|
makaveli8x8
Stranger


Registered: 02/28/06
Posts: 21,636
Last seen: 7 years, 11 months
|
really a virus or banned software?
#8803914 - 08/21/08 01:08 AM (15 years, 8 months ago) |
|
|
ive been starting to wonder, are antivirus companys blacklisting shaddy software even tho it doesn't harbor a virus?
it just seems odd at times, that certain files will show up as a virus.
also does anyone have any experience with avast? how accurate is it? i download an .exe from a "very" upstanding website and every single time I get a virus in my temp folder when i try to install it. it actually catches it near the end of the install. it seems nearly impossible that the file would harbor a virus...yet it shows up as one
--------------------
  We were sent to hell for eternity Ø h® We play on earth to pass the time Over-population the root of all Evil-brings the Elites Closer to the gates.
|
DieCommie


Registered: 12/11/03
Posts: 29,258
|
Re: really a virus or banned software? [Re: makaveli8x8]
#8803960 - 08/21/08 01:35 AM (15 years, 8 months ago) |
|
|
I dont think the anti virus does that on purpose. Its probably a false alarm. I think they design the software with the idea that false alarms are better than missed virus, so they are over sensitive to virus like stuff.
|
Seuss
Error: divide byzero



Registered: 04/27/01
Posts: 23,480
Loc: Caribbean
Last seen: 3 months, 8 days
|
Re: really a virus or banned software? [Re: makaveli8x8]
#8804172 - 08/21/08 04:24 AM (15 years, 8 months ago) |
|
|
> it seems nearly impossible that the file would harbor a virus...yet it shows up as one
Most virus scanners use a "signature" to detect the virus. Early viruses were static, never changing in form, thus very easy to identify. You take the first twenty bytes of an unknown file and compare it to the first twenty bytes of all known viruses, and if you get a match, it is a virus (more or less).
Unfortunately, virus writers got more crafty, and started writing viruses that mutate. The viruses self-encrypt, leaving a tiny fragment of code to decrypt them when they run. Even the tiny fragment of code that is unencrypted is obfuscated so that it changes with each infection.
The antivirus folks, to combat this, use much more complex signatures. Unfortunately, the complex signatures are more likely to match up with things that aren't viruses. I suspect this is what you are seeing, assuming you trust the source of the program.
I recommend running a real OS that doesn't have the Virus problems that plague the windows world. Any Unix based OS (Linux, *BSD, OS-X, etc) are highly immune to computer viruses due to the design of the OS. Windows is flawed, and until they redesign the OS paradigm, viruses will be a way of life. (un)Fortunately, Windows would no longer be windows if they redesigned the paradigm, thus you are stuck with antivirus software, and meaningless popups asking for permission to install stuff every few minutes.
-------------------- Just another spore in the wind.
|
Annom
※※※※※※




Registered: 12/22/02
Posts: 6,367
Loc: Europe
Last seen: 1 year, 3 days
|
Re: really a virus or banned software? [Re: Seuss]
#8805245 - 08/21/08 11:21 AM (15 years, 8 months ago) |
|
|
So even if a Unix based OS would become the market leader for PCs, it would not be possible to create viruses? I've never noticed a virus on my own windows computers. I had to fix a lot of virus problems for computer noobs though. It seems as if most viruses are based on human ignorance, or I'm just lucky.
|
DieCommie


Registered: 12/11/03
Posts: 29,258
|
Re: really a virus or banned software? [Re: Annom]
#8805323 - 08/21/08 11:40 AM (15 years, 8 months ago) |
|
|
I have never gotten a virus either. Also, I assume the same thing you alluded ... the its market share that determines the threat from viruses, not the actual code itself.
|
Seuss
Error: divide byzero



Registered: 04/27/01
Posts: 23,480
Loc: Caribbean
Last seen: 3 months, 8 days
|
Re: really a virus or banned software? [Re: Annom]
#8805371 - 08/21/08 11:54 AM (15 years, 8 months ago) |
|
|
> it would not be possible to create viruses?
Not possible is too strong, but in the right ballpark. Unix was designed with multiple users, networking, and permissions in mind. DOS was designed as a single user system with no security, or networking in mind. The original flavors of Windows were basically DOS with a nice user interface. Programs got written with this system in mind. Microsoft is stuck. If they change the system so that decent security can be added, then programs stop working. No programs means their user base migrates to something else. This leaves them having to ask the user to decide if something is secure or not; a system destined to fail as most users simply click yes without reading.
Five or six years ago the antivirus companies did an analysis of various computer viruses on different platforms. At the time, there were over 300,000 different types of viruses for Windows based platforms, and 18000 for mac based platforms. Of the 18000 on the mac, 19997 of them were only able to infect the machine if Microsoft office were installed.
> market share that determines the threat from viruses, not the actual code itself.
Market share is a big part of it on the professional end (people that make money writing viruses), but not to the purist that writes a virus for the challenge.
Think of it from a prison perspective... which is easier to escape from, a supermax prison that was designed and built to be impossible to escape from, or an old hospital that has been converted into a prison. This is the difference between Unix and Windows when it comes to security. Microsoft has tried to kludge security into an insecure system where Unix designed the system to be secure to begin with. Unix has had its fair share of security issues, but at the core, it is designed with security in mind, unlike windows.
-------------------- Just another spore in the wind.
|
iateshaggy
i haxor 360s



Registered: 05/20/05
Posts: 4,709
Loc: 612 Warf Avenue, next to....
Last seen: 2 months, 7 days
|
Re: really a virus or banned software? [Re: Seuss]
#8806614 - 08/21/08 04:41 PM (15 years, 8 months ago) |
|
|
linux mints site was recently hacked to that any windoze users who visited the site would get a nice virus just from visiting the site so it is possible that something similar happed to the site u are curious about, or it could be a false positive as others have stated. maybe try a different flavor of anti-virus like nod32 and see if u get the same results. btw, nod32 is free for 30 days.
-------------------- You are a filipina sex goddess who wants to fuck me until I fall asleep, so then you can tickle my balls and see if the legend of my diamond filled nutsuck is true. I am a white man from costa rica, who smells like lime jello.
I can flash/jtag/repair 360's, pm for details.
|
Cepheus
Balance




Registered: 04/19/06
Posts: 8,266
Loc: the space between reality...
Last seen: 1 month, 20 days
|
Re: really a virus or banned software? [Re: Seuss]
#8814474 - 08/23/08 06:32 AM (15 years, 8 months ago) |
|
|
What are you on about? there have been several high profile viruses for linux.. Just because they're not common doesn't mean that they don't exist. Don't you remember the MySQl Slammer virus that wreaked havoc on *nix based servers across the land?
http://en.wikipedia.org/wiki/List_of_Linux_computer_viruses
This is why products such as ClamAV exist.. *nix is susceptible to viruses, just no-one really writes viruses for it, because nix users tend to be a bit more aware of whats going on with their computer, so they're not really a target for becoming part of an army of drones .
-------------------- "I only ever hope to reach equilibrium, in Nature's matrix, in line with the meridian" ~ Jehst
"...and I know that I have to keep breathing, as tomorrow the sun will rise, who knows what the tide will bring?" Free Spore Ring Europe Send any spare spore prints you might have and help the distribution
Open Source. Freedom. GNU/Linux Addicting is not a word.
|
Seuss
Error: divide byzero



Registered: 04/27/01
Posts: 23,480
Loc: Caribbean
Last seen: 3 months, 8 days
|
Re: really a virus or banned software? [Re: Cepheus]
#8815212 - 08/23/08 11:07 AM (15 years, 8 months ago) |
|
|
> Don't you remember the MySQl Slammer virus that wreaked havoc on *nix based servers across the land?
You mean the Sapphire/Slammer virus that attacked mSQL (a microsoft product) and wreaked havoc on Microsoft based servers across the land?
See http://www-it.mysql.com/news-and-events/generate-article.php?id=272
Quote:
MySQL AB would like to confirm that the MySQL™ database is not affected by nor is responsible for the recent "Slammer" (also known as "Sapphire") worm that has caused widespread Internet disruption. This worm attack, which began Friday, January 24, has been linked to a set of known flaws in Microsoft SQL Server, and at this time, it is only known to affect Microsoft SQL Server and certain products that are based on it (such as Microsoft Desktop Engine (MSDE) and Microsoft Office Developer Edition products). Several Internet news sites have erroneously linked MySQL to the Slammer worm.
"We wanted to quickly set the record straight and eliminate concern that the worm is impacting MySQL databases, " said MySQL AB CEO M�rten Mickos. "Through the Open Source approach, any vulnerabilities in the MySQL database are quickly identified and addressed. While virtually any software can be the target of a strategic, deliberate attack, our rapid development and release cycle and easy upgrade process help reduce this risk."
The official Microsoft Security Bulletin describing the "Slammer"/"Sapphire" vulnerability is available at http://microsoft.com/technet/security/bulletin/MS02-039.asp. A patch for the issue is also provided at this URL.
MySQL is a registered trademark of MySQL AB in Sweden and is a trademark of MySQL AB in the USA and other countries. Other products mentioned are the trademarks of their respective corporations.
Nice try though. Next example?
> there have been several high profile viruses for linux..
From the link you provided (did you bother to read it?):
Quote:
There has not yet been a single widespread Linux malware threat of the type that Microsoft Windows software currently faces, this is commonly attributed to the malware's lack of root access and fast updates to most Linux vulnerabilities.
...
The viruses listed below still pose a potential, although minimal, threat to Linux systems.
> This is why products such as ClamAV exist..
Gimmicks to make money. People are conditioned into thinking that they have to have antivirus software because of Microsoft Windows; they simply don't realize that they really don't need it need it for other OS types.
|
Cepheus
Balance




Registered: 04/19/06
Posts: 8,266
Loc: the space between reality...
Last seen: 1 month, 20 days
|
Re: really a virus or banned software? [Re: Seuss]
#8815764 - 08/23/08 01:40 PM (15 years, 8 months ago) |
|
|
Shit, you've got me there .
But, my point was.. its possible to write viruses for linux and some people do.
-------------------- "I only ever hope to reach equilibrium, in Nature's matrix, in line with the meridian" ~ Jehst
"...and I know that I have to keep breathing, as tomorrow the sun will rise, who knows what the tide will bring?" Free Spore Ring Europe Send any spare spore prints you might have and help the distribution
Open Source. Freedom. GNU/Linux Addicting is not a word.
|
Seuss
Error: divide byzero



Registered: 04/27/01
Posts: 23,480
Loc: Caribbean
Last seen: 3 months, 8 days
|
Re: really a virus or banned software? [Re: Cepheus]
#8816317 - 08/23/08 03:17 PM (15 years, 8 months ago) |
|
|
> Shit, you've got me there .
I hate having to eat humble pie. Been there myself many times.
> its possible to write viruses for linux and some people do.
Technically, it is possible, but in practice, it is fairly pointless. Unless the person is running the virus as root (admin user in unix), or there is a security hole to be abused, a unix based virus has nowhere to spread.
-------------------- Just another spore in the wind.
|
zouden
Neuroscientist


Registered: 11/12/07
Posts: 7,091
Loc: Australia
Last seen: 14 years, 7 months
|
Re: really a virus or banned software? [Re: Seuss]
#8817523 - 08/23/08 07:33 PM (15 years, 8 months ago) |
|
|
Quote:
Unless the person is running the virus as root (admin user in unix), or there is a security hole to be abused, a unix based virus has nowhere to spread.
It's the same for Windows and Mac OS X.
Yeah yeah, I know what you're about to say, Windows users are mostly running as admin
-------------------- I know... that just the smallest part of the world belongs to me You know... I'm not a blind man but truth is the hardest thing to see
|
Seuss
Error: divide byzero



Registered: 04/27/01
Posts: 23,480
Loc: Caribbean
Last seen: 3 months, 8 days
|
Re: really a virus or banned software? [Re: zouden]
#8818878 - 08/24/08 04:22 AM (15 years, 8 months ago) |
|
|
> It's the same for Windows and Mac OS X.
Mac OS-X, based upon Unix and Mach, does get some of the protection... but again, Windows (traditionally) does not. Feeling brave? Sit down at a windows install and see how much of the system you can delete without any admin access. Unless the user has gone to great lengths to secure their system, any user can destroy a windows install in a matter of minutes without any special tools or tricks.
-------------------- Just another spore in the wind.
|
zouden
Neuroscientist


Registered: 11/12/07
Posts: 7,091
Loc: Australia
Last seen: 14 years, 7 months
|
Re: really a virus or banned software? [Re: Seuss]
#8818927 - 08/24/08 05:08 AM (15 years, 8 months ago) |
|
|
Hmm, that's a good experiment, I'll give it a go sometime.
The NTFS permissions on my windows folder shows that regular users have read-only access.
-------------------- I know... that just the smallest part of the world belongs to me You know... I'm not a blind man but truth is the hardest thing to see
|
Seuss
Error: divide byzero



Registered: 04/27/01
Posts: 23,480
Loc: Caribbean
Last seen: 3 months, 8 days
|
Re: really a virus or banned software? [Re: zouden]
#8819019 - 08/24/08 06:22 AM (15 years, 8 months ago) |
|
|
> The NTFS permissions on my windows folder
There is a lot more to Windows than the windows folder. (program files, etc)
-------------------- Just another spore in the wind.
|
zouden
Neuroscientist


Registered: 11/12/07
Posts: 7,091
Loc: Australia
Last seen: 14 years, 7 months
|
Re: really a virus or banned software? [Re: Seuss]
#8820956 - 08/24/08 04:24 PM (15 years, 8 months ago) |
|
|
Yes, but that's userland, so deleting those things won't destroy the system, just the user's programs. And if an admin installed them, a normal user shouldn't be able to delete them (I think)
-------------------- I know... that just the smallest part of the world belongs to me You know... I'm not a blind man but truth is the hardest thing to see
|
Seuss
Error: divide byzero



Registered: 04/27/01
Posts: 23,480
Loc: Caribbean
Last seen: 3 months, 8 days
|
Re: really a virus or banned software? [Re: zouden]
#8821232 - 08/24/08 05:27 PM (15 years, 8 months ago) |
|
|
> Yes, but that's userland, so deleting those things won't destroy the system, just the user's programs.
Which is what a virus likes to infect. If you can delete it, a virus running as you can infect it.
> a normal user shouldn't be able to delete them
How many people do not have admin rights to their windows install by default. A few in the corporate world... The default, out of box, at least with XP is the administrator user disguised as a regular user. It is windows design, much more than the user base, which makes viruses possible.
-------------------- Just another spore in the wind.
|
zouden
Neuroscientist


Registered: 11/12/07
Posts: 7,091
Loc: Australia
Last seen: 14 years, 7 months
|
Re: really a virus or banned software? [Re: Seuss]
#8823219 - 08/25/08 02:31 AM (15 years, 8 months ago) |
|
|
But user programs installed in Mac OS X are also user-accessible and thus infectable.
>The default, out of box, at least with XP is the administrator user disguised as a regular user. Yes, but not in Vista. Vista has it's own problems which make me not want to touch it, but that's not one of them.
>It is windows design, much more than the user base, which makes viruses possible. Yes, I agree
edit: I just remembered that Mac OS asks for your password to elevate you while installing new programs, like sudo, or like Vista. So programs are installed as administrator and thus can't be infected without elevation. Windows should have had that from the start...
-------------------- I know... that just the smallest part of the world belongs to me You know... I'm not a blind man but truth is the hardest thing to see
Edited by zouden (08/25/08 02:36 AM)
|
Seuss
Error: divide byzero



Registered: 04/27/01
Posts: 23,480
Loc: Caribbean
Last seen: 3 months, 8 days
|
Re: really a virus or banned software? [Re: zouden]
#8824683 - 08/25/08 12:38 PM (15 years, 8 months ago) |
|
|
> Windows should have had that from the start...
Yep! That is the point I have been trying to make about the windows paradigm being broken. Vista is a step in the correct direction, but rather than being designed up front with security in mind, the Windows paradigm has to kludge security into a traditionally non-secure, single user system.
-------------------- Just another spore in the wind.
|
zouden
Neuroscientist


Registered: 11/12/07
Posts: 7,091
Loc: Australia
Last seen: 14 years, 7 months
|
Re: really a virus or banned software? [Re: Seuss]
#8825855 - 08/25/08 04:34 PM (15 years, 8 months ago) |
|
|
Yeah I totally agree. I like windows because I've used it enough to learn all its intricacies and I don't feel the need to switch to linux (and my games wouldn't work) but I'm happy to acknowledge its shortcomings.
-------------------- I know... that just the smallest part of the world belongs to me You know... I'm not a blind man but truth is the hardest thing to see
|
|