back to article Anti-virus suites still can't block Google China attack

The vast majority of consumer anti-virus products are still failing to block the Operation Aurora exploits used in the high profile attack against Google and other blue-chip firms last December, according to independent tests. NSS Labs evaluated the effectiveness of seven popular consumer endpoint security products to see which …

COMMENTS

This topic is closed for new posts.
FAIL

Poorly done tests

They also forgot to test Bitdefender, and from what I can see it blocks the attack. It's rather odd they forgot to test one of the biggest players in the market.

0
0
Silver badge

And Avast...?

In addition to subject, I am stuck. I sort-of agree with the test that AVG should block the attack in a uniform way, but I also agree with AVG if they block in co-operation with the user using Firefox. At least my government didn't piss around like the British. They said "stop using IE, end of". Of course, few people paid attention (looks like they're still using IE6 at work? I'm not IT so I can't exactly push my boss off his seat and look up the version, but I can tell you it ain't IE8 with the mucked up redesigned ick-factor-heavy URL bar and the stop/reload in the wrong place).

It would be *nice* if we could load a magical piece of software and it made all the problems go away, but that's not reality. We need to be pro-active in this and try to avoid following links that look/sound dodgy, not ordering from non-SSL sites, not running untrusted content, not opening unknown attachments (one of my mother's friends in Oz is compromised, as soon as she sends an email her system sends one from "Hallmark.com" with a zip file containing an eCard; and Yahoo mail says "uh-uh, that's a virus, don't touch it"). Just think what damage it could cause if there wasn't a relatively sane webmail interface in the way.

http://www.theregister.co.uk/2009/06/09/mcafee_update_snafu/ and a potentially revealing blog posting that might helped the Megasploit show that there's more to an anti-virus package than just one pass. How much stuff does it miss? Or, if heuristically-based, how many annoying false positives (why I gave up AVG for Avast).

There's a review at http://internet-security-suite-review.toptenreviews.com/mcafee-review.html which seems mostly favourable, but note that it is a dead dog when it comes to installing - the review says that during the installation process they could type faster than Word could keep up, plus after uninstalling a lot of crap was left behind (both files and in the registry).

Can't say if Avast is better, but - again - there's a myriad of things more than the one single exploit.

0
0

Magical Piece of Software

Yes I already loaded the magical piece of (free) software. It's called Ubuntu and has speeded up my productivity no end without need of viruses or virus checker :)

0
1
Linux

My AV protects me

Actually i'm lying I don't bother running any AV at all.

There are still basically 0 viruses that effect Linux desktop users so why bother slowing down my machine.

The 1 'virus' that appeared last year involved you having to install a package and put your root password and could not spread to other users.

1
1
Stop

Vulnerability-based protection?

Um, wouldn't it be better to fix the vulnerability?

0
0
Thumb Up

@My AV protects me

Ditto, except that my AV software hasn't been updated since November 2002 owing to the lack of anything to be anti.

0
0
Happy

a nice av test was done by raymond.cc

A nice test was done here. (not the test of the article)

http://www.raymond.cc/blog/archives/2010/02/03/best-performing-speed-and-memory-usage-antivirus-and-internet-security-for-2010/

0
0
FAIL

@ My AV protects me

So you 'could' be running rooted boxes? 'No' device that casually access the web is invulnerable, servers have a much better chance but desktops no way. I'm not defending MS i'm just pointing out that you are both fools. ;)

Have a nice day.

0
0
Anonymous Coward

STOP COCKWAVING

Your choice of operating system has nothing to do with it. Now fuck off and be smug elsewhere.

Hopefully you lot will get DDOSed off the net in an andt-smug campain.

0
1
Coat

giggle

You can almost smell the rage.. What's up? Insecure? No pretty pictures for you to click on with a *NIXoid?

0
0

re: STOP COCKWAVING

How can you say that choice of OS has nothing to do with it ?

This vulnerability only effect Windows systems - don't use windows and you are safe from this (and virtually all) vulnerability.

Sure you get hacked Linux servers, there are nearly always a result of mental permissions (i.e 777 in the entire www folder is common..) or silly password (you would be surprised at the amount of clients using admin or password as there FTP (sometime root) password.

Although my home (linux) gateway has snort and ossec installed on it to identify and stop know dos / ddos rootkits - snort also uses clamav signatures to detect any known virus (on any port) - again I do not need to slow down my desktop may having crap I do not need and the system is in place to protect the Windows machines in the house.

I feel I need to defend and continually make people aware of Linux benefits as its not like Linux has any 'real' advertisements.

Another thing I think people should be aware of is that no Linux company (that I know of) donates to the Republican party (unlike Microsoft) , if your happy giving money to those factards then fair enough - I personally believe Microsoft get enough money from me already (as I pay taxes which in turn is used to purchase microsoft products - when alternatives could work for a lots cheaper/free - it is MY tax money...)

anyway - enough ranting for one day.

1
0
Anonymous Coward

@ yossarianuk

No system is invunerable

If everyone got their system as tight as yours, you would be the next target.

0
0
Anonymous Coward

Hmm

Not sure I trust any "test" where McAfee comes out smelling of noses- I've had to clean up too many networks that their horrible system-trashing crud was "protecting".

0
0
This topic is closed for new posts.

Forums