#StandWithUkraine
Andrey “Rarst” Savchenko —  — Thoughts, Web — antivirus, firewall, malware, security

Bursting security bubble

Know why security threats become bigger and nastier each year? Frankly it is because most of the stuff we are doing to fight those doesn’t work.

Computer security is hot topic. Internet separated people into:

  • security savvy;
  • those whose computers are zombified to send spam.

If world was fair PCs would just explode on security breach. Unfortunately in world of information evolution doesn’t work.

Security practice

Every single article on computer security will stress that you need:

Most of articles fail to mention that in general case these are as efficient as door against cat. Yeah, door is large and sturdy. So is cat. Plus claws, determination to break in and multiply methods to make human surrender into opening if brute force fails.

And even nastiest cat is angel comparing to character of modern computer virus.

Problem with install software approach is that it substitutes solving problem with using tool. There is no way to use hammer efficiently without seeing the nail.

Security theory

There is one article that I consider most useful piece of knowledge I had ever read online. I read it, I re-read it and when I am tweaking with any security setup I get urges to go read it before and after to make sure I hadn’t forgot a single point from it.

It has nothing to do with antivirus and firewall. Actually it doesn’t have much to do with software.

Instead of giving you the tools it shows you the problem. I had three different drafts to briefly cover what article is about and how important it is. In the end I decided to tell you just go and read it.

And when your trust in antimalware, firewalls and patches is ruined you will start to understand that maybe holding nail straight and right side up is more important than cool hammer.

Related Posts

12 Comments

  • Lyndi #

    I am no expert in this field but I have always thought that any 'baddie' who knows what they are doing will be able to get past any firewall, anti-spyware or anti-virus we could throw against them. This does not mean that we can go without these things. Fortunately the 'baddies' are not always all that clever and these 'not-so-clever' guys can be stopped via the conventional means.

  • Rarst #

    @Lyndi Yeah, conventional means are important. However good security thoughts like "what do you need antivirus for" are often substituted with crap like "I have good antivirus so I have nothing to fear". The whole argument of which software is "better" draws attention from how any of it should be used to be efficient.

  • Jonny #

    "Six Dumbest ideas" was a great read and I have to agree with a lot that was said. This "allow all" and blacklist approach to security hasn't been working which is why we now have the different approaches of white listing and behaviour blocking. Vista UAC is a great idea - don't allow things to run without explicit consent - but ends up being really annoying. UAC is more turd polishing though. Hopefully windows 7 may have some better answers.

  • Rarst #

    @Jonny Yeah, Vista got UAC terribly wrong. It's actually standard Linux approach - want to do something advanced, get asked about admin credentials. How complex was to copy that?.. Vista managed to educate users that first thing they must do is to go and disable part of security so it stops interfering every minute.

  • Jonny #

    Ha Ha yeah, I disabled mine ages ago and rely on comodo defence + which is just as annoying but picks up more.

  • Rarst #

    @Jonny Comodo can be educated and is pretty flexible at that. :) But in paranoid mode it can drive users nuts even faster than UAC.

  • Rick #

    Great article... Best tool out there is "common sense"! One product I endorse to greet the bad guy at the front door is Web of Trust (WOT) - browser add on.

  • Rarst #

    @Rick Isn't WOT exactly one of those dumb security ideas? Enumerating badness? :) And resorting to crowd wisdom - which ranks high on my personal list of dumb ideas. I am not saying it is bad, quite opposite. But it is definitely not approach I am willing to rely on.

  • techpaul #

    Rarst-- Thank you for posting a link to this article. I had not found it before in the course of my studies. The author does an excellent job. BTW.. I too have advocated the WOT toolbar/plug-in to my readers, yet I have always had the same belief that you do -- the model has quite serious flaws. Yes.. that's contradictory.. I know. But I believe that its "good" outweighs its "bad" and I don't advise relying on it either. Personally, I combine it with SiteAdvisor or LinkScanner..

  • Rarst #

    @Paul Yeah, article is timeless and priceless. Years since it was written and not much changed - bit sad. And there is nothing wrong with solutions that are "good enough". As long as we are aware about flaws and can balance them out.

  • Nick Staroba #

    Wow it's been a long time since I've read an article all the way through down to the very last word AND the fine print at the bottom. Thanks for pointing this article out. I've got a whole different perspective on computer security now. Makes me want to learn more actually...

  • Rarst #

    @Nick Yeah, it really shakes brain and suddenly "install antivirus, install firewall, feel safe" doesn't feel so smart and smug anymore. :)