Telecoms people have been using a very similar thing for years to control revenue leakage. It works very well. I hope it works as well for this.
Signature-based malware identification has been around since the dawn of the computer security industry, but McAfee has said it's dumping the system – or rather, adapting it – in an upgraded security suite which will (it claims) virtually eliminate susceptibility to botnets. McAfee's malware signature database has grown to …
Telecoms people have been using a very similar thing for years to control revenue leakage. It works very well. I hope it works as well for this.
But in the last review of anti-virus products by a web magazine, McAfee rated DEAD LAST with largest number of allowed intrusions. Which is disconcerting as a friend I know uses McAfee, and I must therefore get him to switch away from it. More likely, do the switch for him.
Kaspersky got the top rating in the test results.
Ah yes, but I bet McAfee didn't sponsor that review...
"But in the last review of anti-virus products by a web magazine, McAfee rated DEAD LAST with largest number of allowed intrusions"
"Ah, but that was the last version", said the sales rep looking nervous and sweaty, "the next version will be the best ever and will stop all botnets!"
Note though, that they're only claiming success for botnets, not every other type of virus out there.
Kaspersky is a solid consumer product and should always test well for botnets....as consumers are the intended targets.
Let's not be judgmental, now. McAfee's doing pretty well for a bunch of junior guys in a converted warehouse in Bangalore.
Oh. You mean that's not what they are? You say INTEL owns them??!! Odd, that. To their customers, they certainly seem like a bunch of junior guys in a converted warehouse in Bangalore.
So McAfee is trying to copy Webroot. Who'd have thought?
I thought they were copying Trend Micros DEEP Security with their DEEP Defender and Trend Micros DEEP Discovery with whatever the McAfee (DEEP) sandboxing technology happens to be called...
McAfee says it has ... integrated its various modules much more tightly with each other.
McAfee, like so many other tech companies, has made a business out of targeted acquisitions. They have a number of products that do a number of things, most of which are complementary to each other. What they do not have is good integration. See how well multiple admins can set up rules in the DCM/DLP module at one time within ePO for an example of this (hint: only one at a time, per ePO server). Heck, they don't even have internal consistency for some products. Menus and permission sets are pretty much in the same condition they were found in when when the various products were acquired. Data is sent to databases but cannot be accessed from within the application's reporting system. Not what I would call good integration.
I look forward to seeing this promised improvement, at which point I will believe it.
Why should I care about "improvements" if putting mcaffee on a system still borks it harder than any virus? Whenever I see a relative's computer running butt slow, either it or Symantec are almost always to blame.
Or the recent release of Kaspersky...
OK, I'll bite.
If, by disease, do you mean the entire malware laden WindblowZE ecosystem, then the only cure is Linux.
"If, by disease, do you mean the entire malware laden WindblowZE ecosystem, then the only cure is Linux."
"WindblowZE"? Really? Are you twelve, or just another Eadon sockpuppet?
I just DO NOT like Windows!!!
I consider it the scourge of the internet.
Tux - for a reason!!!!
So... Eadon sockpuppet = yes.
Isn't this what Malwarebytes already does? And better than any other tool, including McAfee?
If you have important data, you need AV in MacOS, Linux, Android, Ios...
The problem with windows is that it is the most used, easy and OPEN (for the user and simple programs), and it used to be very vulnerable. Therefore, it is the most attacked.
As much as I despise M$, now it is as secure as others (i.e: full of not so easy to find holes).
There's only ONE operating system that needs AV. Windows.
If you can stick in USB media, are plugged into a network (inc the internet), then you need a layered security approach, which includes AV. The OS being used is merely a technicality.
Oh, i cant not respond to this hogwash.
Eadon, i see the repeat machine is firing on all 3 cyclinders.
Give it a rest mate...
Your tiresome rheotoric, coupled with your propensity to post and give a rallying war shout to all the linux-tards on anti MS sites to up your post/comments ratio is really past its use by date....
Besides, as i and countless others have said, you're talking tripe if you believe your own dribble about viruses not being an issue on unix, linux, iOS etc etc. Have OS, will infect.
If you have an FTP Server, shared network resources etc then you can potentially "surrogate" the virus within the files that you host.
Virus are generally OS specific and even though your system might not be targeted you would be helping everyone by not "sharing" the virus any further. In such a case the AV is not protecting your system but it is helping protect others, which in turn is good for you also.
When will I be able to block posters on The Reg?
That blue icon is supposed to mean "boffin", not "twat".
I would be jolly nice if people with, say, more than twice as many downvotes as upvotes were greyed out or hidden by default.
I thought those little silver icons were because these people were special in some way and knew what there were talking about. Now I realise they are just post count awards handed out to trolls.
I do hope you don't have any customer computers to look after with that blinkered attitude.
...............how to protect Linux based systems do remind me not to call you.
Had the award been based on the net number of upvotes after downvotes were taken into account he would have to pay El Reg in order to be able to post here let alone get any icons.
Read the article, idiot. It's about malware of all kinds, not just viruses. In fact, the word "virus" is not even mentioned in the text.
El Reg, please can we have a "report irrelevance" (or better yet "report idiocy" or "report biggotry") link next to the "report abuse" one please for these sort of rantings?
So what is your point, even if your assertion were correct, which I'm pretty sure it isn't. That a Linux box is simply "safe"? Yeah right. I run an Ubuntu Linux server and it is being hit by port scans and attempted logins by script kiddies 24x7. It was fairly secure "out of the box", but it wasn't locked down as tight as I wanted it. I had to go to some extra trouble to research and install some monitoring software to detect intrusion attempts and block the offending IP addresses. I replaced the mail server with a professional product, and I still had to give up on using my original e-mail address @ my domain name because it was just too much work to deal with the spam (and why bother when you get free e-mail from Google, Hotmail, Yahoo, etc.). I had to just take down my forums, and remove the registration module from my Wiki completely, in order to stop spammers from registering fake accounts in order to post ads (or worse, links to websites with exploits), wasting my time removing said accounts. If Linux were so safe, then I wouldn't be suffering incessant attempts by hackers to get any foothold on the system in the hope of escalating that to root privilege and adding my box to a bot army. As things stand, in spite of my attempts, I wouldn't bet a nickel that a real hacker couldn't find a hole and hi-jack the server.
Since I use the server as a server and not as a desktop machine, it might not need a typical AV software.
But, again, so what? The only reason most botnets consist of Windows boxes is that 90% or so of the PCs in the world are running Windows. Most of the *servers* getting rooted ARE Linux boxes. If your grannie could figure out how to install Ubuntu, she'd doubtless have no more clue how to avoid getting her PC rooted than she does when using Windows.
"Besides, as i and countless others have said, you're talking tripe if you believe your own dribble about viruses not being an issue on unix, linux, iOS etc etc. Have OS, will infect."
While he may be overstating his case, I'd be interested in seeing a comparison of the number of linux/unix web servers running Apache with anti virus compared with the number of windows servers running IIS with it. Given , you know, that Apache on linux is the most popular web server combination and the so old no-one-runs-linux-so-virus-writers-wont-bother argument that MS apologists always come up with doesn't hold water.
"If Linux were so safe, then I wouldn't be suffering incessant attempts by hackers to get any foothold on the system"
So hackers constantly attempting to get on your system - but not apparently managing it - means Linux isn't secure? Uh , what? So if a burglar tries the lock on my front door but can't open it the lock still somehow isn't good enough. What do you want it to do - scare the burglar off first? Wtf are you talking about man?
Oh , and FYI - spam isn't hacking. HTH.
"Most of the *servers* getting rooted ARE Linux boxes. "
I disagree, because some of the massively downvoted posts are quite funny.
There's no 'root' account on Windows, therefore only Unix, Linux and similar systems can be rooted.
I run 4 Macs and 2 Linux desktops at home for my family, after 25 years in IT I still don't believe all that utter bollocks you're spouting! 15 years of DOS and Windows taught me to be utterly paranoid as I know there are enough shitbags out there who would kill for my personal info and trash my machines for shits'n'giggles!
The computers that need AV are the ones poorly secured by the user.
Put Linux on as many machines as there are Windows machines. Let the average user configure security them-self. See how many Linux viruses there will be. The average user won't lock their machine down very tightly and will install any old crap a website tells them to. "You want my root password to install the pink pony screen saver? Lucky I set it to something simple to make it easy to remember"
"I would be jolly nice if people with, say, more than twice as many downvotes as upvotes were greyed out or hidden by default."
You mean instead of bizarrely awarding them, say, a silver badge?
Eadon - trolling the el Reg comments since 2009.
My friends at Apple, some of whom have worked at Apple for over 30 years, tell me that as long as they've worked there all computers there have been required to have Norton/Symantec AV.
Well, in my world, which appears to be a different version of reality to yours, when someone has an infected machine here they don't care too hoots about the semantics as to whether it's a trojan, a virus or whatever.
It's infected and that's all that matters to them.
Careful TeeCee, when he's not got anything else to go with he starts making up abusive shite, such as claiming to have shagged my mum and her asking for more.
I don't think Eadon knows the rules of how to behave in a polite society.
"There's only ONE operating system that needs AV. Windows."
Not true. My Linux server hosting email lists for various community and charitable groups needs AV for good reason. Not because the digital diseases of end users who subscribe to these (all confirmed opt in) lists are likely to infect my Linux host. They aren't. My server needs AV to detect viruses present in email attachments which end users send each other through my server. My server is designed to replicate these messages but not emails attached to them.
From the end user point of view, the distinction between the viruses replicating because my server is infected, and the viruses replicating because my server is designed to replicate email is academic and moot.
quote: "Windows has 85% of the desktop market (and still falling). Yet, it has 100% of the viruses out there. *think about it*."
Absolutely. I'd even go so far as to say that of the last 100 infections on Windows I have had to deal with, none were viruses. It's very rare to see a virus these days, what with the completely staggering number of trojans and ransomware built from kits out there.
Do you know if anyone has built a crimeware kit for OSX yet?
I once was working at for a government IT department called the NHS where there was an opportunity to save a small amount of money and get *nix a foot in the door by putting in a linux server for a particular service, which it would have been uniquely well placed to deliver (better than a windows server would have been)
It was a sensible, well through out idea that would have worked, and allowed the staff there to gain some familarity with *nix servers which one day could have resulted in there being a lot more of them on the network, further saving a lot of money.
However, the look on the chaps face who had to sign off on it when I mentioned *nix immediately told me that there had been zealots in before who had preached the point without understanding basic professionalism. In my view those people have forever blown away any possibility of having *nix servers installed at that location through their zealotry, and worse they resulted in me being tarred with the same brush for actually mentioning it.
Your zealotry does not help the situation. Far from the point, it's actively harmful to getting any form of *nix installed anywhere and you would really help the cause by shutting up. You make anybody using or proposing the use of any form of *nix look alike a unprofessional teenaged twit and surely you must realise that your misinformed rantings are the best dream because of the negative advertising of *nix that Microsoft could ever possibly wish for.
This portion of your comment:
I replaced the mail server with a professional product, and I still had to give up on using my original e-mail address @ my domain name because it was just too much work to deal with the spam (and why bother when you get free e-mail from Google, Hotmail, Yahoo, etc.). I had to just take down my forums, and remove the registration module from my Wiki completely, in order to stop spammers from registering fake accounts in order to post ads (or worse, links to websites with exploits), wasting my time removing said accounts.
contains an argument that is not platform (Linux) specific. Spammers can create fake accounts on forums hosted by Windows also. Also the argument concerns application software, not O/S software. Therefore it is REJECTED.
Can we have an Icon for Eadon posts?
"- I didn't know the NHS was a govt dept, AC, thanks for this enlightening post. >HEADDESK<"
NHS falls under the Department for Health, glad you're enlightened.
You can rant on about the difference between viruses vs trojans all you like, but I challenge you to find a reference in the article to "AV", "antivirus" or even "virus". McAfee and the likes refer to themselves as Security products, which every OS needs to some extent or another.
But don't let that stop you turning this into an opportunity for you to vent against a different company/arena that you don't like.
Ah! That hit the spot. My daily Eadon.
All's well in the world.
Indeed, it is very entertaining reading his posts.
Mind you, I'm glad that I don't employ him (or contract his services for that matter), 18 Register comments today and counting...