Off-Topic :
K-Meleon Web Browser Forum
Just thought I'd share this:
http://www.cbc.ca/news/technology/antivirus-software-1.3668746
It seems worth reading, and touches on what I've been suspecting all along, especially after installing Norton Antivirus on a friend's computer. It turned out to be very intrusive, claiming to find all kinds of viruses, but offering no way to remove them. After uninstalling Norton Antivirus I had a lot of registry clean-up to do. This was a couple of years ago, and my friend's computer has been functioning normally ever since. In fact, I doubt whether his computer has ever been attacked by a real virus -- unless it was by Norton.
---
Gerry
Well, I don't use antivirus software since many years. Nevertheless, I wouldn't advise average users to do the same. For them a decent AV can be the last rescue.
OT:
Norton never had a decent unpacking engine. It was enough to pack malware which Norton had definitions for with a less common packer (like Armadillo) to fool Norton. That was more than a decade ago and I did test myself since somehow I was attracted by the way malware acts. BTW, the best unpacking engine at that time had Kaspersky.
Back to topic:
An AV has to unpack suspicious files in order to analyse the file. Unpacking and analysis take places within a sandbox comparabil with a VM.
Basically there is no way to harm the system this way.
If your AV starts the malware and its sandbox and/or unpacking engine has a serious flaw than you get a serious problem like the Symantec flaw mentioned in the article.
How comes that MS Windows is still hiding file extensions by default?
- Regarding links
There is no magic. It needs a severe bug in your browser/plugin in order to get infected this way. Attack vector is always active content.
What are browser vendors doing? They are making active content as difficult as possible to deactivate in their browser.
The rational: modern web needs active content (sic) and the dumb ashole won't be able to watch precious content if he deactivated active content by mistake.
Modern web also needs active content for better tracking, fingerprinting and data collection - IMO the main rational 'experts' don't like to talk about.
Some users don't know how to change that, or don't even realize that they can. There are many third-party file managers out there that are far better than Windows Explorer, anyway, and usually show extensions by default.
What they think is precious content is very often junk. I've been to some very reputable websites where the webmasters don't seem to know how intrusive and possibly dangerous some of those Javascript-driven ads are, because they subscribe to an ad service that apparently delivers the ads at random.
No, because it would mean money out of their pockets.
In every browser I've used, I've always looked for a quick way to toggle Javascript. That sometimes requires an extension, but K-Meleon's macros make it easier. When visiting a new site for the first time, I keep JS off unless that disables everything on the site. In that case I switch it back on briefly, and if things look suspicious, I avoid the site altogether.
In fact, I still keep JS off for cbc.ca, where I got that article, unless I want to see one of their news videos (usually I don't). The trick with cbc.ca is to watch out even if JS is disabled, because sometimes that leaves a big black area at the top where the banners would normally appear, and some clickable links are hidden there. They are too easy to hit by mistake. The last time I did that, it brought up a new tab that was supposed to contain an ad from doubleclick.net, but fortunately I had blocked doubleclick.net in my hosts file, so the tab was blank. :cool:
---
Gerry
Edited 1 time(s). Last edit at 07/10/2016 09:26PM by foliator.
Stopped using AVs about 10 years ago and FWs - one year later.
Useless.
Too much system load - too less efficiency.
Talking about average users - modern ones often don't know what 'file extension' is at all. Showing .ext or not just doesn't make sense for them.
My mantra about this during times when I have been helping others is:
Any AV s/w that is on the shelf of a box store - is krapware.
Useless, mainstream, profit-centered rubbish.
The other obvious answer to this is simple=> Use Linux, then no worries.
Aside of all that - an opinion or 2, not intended to start a naming war:
Folks tend not to trust Chinese s/w and I see their point, but=>
I have put 360AV on some friends' PCs with very good results & no slowdowns.
In my old windows box I still use the oldest supported version of NOD32 with no problems a'tall - and if anything invades that box it WILL be known, for sure.
IMO the biggest part of the malware/virus problem is the sickos who make that stuff;
The concept of anyone having a NEED to do something that malicious is one that this old guy simply cannot get his mind around.
Edited 1 time(s). Last edit at 07/11/2016 05:29PM by smallhagrid.
Common vandalism, like one sees on street signs, etc., usually has no discernible motive or purpose either, and in that sense, malware is just a digital form of vandalism.
However, I often suspect that some of the malware is created by anti-malware developers themselves to promote their products. In other words, it's nothing more than a protection racket. After all, doesn't it stand to reason that developers with the technical knowledge for identifying and eradicating malware would also know how to create it? A rhetorical question, but you can answer it if you like.
---
Gerry
Money, folks! Just money and some testosterone
Please pardon my simple POV, but for this old man - the urge to harm others is mysterious to the point of being incomprehensible.
(I don't even care for games where they portray folks getting shot, etc...)
Pardon is not required. I am old, too and have much the same POV.
Perhaps that is strange, coming from me. More that a half century ago, killing was my chosen profession for four years. I spent more than a year in combat, received several medals, and was promoted twice in that year. All that, and I never actually had to kill anyone. God favored me, and I am forever thankful.
Just when I thought I might be the oldest user here.
Well, I turn 70 this winter, and it seems the older I get, the less I understand what makes people tick. Fortunately those malware folks and the other kinds of vandals aren't causing bodily harm, but I wouldn't want to meet one of them in a dark corner somewhere. :O
As for harming others, I've been a pacifist my entire life, and have never so much as handled a gun, let alone fired one. Nevertheless, even well-intentioned people seem to have some evil urges lying dormant. It's like that "road rage" syndrome: Some people seem friendly and peace-loving, but put them behind the wheel of a car and they turn into monsters in Jekyll and Hyde fashion. The German author Hermann Hesse wrote that none of us are just one kind of person, and that we need to accept all of our traits, whether good or bad. Easier said than done!
---
Gerry
I've read a bit about it. I am a practising Christian and follow the dictum... "be wise as serpents and harmeless as doves." For me that means knowing what's going on without falling prey to the lure of temptation. Not perfect, mind you. Anyone who says they are is probably crazy. It also means knowing what's going on so you can defend yourself from criminals.
Anyhow... on to topic.. there are certain viruses/malwares etc. called keyloggers, I think. How I understand that is some criminal in some faraway place can see what keys you've pressed on the keyboard. That could be very serious if they happened to see what you're punching in when doing your banking or purchases.
I don't use antivirus for active monitoring but I do check any suspicious file with malwarebytes. It's free and people genererally say it's good.
There is also an online file checker that uses many different anti-virus programs (except malwarebytes). And every once in a while I do a total system scan with malwarebytes. The free version I use does not run in the background. So when you exit the program, it uses no computer resources whatsoever.
Edited 1 time(s). Last edit at 01/08/2017 02:13PM by msea.
All which isn't K-Meleon related.
Interesting article on antivirus software
Posted by:
foliator
Date: July 10, 2016 04:54PM
Just thought I'd share this:
http://www.cbc.ca/news/technology/antivirus-software-1.3668746
It seems worth reading, and touches on what I've been suspecting all along, especially after installing Norton Antivirus on a friend's computer. It turned out to be very intrusive, claiming to find all kinds of viruses, but offering no way to remove them. After uninstalling Norton Antivirus I had a lot of registry clean-up to do. This was a couple of years ago, and my friend's computer has been functioning normally ever since. In fact, I doubt whether his computer has ever been attacked by a real virus -- unless it was by Norton.
---
Gerry
Re: Interesting article on antivirus software
Posted by:
Yogi
Date: July 10, 2016 06:54PM
Well, I don't use antivirus software since many years. Nevertheless, I wouldn't advise average users to do the same. For them a decent AV can be the last rescue.
OT:
Norton never had a decent unpacking engine. It was enough to pack malware which Norton had definitions for with a less common packer (like Armadillo) to fool Norton. That was more than a decade ago and I did test myself since somehow I was attracted by the way malware acts. BTW, the best unpacking engine at that time had Kaspersky.
Back to topic:
An AV has to unpack suspicious files in order to analyse the file. Unpacking and analysis take places within a sandbox comparabil with a VM.
Basically there is no way to harm the system this way.
If your AV starts the malware and its sandbox and/or unpacking engine has a serious flaw than you get a serious problem like the Symantec flaw mentioned in the article.
- Regarding attachmentsQuote
Tips for protecting yourself
Think before you click on links or attachments.
How comes that MS Windows is still hiding file extensions by default?
- Regarding links
There is no magic. It needs a severe bug in your browser/plugin in order to get infected this way. Attack vector is always active content.
What are browser vendors doing? They are making active content as difficult as possible to deactivate in their browser.
The rational: modern web needs active content (sic) and the dumb ashole won't be able to watch precious content if he deactivated active content by mistake.
Modern web also needs active content for better tracking, fingerprinting and data collection - IMO the main rational 'experts' don't like to talk about.
Re: Interesting article on antivirus software
Posted by:
foliator
Date: July 10, 2016 09:25PM
Quote
Yogi
- Regarding attachments
How comes that MS Windows is still hiding file extensions by default?
Some users don't know how to change that, or don't even realize that they can. There are many third-party file managers out there that are far better than Windows Explorer, anyway, and usually show extensions by default.
Quote
What are browser vendors doing? They are making active content as difficult as possible to deactivate in their browser. The rational: modern web needs active content (sic) and the dumb ashole won't be able to watch precious content if he deactivated active content by mistake.
What they think is precious content is very often junk. I've been to some very reputable websites where the webmasters don't seem to know how intrusive and possibly dangerous some of those Javascript-driven ads are, because they subscribe to an ad service that apparently delivers the ads at random.
Quote
Modern web also needs active content for better tracking, fingerprinting and data collection - IMO the main rational 'experts' don't like to talk about.
No, because it would mean money out of their pockets.
In every browser I've used, I've always looked for a quick way to toggle Javascript. That sometimes requires an extension, but K-Meleon's macros make it easier. When visiting a new site for the first time, I keep JS off unless that disables everything on the site. In that case I switch it back on briefly, and if things look suspicious, I avoid the site altogether.
In fact, I still keep JS off for cbc.ca, where I got that article, unless I want to see one of their news videos (usually I don't). The trick with cbc.ca is to watch out even if JS is disabled, because sometimes that leaves a big black area at the top where the banners would normally appear, and some clickable links are hidden there. They are too easy to hit by mistake. The last time I did that, it brought up a new tab that was supposed to contain an ad from doubleclick.net, but fortunately I had blocked doubleclick.net in my hosts file, so the tab was blank. :cool:
---
Gerry
Edited 1 time(s). Last edit at 07/10/2016 09:26PM by foliator.
Re: Interesting article on antivirus software
Posted by:
rodocop
Date: July 11, 2016 12:14PM
Stopped using AVs about 10 years ago and FWs - one year later.
Useless.
Too much system load - too less efficiency.
Talking about average users - modern ones often don't know what 'file extension' is at all. Showing .ext or not just doesn't make sense for them.
Re: Interesting article on antivirus software
Posted by:
smallhagrid
Date: July 11, 2016 05:27PM
My mantra about this during times when I have been helping others is:
Any AV s/w that is on the shelf of a box store - is krapware.
Useless, mainstream, profit-centered rubbish.
The other obvious answer to this is simple=> Use Linux, then no worries.
Aside of all that - an opinion or 2, not intended to start a naming war:
Folks tend not to trust Chinese s/w and I see their point, but=>
I have put 360AV on some friends' PCs with very good results & no slowdowns.
In my old windows box I still use the oldest supported version of NOD32 with no problems a'tall - and if anything invades that box it WILL be known, for sure.
IMO the biggest part of the malware/virus problem is the sickos who make that stuff;
The concept of anyone having a NEED to do something that malicious is one that this old guy simply cannot get his mind around.
Edited 1 time(s). Last edit at 07/11/2016 05:29PM by smallhagrid.
Re: Interesting article on antivirus software
Posted by:
foliator
Date: July 11, 2016 11:25PM
Quote
smallhagrid
IMO the biggest part of the malware/virus problem is the sickos who make that stuff;
The concept of anyone having a NEED to do something that malicious is one that this old guy simply cannot get his mind around.
Common vandalism, like one sees on street signs, etc., usually has no discernible motive or purpose either, and in that sense, malware is just a digital form of vandalism.
However, I often suspect that some of the malware is created by anti-malware developers themselves to promote their products. In other words, it's nothing more than a protection racket. After all, doesn't it stand to reason that developers with the technical knowledge for identifying and eradicating malware would also know how to create it? A rhetorical question, but you can answer it if you like.
---
Gerry
Re: Interesting article on antivirus software
Posted by:
rodocop
Date: July 11, 2016 11:45PM
Money, folks! Just money and some testosterone
Re: Interesting article on antivirus software
Posted by:
smallhagrid
Date: July 12, 2016 04:48PM
Please pardon my simple POV, but for this old man - the urge to harm others is mysterious to the point of being incomprehensible.
(I don't even care for games where they portray folks getting shot, etc...)
Re: Interesting article on antivirus software
Posted by:
JamesD
Date: July 14, 2016 12:53PM
Quote
smallhagrid
Please pardon my simple POV, but for this old man - the urge to harm others is mysterious to the point of being incomprehensible.
(I don't even care for games where they portray folks getting shot, etc...)
Pardon is not required. I am old, too and have much the same POV.
Perhaps that is strange, coming from me. More that a half century ago, killing was my chosen profession for four years. I spent more than a year in combat, received several medals, and was promoted twice in that year. All that, and I never actually had to kill anyone. God favored me, and I am forever thankful.
Re: Interesting article on antivirus software
Posted by:
foliator
Date: July 14, 2016 03:12PM
Just when I thought I might be the oldest user here.
Well, I turn 70 this winter, and it seems the older I get, the less I understand what makes people tick. Fortunately those malware folks and the other kinds of vandals aren't causing bodily harm, but I wouldn't want to meet one of them in a dark corner somewhere. :O
As for harming others, I've been a pacifist my entire life, and have never so much as handled a gun, let alone fired one. Nevertheless, even well-intentioned people seem to have some evil urges lying dormant. It's like that "road rage" syndrome: Some people seem friendly and peace-loving, but put them behind the wheel of a car and they turn into monsters in Jekyll and Hyde fashion. The German author Hermann Hesse wrote that none of us are just one kind of person, and that we need to accept all of our traits, whether good or bad. Easier said than done!
---
Gerry
Re: Interesting article on antivirus software
Posted by:
msea
Date: January 08, 2017 02:10PM
I've read a bit about it. I am a practising Christian and follow the dictum... "be wise as serpents and harmeless as doves." For me that means knowing what's going on without falling prey to the lure of temptation. Not perfect, mind you. Anyone who says they are is probably crazy. It also means knowing what's going on so you can defend yourself from criminals.
Anyhow... on to topic.. there are certain viruses/malwares etc. called keyloggers, I think. How I understand that is some criminal in some faraway place can see what keys you've pressed on the keyboard. That could be very serious if they happened to see what you're punching in when doing your banking or purchases.
I don't use antivirus for active monitoring but I do check any suspicious file with malwarebytes. It's free and people genererally say it's good.
There is also an online file checker that uses many different anti-virus programs (except malwarebytes). And every once in a while I do a total system scan with malwarebytes. The free version I use does not run in the background. So when you exit the program, it uses no computer resources whatsoever.
Edited 1 time(s). Last edit at 01/08/2017 02:13PM by msea.
English