Comments on: Antivirus insecurity at Black Hat confab

Security industry event to focus on exploiting holes in antivirus, database and device driver software to break into computers.

Where's the story ?

I was certain there was going to be a real story here, especially when I noticed Clamav noted. Alas, just another glob of pasted quotes and mis-information about 'future' expectations, and what might happen.

Good try.

Eliminate the virus vulnerability - do not accept it

Why is Anit-Virus accepted as a required add on? It was adopted and used to patch a basic weakness and vulnerability in the Windows System. This basic flaw should be fixed and eliminated, and users should not have to add anti-virus, anti-spam, etc.

Lets get to the root problem and fix it. We should not accept all the add-ons as necessity.

The question should be asked is whether the virus market was a self serving market. Was the virus threat created by the early pioneers to sell anti-virus software?

Consider the millions of dollars wasted in software cost, administrative time, and computer cycle time due to anti-virus programs. The user has been exploited. This is the real crime here.

[David Arbogast]

Study your history

Virus writers and their methods were developed before Windows ever dominated the desktop. Suggesting that flaws in Windows are the source of viruii, hackers, and various anti-virus approaches is simply foolish. Every software system has flaws, and while not all anti-virus software is perfect, to a large degree it can help common users. If you consider it an unnecessary "ad on," then simply don't install it.

[Luke_Cage]

well duh

if microsoft doesn't have issues there is no reason for patches and to check for them, hence, no antivirus industry, bootleggs a-plenty, and noway for microsoft to control their product. not to mention you cant contribute to the DOD and think you able to fortiefy your software govt demands access, aka the several backdoors to your system, in case they have to monitor you. did you every wonder why if your product runs the world and only recently you go "hey we know our product inside and out lets aquire an partnership with a antivirul firm develope a secure add-on instead of tighten and testing the code? then try to offer it for free in order not to look a profit monster. no you cant find everything especially when six depts contribute and one dept gets to quilt it together. the diffrence isnt just in how pretty the pattern is, but how well its sewn together.

[zaznet]

You mean eliminate the user...

The only way to eliminate the vulnerability is to eliminate the user. Unless you want to "unwire" your computer from any external access and this includes media (music, movies) and software (new single-player games).

[zaznet]

Seen This Happen...

Years ago in another work place we had a simple DOS virus infect our anti-virus software used enterprise wide. The software was executed from the server, so once infected it was instantly spread on all machines when any user logged onto a workstation. Suffice it to say that the months old virus wasn't known by our week old virus definitions.

In the end our own defenses brought us down to our knees. Part of the problem was poor deployment of the anti virus software and the security used around it. Antivirus software needs a high level of access to the system, but you have to prevent the users from having a high level of access to that software or the ability to make changes to it.

[zaznet]

That was 9 years ago BTW! :)

Just wanted to let everyone know this occurance was about 9 years ago.

worlds biggest non-story...or is it?

Attacks on antivirus software have been around roughly as long as antivirus software. If there's a story here, it's that the 'threshold of pain' for exploiting microsoft OS monoculture has (supposedly) begun to exceed that of exploiting some other monoculture. So kudos for Microsoft for digging their way out of dead last in the low-hanging fruitz department.