re: (Score:2)
Clam has a hard time getting updates in time. I'm not familiar with the detection utilities the ClamAV team uses, but they are notoriously slow. A virus has to be around for a while 'til Clam starts picking up on it.
For a sensible detection, you have to be fast. Preferably, you have to detect the attacker before it comes to your computer, because with the advent of rootkit kits (erh... however you wanna call them), it became trivial to craft rootkits. And ro
Re: (Score:2)
While you're right about ClamAV not having real-time virus detection and can only detect an infection after it has files on your machine, it's not true that it gets updates slower. I remember reading a couple years ago that, out of the most recent 50 viruses found, ClamAV was the first to have the signature for it, 80% of the time. That's pretty good for something that's free.
A rootkit though, once it's on it's tough to detect; ClamAV will need to develop real-time scanning, drivers that load before all
Re: (Score:2)
And yes, Clam even has occasionally the lead. Most of the time, though, this happens when it happens to detect a variant of the virus with a detection written actually for another variant, that happens to match the new variant as well, due to its detection algorithm.
But you can check for yourself.
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
It's not the Windows way...
Re: (Score:2, Insightful)
Re: (Score:2)
That won't change if everyone switched to Linux or OS X. At best, no-one would run as root (just like you can choose not to run XP as Administrator...), but people
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
The very last piece of software I would ever install on my own computers would be a Chinese or Russian anti-virus package.
Because American anti-viruses like Norton are much better and easier to uninstall ;-)
I've used McAffee, Avast, Norton, Panda and Kaspersky, and Kaspersky, unlike others, had zero false positives and detected ALL viruses. For example, Norton often complained that portscanners and network monitoring tools look suspicious and removed them automatically, and Avast identified my own application (written in C++/MFC) as a virus! Once I received an email with a virus in it and it was included in Avast's signatures
Re:It Could Be Rising Tech Really Is Malicious (Score:4, Insightful)
And you say your virus checkers of choice have detected "ALL" viruses? How do you know? Ask anyone who knows anything about AV software and they will tell you that the new ones are frequently missed completely because their behaviors or signatures are unknown. Until your AV company of choice puts in new definitions, you simply do not see them -- even though you may be infected and possibly infecting others. You even cite such an example yourself. If Kaspersky was to decide not to include a signature - say for a Russian government botnet back door - then you don't know it's there.
The fact is (and please go look at SANS or other websites that report such news) that China, Russia, and actually just about every country in the world have discovered that you can use the Internet for lots of military and economic gain. You can pull out sensitive data. You can set up systems so that if you ever need or want to, you can cripple infrastructure. You can wreck economic havoc. The USA especially uses the Internet for lots of things. Imagine the chaos that would come if you could shut it down with a single command. Trust me - they have.
Countries like Russia and China can go lean on companies to put in whatever hooks they want. I'm not saying they are in Kaspersky's software but I would not ever bet against it.
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
If Kaspersky was to decide not to include a signature - say for a Russian government botnet back door - then you don't know it's there.
I think if a computer got infected it doesn't really matter who wrote the virus. For example, McAffee refused to recognise Netbus as a virus - they said it was a remote administration tool. And remember how Gator/Claria sued everyone who identified their software as spyware. Or something like Sony's rootkit may happen. A company, just like the government, can force (or at least try doing so) an antivirus company to exclude malware from their databases.
And don't forget US companies like Microsoft who can th
Re: (Score:2)
The very last piece of software I would ever install on my own computers would be a Chinese or Russian anti-virus package. Sure, it may finger other viruses, but it might also allow free access to the "right" people.
Wow, the Chinese & Russian Govt are interested in accessing your
computer. It's great to have such people posting on Slashdot.
This is even better than Wil Wheaton posting here.
Re: (Score:2)
You seem to forget the recent flap about how Estonia thinks that the crippling cyber attacks they have been having were or Russian origin? While nobody may be interested in the information on my
Re: (Score:2)
Any piece of software can be used to own a machine to be part of
Bush's world conquering plans.
The who or the Russians? (Score:1)
You seem to forget the recent flap about how Estonia thinks that the crippling cyber attacks they have been having were or Russian origin?
Great! They have /. filtering out all references to the "". Damn, they're good!
Re: (Score:2)
Re: (Score:2)
might as well be selling rocks .. (Score:5, Funny)
Re: (Score:2)
Seriously. AV tools have their place. They cannot be a replacement for good ol' common sense, but with the advent of MPack [pandasoftware.com] and similar infection tools, they're pretty much the only line of defense you have.
Getting infected is not only for the dumb and lazy anymore.
Re: (Score:2)
Heh. One of the nice things about not running windows... no virus. So in that sense it is for the lazy, i.e. the ones that doesn't install something easier to use. Might I suggest Ubuntu?
As a bonus, you'll get more time for your wife/reading slashdot/posting blogs, since you won't be wasting your time with so much gaming anymore ;)
Re: (Score:2)
how do you know?
Re: (Score:2)
how do you know?
In the same way that I know there is no amadillos in my garden. That is, I have not heard of any, nor encountered anything remotely like a virus in linux. I have heard of worms from the ancient days, and that's pretty much it. Of course, it is not real proof, but there is precious litle that we can definitely prove.
Furthermore, software gets installed via. signed packages from repositories, or compiled by myself in the case I am working on it. That leaves spreading-by-application-bugs, and as nearly all m
Re: (Score:2)
Now, Granted, I'm typing this from my Ubuntu partition, which I do not virus check, and I also have faith that it has picked up as many viruses as my XP partition (which I do virus check) has over the time I've had each: 0. (XP: 4 years vs. Feisty: 3 months since complete install)
On the other hand, I do have multiverse in my repositori
Re: (Score:2)
Yet, there are anti-virus programs for Linux. So, at least some are known to exist, however weak they may be. But without checking, you don't even know you don't have those.
You are thinking of clam-AV? All or almost of the virus signatures are window viruses. The one I have installed occasionally finds a (windows)-virus in my email. So actually, I do check my mail at least for virus, and there has yet to be an incident. So there :p
Now, Granted, I'm typing this from my Ubuntu partition, which I do not virus check, and I also have faith that it has picked up as many viruses as my XP partition (which I do virus check) has over the time I've had each: 0. (XP: 4 years vs. Feisty: 3 months since complete install)
To the best of my knowlegde, I had not had a virus since I bought my first computer in the early 90ties, and I have run a number of opperating system... the DOS family up to windows me, the win Nt familiy (2000 only), OS/2, and in the last few yea
Re: (Score:2)
Or so I thought. Alas, someone came along and decided it would be fun to develop WINE...
Re: (Score:2)
As a bonus, you'll get more time for your wife/reading slashdot/posting blogs, since you won't be wasting your time with so much gaming anymore ;)
Or so I thought. Alas, someone came along and decided it would be fun to develop WINE...
Ah, but no problem! Just go for 64bit linux, and you are safe once again! :o) (Technically you could install wine in 32bit version, but it's not easy yet. Gutsy might change that, though)
Re: (Score:2, Interesting)
Kaspersky aren't the only ones (Score:5, Interesting)
We had a customer send in a Window Portable Executable file which was flagged as containing a virus released in the early 90's (though the exact name escapes me). Very strange. What was stranger was that when analysed, it contained a plethora of code sequences of worms, trojans and viruses, completely ad verbatim. We then realised we were in fact looking at one of the main dll's of the Rising Sun engine! A false positive fix was not issued, as we reasoned that if a buffer overflow/wrongful jump occured, this malicious code could actually execute. Ie, a user could actually be infected by the cowboy AV scanning method.
Anyway, to this story I laugh and simple say to Rising Sun: learn to code an engine before bringing in lawyers. Oh, and flat file unoptimised code matching is hilariously primitive.
PS, unfortunately, there is no conspiracy this time: just badly thought out design and implementation.
Re: (Score:2)
Worked in other areas like a dream, so...
What kind of idiot...... (Score:1)
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
Idiot comes in with a laptop saying it runs very slow, and he knows why. I'm all ears. He turns it on, waits 10 minutes for it to get to a usable state on the Windows XP desktop, types in MSCONFIG in run, and says "Look. It runs slow because half the drivers aren't Microsoft certified! I want this fixed!"
I don't even bother to try to explain to him that saying a driver is bad because it is not Micrsoft certified is saying a chef is
Happened to me too (Score:5, Insightful)
Why should the onus be on ME to check THEY haven't stuffed up? You can't install and run all the different brands of AV software on one PC, unless you install a bunch of virtual machines with one AV prog on each, and then you'd have to update the definitions daily.
Re: (Score:2)
Do you run programs like tripwire from a secure, off-net host, that monitor your website box to make sure that it has not been compromised and actually does have malicious code?
False positives trick users. MS is adversarial. (Score:5, Interesting)
But why is anti-virus software so important? Apparently only because Microsoft profits more when its software is full of bugs and malware, and Microsoft is very adversarial toward its customers.
The true cost of a Microsoft operating system is perhaps 10 times its retail cost, because of the heavy maintenance expenses.
Microsoft's anti-customer behavior: Here are some paragraphs I wrote to someone having problems with temp files taking gigabytes of drive space.
On one computer I checked, temp files were stored in 49 different places, and that includes only temp file folders made by the Windows operating system and not temp file folders made by application software.
Why doesn't Microsoft provide a utility to find all the temporary file folders and delete the files when starting or shutting down the computer? Apparently because the company is heavily engaged in adversarial behavior. Most people don't know that temporary files are a problem, and they certainly don't know where to find them; that was a challenge even for me. The temp files sometimes take so much space that there is not enough free space, and the file system begins running much slower.
The file defragmentation program won't run when there is limited free space. A fragmented file system is much slower. And most people don't even know that the defragmentation program exists, or why they should run it. So, their computers become imperceptibly slower and slower until they buy a new computer.
That's apparently why Microsoft software has so much malware, also. At present, there are 30 known vulnerabilities in Windows XP [secunia.com] alone that haven't been fixed. There are 7 known vulnerabilities [secunia.com] in the latest version of Microsoft Internet Explorer browser the the company has not fixed.
Some people say Microsoft software is targeted more often because there are so many copies in use. However, it is well known how to write secure software. Apparently Microsoft managers don't let their programmers finish their work.
Many people who don't know how to keep Microsoft products running buy new computers. Every time someone buys a new PC, they buy a new copy of the Microsoft operating system, even if they already owned a copy. So Microsoft makes more money if the company has defective products.
Microsoft gives each new version of Windows a new name, and many people think the new version is a new product. Somehow it has been arranged that people pay the full amount for new versions, instead of an upgrade price.
The New York Times article Corrupted PC's Find New Home [nytimes.com] also makes that point.
Note that the Apple operating system, OS X [apple.com], and the Open BSD [openbsd.org] operating system have very few vulnerabilities. (The Open BSD web site says 2 in 10 years.) So it is possible to make a secure operating system. The volunteers that make the Open BSD system do security reviews of software to make sure vulnerabilities are not released to customers.
We use Microsoft operating systems because of historical reasons, and because it is expensive to change. In actuality, the business very seldom uses software that runs only under Microsoft Windows, and that is only in specific departments, where it would be easy to provide a second computer.
Re: (Score:2, Insightful)
It actually says 2 remote holes in the base installation in more than 10 years. If you want a full list of all the vulnerabilities in OpenBSD ever, you can count them all here: http://openbsd.org/errata41.html [openbsd.org]
Have fun.
Remote holes are what count for novice home users. (Score:2)
I don't understand your objection, if you are objecting.
Re: (Score:1, Insightful)
On one computer I checked, temp files were stored in 49 different places, and that includes only temp file folders made by the Windows operating system and not temp file folders made by application software.
List the folders. All of them. Otherwise, I honestly refuse to believe that. Also, temp files are listed under Disk Cleanup. If you run that (and it will suggest you do if you start running out of space), then it will remove them.
.mdb file specifically in Access 2003. Most of the others require either physical access to the machi
The number of temp files or folders is nothing to do with security.
Only one of the vulnerabilities you listed is critical and requires that someone open a malicious
It really *is* known how to write secure software. (Score:3, Interesting)
Secure software may have b
Re: (Score:2)
By default it will ask users if they want to install controls after first showing them the signature information.
Completely false - it is trivial to disable
Your answers presume technical knowledge. (Score:2)
"By default it will ask users if they want to install controls after first showing them the signature information."
"... it is trivial to disable activex controls and it can be done without launching the browser (right click on IE in your start menu, chose internet properties.)"
"As per above, you certainly can disable it and it's quite easy to do so."
It seems to me that your statements presume a high amount of technical knowledge. In decades, I have never known even one user to have m
You're an optimist. :) (Score:2)
You're an optimist. Even the users who DO have technical knowledge get caught by this.
For most of the past fifteen years I have been a system admin for a network of software developers.
I have had several of them come to me and say "Peter, I just clicked OK (or Open, or whatever it was in this case) on that window again and I think I have a v
Sex and the secure application. (Score:2)
In other words, it's enabled by default. The fact that an approval dialog is displayed first is irrelevant: Windows trains people to automatically approve such dialogs, by reflex, because they're presented with them all the time.
Completely false - it is trivial to disable activex controls and it can be done without launching the browser (right click on IE in your start menu, chose internet proper
Re: (Score:2)
Enter freely and of your own free will. (Score:2)
Indeed, which is why it should not contain mechanisms for that content to request privilege escalation.
protected mode adds another layer of security
Unfortunately, neither protected mode not IE by themselves provide a very high level of security.
You can completely own the iexplore process and still you can not do any attacks you claim are possi
Next time, skip the anger. (Score:3, Informative)
You said, "The number of temp files or folders is nothing to do with security."
You didn't read what I said carefully. I said that, if temp files fill the hard drive, the file system becomes slower. And also, even worse, the defrag program refuses to operate. When computers become slow, many users buy a new computer.
A few temporary file locations in the Windows XP operating
On one computer, 75 cache folders. (Score:2)
C:\WINNT\PCHEALTH\HELPCTR\Config\Cache
If you have Microsoft Office installed, there are two more apparently for each user:
C:\Documents and Settings\ user \Application Data\OfficeUpdate12\Cache
C:\Documents and Settings\ user \Application Data\OfficeUpdate12\Temp
And Microsoft provided no guidance to developers, so software companies put temporary files everywhere, and forget to delete them someti
More Windows OS Temp files. (Score:2)
One for each user who uses NT Backup:
C:\Documents and Settings\ user \Local Settings\Application Data\Microsoft\Windows NT\NTBackup\temp\
C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Temp o rary ASP.NET Files\
C:\WINNT\Microsoft.NET\Framework\v2.0.50727\Temp orary ASP.NET Files\
C:\WINNT\system32\CatRoot\{127E0A1A-4EF2
Re: (Score:2)
Your entire ranting is a whole load of FUD. I assume if I felt the inclination to look at your "website" (which I d
I found old .tmp files in Catroot. (Score:2)
Microsoft.NET files are present in a default install of Windows XP.
NT Backup is the backup program provided with the Windows OS. A backup program is a necessary OS component.
You said, "It's Microsoft, they have plenty of REAL reasons to bash them."
Okay, what are YOUR reasons?
Anyhow, the point is made that there are a LOT of places for malware to hide, far more than even Slashdot readers generally know. Think how difficult it is
Re: (Score:2)
I just rebooted a test system. Result: Old .tmp files in Catroot.
Whereas none of my PCs have anything in them. Congratulations, you're an exception.
Microsoft.NET files are present in a default install of Windows XP.
But Temporary ASP.NET Files are not, if you do not install IIS.
NT Backup is the backup program provided with the Windows OS. A backup
program is a necessary OS component.
Actually, Backup can be uninstalled.
Anyhow, the point is made that there are a LOT of places for malware
to hide, far more than even Slashdot readers generally know. Think how
difficult it is for the average user when "temporary" files fill the hard
drive and make Windows slower.
And my points are: 1) and half of them are the fault of third party developers. If they'd used the bloody API to get the temp folder in the first place, there'd be no problem and 2) isn't this all horrendously off-topic?
All programs shipped with an OS are the OS (Score:1)
From the point of view of a user who is not an expert, all programs shipped with an operating system are part of the operating system.
This discussion should ultimately benefit those who are the least technically knowledgeable, since they are those who suffer most.
Today, a big majority of computers users are not experts.
Re: (Score:2)
There are a great many reasons to criticise MS, but this isn't one of them. I hate waste as much as the next person, but I've not had to worry about the amount of disk space temp files were taking up in
Re: (Score:2)
%TEMP% (usually %LocalAppData%\Temp)
Temporary Directory for programs in User Space
Wherever IE hides its TEMP directory (no, not the cache)
Doesn't exist - bullshit
%SystemRoot% (really, I don't know why)
No temp files are stored in this place by the operating system, save PAGEFILE.SYS which is your virtual memory - bullshit
[Every Drive]\Recycler
The RECYCLE BIN?!? Explicit user action is required to get files there! When empty, it's contents will be the typical stuff - one desktop.ini per user, in a subfolder with the user's SID as it's name. Again - bullshit
[Every Drive]\System Volume Information
System Restore - not a temp folder. No temp files are stored there, but a HUGE amount of your d
The fundamental issue is correct. (Score:2)
Consider your manner. Basically, you communicate that if you disagree with someone, they are wrong, and not only that, they are to be scorned and otherwise treated badly.
Slashdot readers should remember that no one is paid to comment on Slashdot. If the underlying point is correct, it is not necessary to be particularly intense about a detail
Re: (Score:2)
Re: (Score:2)
Laugh away.
Re: (Score:2)
Using OSX is safer (for now), but to say OSX is more secure than Windows is foolishness.
Most of the windows malware _running_ out there don't even care about root/admin privileges. Most are zombie machines to spam or DDoS and spread. Don't need root/admin for that.
By default OSX and Linux run stuff unsandboxed with the same privileges as the logged on user and the logged on user has lots of network privileges, can set up cron jobs, and all other nice stuff (perl + Th
Underlying point: Microsoft is adversarial. (Score:2)
You said, "By default OSX and Linux run stuff unsandboxed with the same privileges as the logged on user and the logged on user has lots of network privileges, can set up cron jobs, and all other nice stuff..."
By default, and largely because they are forced, most Windows users run with administrator privileges, and malware can modify the operating system. I don't know OS X, but my understanding is that OS X is not that insecure.
Als
Re: (Score:2)
Sure, but technically they don't have to and it doesn't really matter in the big picture. Most Linux users would happily do "perl Makefile.pl; make; make test. switch to root, make install" without caring. Most users are ignorant (they can't know everything) and the popular OSes (OSX included) do not make it easy for them to do "the right thing".
It is unreasonable to require a normal person to _correctly_ figure out what an arbitrary program would _actua
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Those who stand to make money off of plugging the leaks in Windows would have a pretty damn good case for claiming "anti-competitive behavior."
Important argument: Immoral behavior provides jobs (Score:2)
Yours is an argument being made nationally concerning the U.S. government. Something like, "If the U.S. government stops killing people for money [krysstal.com], a lot of U.S. citizens will have to find other jobs."
The jobs will be there. Running a business or a country well helps create prosperity. Prosperity creates jobs.
Problem with WIndows (Score:1, Insightful)
This is very helpful in a corporate environment. When there are malicious people on the Internet this is a disaster. Which is the "right" way?
Sure, Windows could be made more secure. Unfortunately, all the security in the world will not prevent a machin
Re: (Score:2)
Re: (Score:2)
I seem to say this a lot, but... (Score:2)
I think someone needs to read Hanlon's Razor. Although I think I prefer Ingham's "Cock-up theory" myself.
EULA (Score:1)
Dumb question: Why not reinstall OS regularly? (Score:2)
Why can't I do that at home? I could (and do anyway) make a disk image of the partition with my operating system and apps with GHOST or something, save it on a DVD, and re-install it whenever my computer seems to be infected with malware or is acting funny for any reaso
Re: (Score:1)
Either that or it played with the file system and only made things seem like you edited them, while just putting the file in a temp space. Never did try filling the college hard drives. Should have torrented more..
Interesting -- and its not a false positive (Score:4, Interesting)
And, just for grins, its catalogued. So, to use that genetic material, the virus sinply needs the key (and the knowledge that a particular anti-virus program is installed). That is probably denser than trying to keep the infection information with the virus itself.
In other words, target Kaspersky "protected" systems (or any other "anti-virus" vendor" specifically.
Why? Hell, I would do it just because it would amuse me to no end!
OT: Virus Sources (Score:1, Flamebait)
Has anyone calculated the odds that a virus could be created by transmission error (assuming negligence in checksumming)?
I'm sure it's very low, but are we talking, "Not before the Heat death of the universe" low or "struck by lightning while being mauled by a bear" low?
F--- the article (Score:4, Insightful)
This is a few scraps of slap talk dredged up from the bowels of the net. It isn't even a lawsuit or a comment by a legal professional, let alone an injunction or any kind of legal ruling.
Also, anti-virus software on Windows is so invasive that running two different scanners at the same time is just plain crazy. I imagine root kits and virus scanners do a lot of the same things. They all make a total mess of your OS. And not being a monopoly, I can't see how Kaspersky has an obligation to play nice with others.
Did you read it? (Score:3, Insightful)
I agree, mostly. To have multiple anti-virus or spyware packages running resident is nuts. Running Norton is nuts too.
But running mul
Re: (Score:3, Informative)
Consider, documentation on programming for the windows OS, from MS, outlines how to write without requiring admin access and generally speaking recommends this. Microsoft produced software, by and large,
Re: (Score:1)
One of the biggest bugs in Winjdows has always been that it has allowed installers etc... to install files to the sy
Re: (Score:2)
One of the biggest bugs in Winjdows has always been that it has allowed installers etc... to [...] overwrite files in the system folders. This was a HUGE mistake, that should have been correected long ago!
That WAS corrected long ago. Specifically, Windows 2000 and newer. See http://en.wikipedia.org/wiki/Windows_File_Protecti on [wikipedia.org].
Despite recent articals to the contrary, Vista is NOT secure at all for the average user, because the security "features"are so annoying that the average user turns them off after a very short time.
Could you provide a source for that? Certainly, my experience has been the exact opposite ("the average user" doesn't do many administrative tasks and so practically never sees a UAC prompt, excapt when installing new programs, which isn't often). Of course, I'm willing to be proved wrong if you have any data which suggests that most average users do turn UAC off; but I rather s
Re: (Score:2)
Odd. The only time I see Vista's security features is when FF upgrades itself. Certainly not enough to annoy me.