[BBLISA] Verizon: No p2p blocking
Edward Ned Harvey
bblisa3 at nedharvey.com
Fri Jun 18 09:24:42 EDT 2010
> From: bblisa-bounces at bblisa.org [mailto:bblisa-bounces at bblisa.org] On
> Behalf Of bblisa at rootme.org
>
> In the arms race, malware authors are winning hands
> down.
I'll second that. Bigtime. The advice I give people, and that I follow
myself, is to have good complete-system backups, and at the first sign of
anything infecting your system, take no chances. Nuke the computer back to
yesterday or a week ago. Hopefully you noticed something was wrong at the
time it began, or roughly.
The "bad guys" job is very difficult - A typical exploit is something like
... overflow a buffer by getting somebody to look at a specific webpage,
which allows arbitrary code to be executed. But there needs to be malicious
code available to execute. So you also exploit a memory leak which allows
arbitrary code to be written to a file, or something like that. Hacking
into somebody's computer typically requires multiple exploits chained
together, and it's really tough to figure out how to link that chain. But
obviously they do it. Because when they succeed, they get personal
information about millions of people. Successful attacks either rob you, or
rob somebody else on your behalf.
The "good guys" job is even more difficult - They have to find a way to
detect and prevent every possible unknown attack that the bad guys could
possibly try. Success does not mean glory or riches of any kind; they only
get paid by people who are willing to pay for prevention of something that
they probably haven't yet been hurt by ... or at least not that they know
of.
Last I knew, antivirus/antimalware was a $3 Billion industry. And credit
fraud/identity theft was a $30 Billion industry.
The good guys have a fundamentally more difficult job, with less motivation
to do it, and less resources at their disposal.
When the good guys are fighting a losing battle ... run for cover. Yes, use
the good guys. Install simple quiet non-intrusive antivirus. Apply
automatic updates. Keep your firewall on. Don't run unnecessary services.
Distrust your email, and every webpage you ever look at (even the clean
ones.) But also keep good backups, because all of that is simply not enough
to always prevent yourself from getting attacked.
More information about the bblisa
mailing list