lol crack the fake antivirus :D

NORTON+AOL MALWARE PROTEC=BEST COVERAGE! lol joking i hve symantec

Wow, Virus Protect Pro is just like a real security software.............but is rogue.

Hey, like the videos but where can you get linkscanner. I know i could search for it but im not sure where. thanks

Norton + Link Scanner + PC Surgeon = A very good protectiom ^_^

Norton = Garbage

AVG= Protection Goodness!

i guess any Anti-virus is good if it protects you

Norton doesn't protect. It shits.

Hey, Someone marked my comments as spam.

You pwn!

He's using PC Surgeon!!!

What debug program have you got, I need it!!!

hi,

it's an internally developed tool ... it's just not suitable for non-researchers.

PC Surgeon, from Dean Software, however, offers similar functionality.

Cheers

Roger

for the intro, "any consumer or end-user", not "any consumers or end-users".

Just thought I would point that out..

I am reely pissed off with linkscanner, it blocked serials(dot)ws

well, turn off site blocking while you go there, but the thing is ... nearly all those warez sites are deadly dangerous at one point or another. Rootkits are exceptionally subtle and hard to remove, and I imagine you'd rather avoid them if you can.

@rogertatmindspring I thought you had AVG anti virus.. Cuz AVG has that linkscanner too :P

Why did the website act like a YouTube video?

Acting like a YouTube video is a common ploy. People are familiar with YouTube and naturally let their guard down when they see a YouTube look alike. A person who doesn't know better may very well recognize the YouTube design and assume that the site is safe.

Firefox has nothing to do with this kind of malware, you can download it just as easily on Firefox. Now IE does have some malware that auto downloads, good thing for firefox users, they don't have this problem. SO please people think beofre you post

All of this crap happens on IE. Granted, Firefox is not foolproof but definitely safer! Thank God I use a Mac

Unfortunately, fake video codec trogans have been developed for OS X. I actually use a bunch of security software on my Mac. (Then again, I'm pretty paranoid about computer safety.) Don't run as root and don't run as administrator.

Very true Dan, Mac users will need to raise their paranoia about computer security now that malware authors are seemly beginning to direct their attention towards 'OS X' (as it now consists of 8% of the computer market). This particular trojan is named 'zlob' and Dan is 100% correct when he claims that a variant has been released for 'OS X'.

You're missing an important part here: "Don't run as root and don't run as administrator."

Guess what even made us CONSIDER that gem, in a day when networked "user accounts" had admin functions disabled by default?

I'll give you a hint: it starts with a W, and is owned by a guy who's richer than GOD.

Or maybe everyone should just run as admin, root, whatever they want and just sandbox everything ^^

Nice and safe.

Except that sandboxing doesn't always cover everything. Whereas holes can exist in a given specification - even VMs have been known to have a few "superbugs" - there's absolutely NO ambiguity in "only let the owner write to this file". Letting every user run as a root admin defeats the entire point of having a root admin account, and sandboxing only further moots the concept. ;)

So what are you suggesting? All users run a unprivelaged account and simply utilise root to run and install trusted applications..?

So what are you suggesting? All users run a unprivelaged account and simply utilise root to run and install trusted applications..?

Not to that extent, no; I'm suggesting the way business is done for multi-user UNIX workstations. Single-user is great... when you're the ONLY USER. ;)

That being said, my approach is thus:

* Only "root" installs system-altering applications. Things like office suites can run just fine in userspace.

* Certain system-critical applications - say IP config suites - can run under user accounts, but must be installed by "root".

* ALL users only get the minimum clearance they need.

I agree with your point regarding the restricted user access for all employees perspective. However, new parasitic viruses such as the 'Virut' family will not be stopped by this.

Still a good idea and would stop the majority of malware..

Except that Virut can be defanged by just blocking all unused ports (that is, only leave critical services open, and don't let idiots use workstations - if they download NakedWebCam.exe, believe me, they have it coming). It takes being stupid with privs to get infected in the first place.

All this is completely ignoring the fact that Virut is strictly a W32 exploit (and a known one, at that).

My point being: what privs don't catch, proper education should.

The Virut family is not limited to such social engineering techniques or ones as simple as 'NakedWebCam.exe'. Anyway, I was simply mentioning it as a formality not a flaw with your idea.

Okay, that, I can respect. Using a fully-recognised virus with a known control mechanism - to say nothing of a remote control that requires the end-user to leave unknown ports unblocked - as an example of security flaws on a system that can't even execute it is a bad idea. Just thought I'd point that out. :)

this guy is sosmart its not even fuckin funny!

firefox + antivirus = not messing up

relying on obscurity will not give you security.

what does obscurity have to do with anything

Firefox obscure? Only if you're a backwoods retard.

you can't even compare the numbers between firefox users and Internet Explorer users. A fly vs a giant. Yes Firefox only defense is it rarity.

Rarity, and the fact that Mozilla actually makes it a priority to fix security holes as soon as possible after they're discovered.

No, I agree with 'sockmess', 'Firefox's only real security-based advantage over other browsers is it's lack of use compared to 'Internet Explorer'.

'Microsoft' fix a lot of 0-day vulnerabilities e.t.c.. found in 'IE' extememely quickly.

However, I still prefer 'FireFox' ;)

Now hang on a minute.

* Firefox 2.0.x's "most critical unpatched" is a Password Manager sanitisation issue.

* IE 7.x's "most critical unpatched" is a window injection issue.

* Neither of these is even REMOTELY equivalent in severity; the former has requirements like "untrusted sites running JavaScript", "actually being stupid enough to use a password manager after Gator", etc; the latter simply require IE.

That being said, are you more or less nervous that MS doesn't disclose every fix made?

That, and Firefox doesn't use ActiveX, which is a huge security hole with no real practical use.

Oh shut up. It's not incredibly hard to compare the numbers between Firefox and IE exploit counts on Secunia. Yet you're going to use the tired old allusion to Andrew Tanenbaum to defend against superior security coding practices? Get real. I hope you get hit by Klez.

Read Tanenbaum's comments more thoroughly. 'Security through obscurity' pertains to the simple fact that there is no security where the sole implementation of it is through nobody knowing the method. Given a proper CS grounding in the terminology, one could say that Firefox is archaic - but "obscurity", in the proper context, could only refer to IE.