Joe there's a saying that says there are two types of people, those who have fallen of bikes and those who will. All that these gunho virus wranglers prove is that they haven't gotten hit yet.

If you think you can steer clear of trouble think twice. Visiting "safe" sites only works if the "safe" sites haven't been compromised. I always do my MD5 checks when I download. My K3B (cd burner software on Linux) does the MD5 check for me before burning a CD. I can cross-check on the site to make sure I didn't get a man in the middle. MD5 comes in my Linux boxes and my Mac. Doesn't come with Windows. That is why I do a lot of my downloading in Mac or Linux. Now how many people out there actually do that and how many pieces of software do it for you on the Windows world. Very few.

Just a month ago I had a VBS virus in my USB memory stick. Hadn't noticed it since I use mostly Mac and Linux. Yet some Windows box got it there. Had the next Windows box not had an antivirus I would have infected a whole lot of machines without knowing it. Are all these experts going to lock themselves out of the outside world? We all know about stories of shrink wrapped media with viruses and malware.

I find the math and computer science student's comment very dangerous. I'm sure that form a mathematic point of view you can imagine a perfect system. Hey in pure math lines really have no end, series do have all those infinite terms, e and Pi do have all their digits. But guess what in real life we have engineering constraints. There is no way to store all the terms for a serie. You'll cut off somewhere. Pi isn't infinetly precise and unfortunately for the matter at hand there are no perfectly designed computer systems. So unless Phil runs Word inside a fractal I'd bet good money he's at risk and no amount of pseudo-social-political staments like those are going to spare him.

On the matters of Vista well I think Microsoft is just paying for the dirty laundry it put under the bed and didn't clean over the past years. I though back when W2K was out that the .exe/.bat/.com hell would be over. Finally a real *nix like file permission system. Real multiuser setup. But what did we get? XP Home! People have become used to click and run. More important so developers have become used to click and run. It seems from what I read that Vista will be breaking a few apps here and there. Hey for Microsoft supporters to say you don't need over 1000 apps so don't worry. That line was Linux diehard exclusive use!

Now seven years later it just seems Windows has an uphill climb. Competition isn't like it was with an alternative like OS/2. With Linux and Mac Microsot has some real challenges. Mac offers a really solid working platform with lots of multimedia ready apps and a great family package deal. Linux today offers support from big software vendors and although you might not have MS Office you have a great deal of everyday apps.

More important than that is the fact that both systems are moving at lightning speed compared to Windows. Put that together with a lot of slow Vista deployment plans (like a year or so) and you'll see those systems will be much better by 2008. Way better! So people might migrate to other non-Microsoft platforms. Remember the recommendation of not installing until service pack 1 comes out? Unless that comes out Feb 1 2007 Microsoft is up for one step climb.

Finally with Microsoft venturing into the "final frontier" called security (Probably because it has failed at, conned or bought itself into all remaining areas). I can only wonder what will become of our security on the Windows platform. Will UAC become another IE6? Innovation at first then ... well we all know that part of history. It's a line a thought that gives me the creeps. Guess that just like the iPhone only time will tell.

I think Windows Vista should be bundled with an "INTERNET SECURITY" or some extremely powerful "ANTI-VIRUS" because according to some sources, I came to know about the hacker's intention in hacking Windows Vista. So I want Microsoft to bundle it in the SP-1 or in the R2.

I think it's possible to stay clear of trouble by installing an email filter whereby you can read your email on the server, and delete the junk & spam before you download it.

Mailwasher Pro is such a device, but I hasten to add that I hold no brief for this software. I just use it. I've stayed clear of email borne viruses ever since.

Over the years this is a subject that has continually concerned me and one in which I've changed views regularly.

For long periods I've run with neither AV or Firewall without any problems. I've confirmed this with occasionally running AV and spyware scanners both online and offline using a PE disk, with zero reported problems.

But regardless of my success I do now run with both AV and firewall, but am not entirely certain I need either.

I think it is a huge misunderstanding to consider most people who are knowledgeable and don't use AV as "cavaliers" or bikers without a helmet. It's more like people who don't wear a cross to keep them safe from the plague.

Actually, at work, and increasingly at home we do have machines without any virusscanner. And it is save too. It's done by running Windows (or whatever you'd like to run) as an OS in VMWare. You make the VM-machine read only. So every time you boot you have the machine you had. Perfect for surfing, MSN and the like. The more so because the MSN profiles are not stored locally (being readonly you could not even store it locally).
It has obvious disadvantages, but for only surfing and MSN it's perfect.

Well, I stopped using McAfee anti-virus at work because it caused endless problems. I exterminated it from my system. Talk about nasty viruses. I also used Norton for a while but then it got more and more expensive. Neither of these programs actually identified any viruses. I have been a long-time user of ZoneAlarm (not the version with antivirus) and the Zonealarm mailsafe feature has caught a number of nasty e-mail attachments that the above mentioned products let sail through into my mailbox without a peep. I run a free version of AVG at home but I have very low expectations that antivirus provides much security and wouldn't pay for it.

I would argue that antivirus software, at least in the past, has actually been a security threat. Antivirus programs have often required the user to run with admin privileges for the product to work properly. That's like saying: "Hey, we are going to expose you to significant security threats, but we'll mitigate some of the risk but not all, and you'll pay us for the privilege." I run WXP and W2K systems at the moment using reduced privileges (can be a pain sometimes but there are work arounds e.g. http://nonadmin.editme.com/), combined with Zonealarm and running tools to configure the systems properly, I doubt antivirus would provide any additional protection.

Oh, and I won't be upgrading to Vista. Yes, Microsoft finally appears to have gotten more serious about security with Vista and started forcing software developers to write code that doesn't require admin privileges to run, but too little too late. Why pay big dollars for an effort of questionable design and implementation to push better user privilege control--when this new, improved feature should have been in the product from the beginning. I think my security upgrade is called Suse.

I think a huge problem for the Windows world is that there's a generation or more of users that have grown up on admin privileges. Bad practices are hard to change and Microsoft (although not alone) has promoted and facilitated a culture of bad security practices for a decade or more. Microsoft pushing user privilege control is like Big Tobacco promoting lung health. In some ways, whether they get the technological issues right or not is irrelevant at this point, the cultural barriers to most people practicing appropriate security are huge.

I've got a response to motorcycle quote you cite above from the senior product manager for Symantec's Security Business Unit. What Ms. Garcia-Manrique says seems perfectly sensible but the analogy isn't really appropriate. The world of Windows is one more akin to a world of motorcycle users who all ride around at reckless speeds, weaving in and out of traffic, running traffic lights, etc. and then they say "oh, I don't worry about accidents because I've wearing leathers and a helmet." Anti-virus is a way many users reassure themselves that they are secure so they can avoid undertaking more fundamental and important practices essential to real secuirty.

Quote from Symantec Knowledgebase:
"LiveUpdate requires the use of an Administrator account under Windows XP/2000"

Link here: http://service1.symantec.com/SUPPORT/sharedtech.nsf/d3c44a1678bd8f45852566aa005902cb/ddff30e8c11384c688256a31005cf0d7?OpenDocument&prod=Norton%20AntiVirus&ver=2005&src=sg&pcode=nav&svy=&csm=no

Both Symantec and McAfee products make various Non-Admin Hall of Shame sites (do a Google search).

And to read test results that demonstrate why this is a huge security risk:
http://nonadmin.editme.com/WhyNonAdmin

And don't tell me virus writers never test their product against current virus engines and signatures. They do.

Bottomline: a zero day exploit and you're toast.

What does AV software really protect against?

User Ignorance - No. People will always be just too curious, and those email attachments will be opened

New Viruses - No. AV software only protects against OLD and KNOWN viruses. Your only as safe as the AV companies signature database. You could have the latest and greatest AV software and STILL be infected with a virus.

Running Internet Explorer as Administrator - No. Some viruses are able to disable AV software if you give them admin rights. Amazing eh?

Spyware - No. And this is the real killer. No product in the market exists that can detect and remove 100% of spyware. Yet getting spyware can be financially disastrous if your banking details have just been compromised.

So really, AV software doesn't protect you from much after all.

In my opinion AV companies promote reckless driving because they have provided you with seatbelts.

Security software: Is the cure worse than disease?

I have McAfee SecurityCenter, preinstalled by Dell on my Precision 690 (dual-processor hyperthreaded dual-core Xeon 3.2GHz, 2GB RAM; TaskMgr shows eight processors). My computer has 16 background tasks which are all directly McAfee-related (after uninstalling Privacy Service due to a database error).

And the tasks do not appear to be multithreaded - when MSC starts up, my computer slows to a crawl for several minutes - on 25.6GHz of combined processing power!

At home, I have yet to get Total Protection 2007 (retail copy) working. As soon as the updates download and install, my Internet connection becomes flakey. With a full install, nothing works. With only VirusScan and Personal Firewall, some sites will start to load, but fail partway. Two examples: www.imdb.com, www.fatzcafe.com; both work without MTP, both fail with it. If I hadn't sent in the UPC for a rebate, I'd take it back.

I've been working with computers since 1987. This should not be so difficult.

Security software: Is the cure worse than disease?

I have McAfee SecurityCenter, preinstalled by Dell on my Precision 690 (dual-processor hyperthreaded dual-core Xeon 3.2GHz, 2GB RAM; TaskMgr shows eight processors). My computer has 16 background tasks which are all directly McAfee-related (after uninstalling Privacy Service due to a database error).

And the tasks do not appear to be multithreaded - when MSC starts up, my computer slows to a crawl for several minutes - on 25.6GHz of combined processing power!

At home, I have yet to get Total Protection 2007 (retail copy) working. As soon as the updates download and install, my Internet connection becomes flakey. With a full install, nothing works. With only VirusScan and Personal Firewall, some sites will start to load, but fail partway. Two examples: www.imdb.com, www.fatzcafe.com; both work without MTP, both fail with it. If I hadn't sent in the UPC for a rebate, I'd take it back.

I've been working with computers since 1987. This should not be so difficult.

i use av on my email server and that's it. no av or anti-spyware on ony of the 3 of my workstations. don't need it.

I similarly haven't used any AV for the past 4 years about. I put my faith in a secure browser (opera) and my gateway's firewall. To this date I have not been infected by a single virus, some spyware yes. For the occasional spyware infection once a year I don't feel the need to have and active program running in the background being a resource hog and an annoyance, for that I do a quick spybot scan when I am suspicious.

Even though viruses are potentially much more harmfull than spyware, I find that the possibility for a virus infection is extremely low in comparison to annoying spyware.

Also, if I were to be infected by such malicious programs and I don't notice something wrong, does it really matter (except if you are very concerned about privacy).

If your computer is connected to the Internet, it can get infected. You don't have to visit web sites or get e-mail. I've setup many a computer that I had connected to a corporate network, and literally within a minute it was infected. The only way around this was to keep the computer off the network until I had my anti-virus software installed, all of the patches installed, and a firewall installed, and then I put it on the network. And this happens in technical savvy software companies in Silicon Valley.

Connecting your home computer to a DSL or cable modem is like living in Baghdad, and if you don't feel that way, you really don't understand how the Internet works today.

Today criminals in Russia and other countries have successfully installed their software on millions of computers, many of which are in the USA. Today, this software is largely used for spamming, malicious acts, and criminal activities. However, it can also very easily be used for economic, military, and terrorist attacks.

These users who allow their computers to be used for criminal purposes due to their arrogance really should be held criminally liable for any criminal acts committed using their computers.

Ojas

Perhaps those users who have attempted to secure their computers yet still succumbed to spyware or viruses should hold Microsoft Criminal responsible for writing such insecure code in the first place (I am talking about giving everyone Administrator rights by default). Or should we hold AV companies criminally responsible if their products fail to protect us from NEW viruses.

Interesting story about users of AV software...

http://news.bbc.co.uk/1/hi/technology/6278079.stm

Seems like these people DID have AV software. Didn't stop opening those damn email attachments did it...

Re: On Not Using PC Security Software

For the reasons given in several of the comments, I would never use a pc "in the regular way" without using firewall and anti-virus software. I qualify this by saying "in the regular way" because of a recent occurrence.
Using an old laptop with the hard drive removed until I got a new one, I tried out several Linux 'live' cds. The live cd allow you to run linux off the cd (with the booting setup configured to allow initial booting from the cd drive), using only system memory and no use of the hard drive (the hard drive can alternatively be disengaged during the booting setup process). The live boot Linux cd allows connection to the internet, using one of the included browsers-Firefox is generally included. With the live cd, you can browse the internet at leisure without use of security software.

However, if you attach a writeable storage media to your system while using the live cd, such as a flash drive or floppy disk or hard drive, then your system can be compromised by having a virus, worm, etc., infect the storage media. Also, while browsing the internet using the live cd, I don't open my email accounts, or other accounts, or use any passwords out of concern that attacks,using the computer system memory, might infect the accounts or steal the passwords.

When I am through browsing on the internet with the live Linux cd, I simply shut down the system and remove the cd, knowing that there is no place where any infected material can be saved on the computer.

Laura Garcia-Manrique, albiet a Symantec employee, has stated that using Windows is as risky as riding a motorcycle in shorts, sandals, and a t-shirt and without a helmet. Is this a biased comment from a flimflan artist or the words of a dear and devoted friend? Can someone please validate the veracity of these statements before posting such inflammatory testimony?

If you know what you are doing with a PC then generally you don't need antivirus. However, most people will download the odd zip file or have a dodgy attachment in an email, so it's always handy to have the abiliy to scan something from an unknown source (of course, most email viruses play on the unsuspecting and slighly more novice of users and hide exe files as jpgs etc).

I do quite like the idea of having some malware/adware protection as this can easily come down through some web browsers, but generally, if a users only goes to 'safe sites', like the bbc, cnn, microsoft, apple etc etc, then you're unlikely to come across any problems (but then who doesnt want to explore a bit?!).

Firewalls, again are not so important on the local machine as most sit behind a router or similar and therefore have a firewall in place and probably the whole internal network is stealthed. Obviously that doesnt apply to a lot of home users with USB modems connecting straight to the internet.

If you know what you are doing with a PC then generally you don't need antivirus. However, most people will download the odd zip file or have a dodgy attachment in an email, so it's always handy to have the abiliy to scan something from an unknown source (of course, most email viruses play on the unsuspecting and slighly more novice of users and hide exe files as jpgs etc).

I do quite like the idea of having some malware/adware protection as this can easily come down through some web browsers, but generally, if a users only goes to 'safe sites', like the bbc, cnn, microsoft, apple etc etc, then you're unlikely to come across any problems (but then who doesnt want to explore a bit?!).

Firewalls, again are not so important on the local machine as most sit behind a router or similar and therefore have a firewall in place and probably the whole internal network is stealthed. Obviously that doesnt apply to a lot of home users with USB modems connecting straight to the internet.

Having had a quick read of the article and some comments posted, I believe I have a somewhat unique situation.
I'm the IT admin where I work, although I'm by no means an expert, and so decided to be safe instead of sorry and had Symantec's finest installed when we upgraded our server. Despite my pleas with our employees not to open, one of them decided we had a 'good system' in place and that it would be therefore fine to open a malicious file that made its way to our system.
The virus immediately started sending 100's of emails a minute: I knew this because Symantec's software was scanning each and every email as it went out, filling the screen with dialog boxes.

So, 1. It scanned every email and didn't realise that any of them were sending a virus.

No. 2. Even though sending 100's of emails at a time made it obvious to me that something was wrong, Symantec's software never cottoned on.

So install your AV software. Just remember that it probably won't do you any good.

Simply put, just about everyone needs an antivirus and firewall running at all times. Those that believe that they are safe by avoiding untrustworthy web pages and emails WERE right, once upon a time. However, times have changed. Those that believe this is still the case are simply ill informed and will probably learn the hard way. (Unfortunately) As a information security professional, I have seen careful, knowledgeable users get infected more times than I can count. Viruses, worms, trojans, and spyware can find their way onto systems in such ingenious ways it almost seems magical. This is mostly due to the fact that malicious software is now very profitable, and thus criminal enterprises are producing code that meets or exceeds software engineer quality. Accidentally misspell a web address? You might have just picked up an infection from a parked site, especially if you use IE. Broadband user with no(or a misconfigured) firewall? Chances are in the time you've read these posts someone has scanned and possibly broke into your system and planted a remote access trojan. Rootkits are the scariest of them all - if you happen to run across a good one and it infects your system, chances are you will never find it - even with AV or rootkit scanning tools. (Not the case with all rootkits, but some of the latest can evade even the best detectors) From that point on all sorts of malicious software will infect your system and the rootkit will hide them from all your tools. (Never ever surf/email as an Admin!) We all hate losing part of our CPU to an active AV in the background, but it is an absolute necessity. It may sound paranoid, but every internet connected PC is now a target. (Mac/Linux users aren't safe either, just safer since less malware is directed toward them) We can only hope that Vista will turn out to be more secure than XP, but for now, as a minimum, you should be running as a limited non-admin user, have an active, well rated AV program running at all times, have multiple antispyware scanners and innoculators, and a well rated, properly configured firewall. Although nothing is foolproof, with anything less, it is simply a matter of time.

I'm a Mac user of 23 years duration, and support about 120 Macs in the Editorial, Design, Pre-Press and Print Production units of a national US publisher. And I, for one, am sick to death of people trying to tell me that Macs are "digital Typhoid Mary's" and that we need to protect ourselves against Windows viruses for the socialistic good of All.

Yes, it is a toxic soup out there, but by a 100,000-to-zero margin, that soup is only toxic to Windows PCs. Have Mac people inadvertently spread malware via e-mail or IM to Windows users? Undoubtedly so. Does it happen very often? Definitely not - so I think this topic is overblown, and a distraction from the real issue - the fundamental insecurity of Windows.

Mac OS X was built from the core out to be more security conscious. The firewall is 1st rate, and a third-party appliance from Allume (Internet Cleanup) can guard against the handful of potential keystroke loggers, etc. that may be floating around. Will there ever be a major (meaning: SUCCESSFUL) attack directed at OS X? Maybe someday, but considering the speed at which potential security holes are patched (usually within 24-72 hours of discovery), the odds are still quite low.

While Macheads may sympathize with the plight of Windows users' struggles, end of day, their problems are not ours, and they shouldn't be all over us just because we have no vested interest in helping fix it. I have no desire to lock down my machine and reduce my enjoyment of my computer for your sake. That's like me wearing a condom to protect you from the adverse effects of you consorting with known prostitutes carrying STDs. I'm willing to do things that don't inconvenience me, but that's all I need do.

The irony is, everyone continually spreads the FUD about how Macs are so much more expensive than Windows machines, but the cost of one major ID theft hack on your PC, or the unrestorable corruption of your business data may tend to balance that equation overwhelmingly in the other direction.

i am an administrator. I got a problem, my clients receive a pop up window that has a Kenyan national apparently advertising himself for the position of presedency. Now all the client that received the message have a problem, they are slow, and worse is that the administrator rights and permission are gone. Its the message(Virus) conquers the administration