Malware Threat Reports Are "Apples and Oranges" 191
Ant writes "The December malware threat reports are trickling in from vendors — and they all appear to be different. Fortinet, Sunbelt Software, and Kaspersky all published their lists of the most prevalent malware strains for the last month of 2009, but they didn't match up, leading to an admission that users will inevitably be confused by the results. Not only do the various security companies use different names for the threats they identify; they don't even identify the same threats."
Re:Example of competition gone wrong (Score:2, Informative)
1) Antivirus solutions do not co-exist - and not just the resident portion. I'd love to run a second or 3rd scanner like I can for spyware but Antivirus vendors have created a market that is use to the worst kind of lock in. Why can't I run 3 different products side by side and decide which one's resident scanner I want switched on? I'm sure there are technical issue but I'm also sure they're not insurmountable.
I decided on one paranoid night to try to do just that. I found that for the most popular free solutions (AVG, Avast, Avira) you can install them side-by-side and narrowed it down to just one resident scanner running. You either have to find the hidden option in the menus, disable the start-up entries, or just opt not to install them during setup. I was able to safely ignore the warnings about having other AV products installed during the various setups.
An easy solution for individual files is VirusTotal. You can upload the file (less than 20MB) and have it scan it with ~39 different antivirus programs.
The most important thing to remember is that security is a process, and not a product. (If I remember that saying right... and I don't mean explorer.exe)
Re:Example of competition gone wrong (Score:3, Informative)
6) Vendors appear to put more effort into making their user interface "pop" rather trying to minimize resource usage and system impact. For example, Microsoft antivirus creates a system restore point every time the signatures are updated (once a day). Every time a system restore point is created my system become barely unusable for a couple of minutes. You can't control when it updates the signatures (currently for me it's around 23:20). Which brings me to:
7) Vendors want to use their own resistant scheduler service rather than using the standard service that has been in MS Windows since Windows 95. More resource waste.
Re:Running multiple products (Score:3, Informative)
Really?
Researchers Hijack a Drive-By Botnet.
They found more than 6,500 websites hosting malicious code that redirected nearly 340,000 visitors to malicious sites. Drive-by downloading involves hacking into a legitimate site to covertly install malicious software on visitors' machines
"Once upon a time, you thought that if you did not browse porn, you would be safe," says Giovanni Vigna, a UCSB professor of computer science and one of the paper's authors. "But staying away from the seedy places on the Internet is no longer an assurance of staying safe."