Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Is the age of seatbelts also over? People die in car accidents by the thousands despite using seatbelts, so they must be useless.

The article almost could've been written in the nineties before the commercial malware arrived, but when polymorphic malware became the standard.

The age of AV is unfortunately anything but over as long as people wish to run software they want to, e.g. unlike the iOS. AV is a good filter for most of the malware that you might accidentally bump into, but that's it. You're silly if you don't have one, and you're silly if you think that you're totally safe with it.



I'm silly, then. :-) I'm on Windows 7 (and XP before that), I've never used anti-virus software, but I'm careful about what I download and run. Many of my friends, who do use anti-virus software, are constantly complaining of malware and the like. I realize this is just an anecdote and I could be caught out one day, but my approach is "don't install junk".


Sounds all well and good.

Back in the win98 and win2k years, we had a nice wired/wireless network. I had a shared server that served as a repository of all the movies, music, and games I collected.

I also taught my sister about piracy, emulation, and other things. She also had her own good machine, with unrestricted net access at 9 yrs old. The first game she had loaded on was duke nukem 3d. (yes, my dad was 'interesting')

Her big games were pokemon. And she owned the cartridges, bu waned to play with rom hacking and the like... So she looked for Pokemon yellow, and found one. Pokemon_yellow.zip. Inside was the rom and an exe. When she ran it, the virus hopped over to every executable that was on the shared server.

I'm pretty sure I could have fixed them, because it only seemed more of a bacteria than something nefarious. It just annoyed the hell out of me, because I had my games directory mounted via samba from this server.

If your computer is a bastion of alone-ness, you need not fear. But the second you include a trust net, you can be done in.

Now, I'm a killall wineserver away from refusing an 'infection'.


Now there's an interesting question. How many viruses run on Wine?

(sidenote: do I submit them to the AppDB?)


Good approach, but how do you know you're not infected?


if you run antivirus software, how do you know you're not infected? many malwares now will partially paralyze your antivirus so that it seems all is well, but your computer is operated by someone else. TDSS would do this as long ago as 2008...


You can use services like VirusTotal to do a quick file check if you suspect anything. You can also check what services/program starts on boot (msconfig and services.msc). With that you can already have a good confidence level of not being infected without have an AV draining your computer performance.


Author here.

This was written a year ago. Keep in mind that I'm not saying AV isn't useful - it is in some situations. However, I'm of the opinion that the "AV age", where AV companies battle it out to innovate and beat the competition, is pretty much over. It's not useful against any determined attacker, and it's ridiculously easy to bypass AV simply by changing a few bytes here or there, or by running it through whatever random packer you found on some forum.

Yes, general purpose computing does necessitate some form of filtering, but there are much better solutions than AV in most cases. Mobile platforms like iOS / Android can be locked down quite well - install what you want and then lock installations. Desktop OSes like Windows, Linux and OS X are harder to deal with, but there are still protective measures that can be taken, such as whitelisting, that are more effective than any AV.


I've never used Anti Virus software. Turns out there is a really simple solution.

Don't install viruses.


Windows is full of exploits that are enabled by default. Plugging a usb stick into your computer could automatically install a virus. Or a bug in flash or java could expose your computer.


> Plugging a usb stick into your computer could automatically install a virus.

Actually, AutoRun was turned off for external media as of Windows 7. CDs and DVDs will still do it, but only for read-only disks, not read-write ones.


True. I've never used A/V software because I've never used Windows.


And probably too young to have used Atari, Amiga, Acorn, CP/M, MS-DOS,...


No, actually.


Then either you only bought boxed software, or had lots of luck.

I don't know a single person that did not had an AV on those days. Of course in Portugal you could only buy "backups".


I started with an Apple II, then spent a bunch of time on Sun and IBM RT machines; then got to university and a Macintosh and a Next station; then Linux; then back to Macintosh where I've been for the last 15 years.


So mainly UNIX systems.

Apple II does not count, as I don't remember virus for 8 bit systems.

Mac OS < X did had quite a nice list of virus, but it depended on the software source, as I mentioned on my previous post.

EDIT: Just to add my own experience.

Timex 2068 and ZX Spectrum 48+ at home, followed by all Microsoft OSs starting with MS-DOS version 3.3. Also used DR-DOS 5.0.

Friends had ZX-Spectrum +2(A)/+3, Amiga 500 and Atari ST systems, which we used together in computing parties.

Novel Netware, AS/400 and Xenix at the technical school before going to the university.

My first Linux version used the kernel 1.0.9.

The university had Macs LC II available.

But for the 16bit systems used at home, everybody I knew had an AV to check floppy contents before running anything.


How do you avoid exploits? You don't use any exploitable browsers like Chrome, Firefox or Opera, or do you run them inside an virtual OS?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: