MS Official says Malware recovery becoming impossible

[o_|404|innoc-tpf-]

Eweek Article

I thought it was both funny and sad to hear Mike Danseglio (program manager in the Security Solutions group at Microsoft) talk about the rootkits and kernel hooks used by evolving malware. The self-healing attributes of malware also seemed funny and sad to me when neither Windows nor any AV program appears to be able to do that. Granted Windows and the AV programs are larger in size. But even self-healing attributes can be exploited.

[o_mescalito]

I dunno what the hell are you talking about, but yeah, that sucks! ^,^

[o_|404|innoc-tpf-]

Quote:

Originally Posted by Mescalito

I dunno what the hell are you talking about, but yeah, that sucks! ^,^

Basically...be sure you practice safe browsing and email habits as if you get infected you may not be able to clean up the mess.

[o_mescalito]

With all browsers?

[o_|404|innoc-tpf-]

Quote:

Originally Posted by Mescalito

With all browsers?

The focus for malware has traditionally been IE but there have been periodic vulnerabilities for most applications out there. I think the alternate browsers have traditionally had a better track record for patching their vulnerabilities faster.

Unfortunately Internet Access is not as simplistic as running a DVD movie in a home player though many companies have tried to make it that easy. The fact is there are bad guys out there out to get you and educating yourself on safe practices will go a long way towards protecting yourself.

[o_jinx]

Quote:

Originally Posted by Mescalito

With all browsers?

Most of us agree on two things:

a) Firefox seems to be a bit more secure (or less targeted at least)
b) Using Firefox is no replacement for using your brain.

And some like Travis have good luck with IE, making b) the most important thing.

Plus, there are plenty of other ways you can get malware. For example, opening an email attachment or downloading and installing malicious software.

What really pisses me off is that the worst malware seems to be from companies, not hackers (adware/spyware/drm). It's total bullshit that there's all this legislation to protect companies' rights (Digital Millennium Copyright Act etc.), but very little to protect consumers'.

I think that a person's pc needs to be seen as a private space, just like their apartment, home, etc. In other words, putting spyware or adware on someone's PC should be just as offensive as putting a secret camera in their bathroom, or spraypainting ads on their walls.

I really really really would love to see some hackers etc. targeting these companies' websites etc. Do something positive with your skills, people!

[o_puppychow]

ah, but i possess one technique that trumps all maleware! the reformat!

so very sad...

[o_puppychow]

then again i assume its only a matter of time before maleware can do structural damage..

[o_mescalito]

Dunno only had serious problem with spyware ones or twice (like browser hijacking n shit) long time ago..
Maybe i should try to browse other sites then FF too

[o_|404|innoc-tpf-]

Quote:

Originally Posted by puppychow

ah, but i possess one technique that trumps all maleware! the reformat!

so very sad...

Actually that's what the MS Security Program Manager said....reformat. I think he said, specifically, "Nuke it from Orbit".

As far as damaging hardware goes there are things that malware can do that might cause that but it's more indirect. Causing excessive hard drive read/writes might force a failing drive over the edge....weak cooling on a CPU might be exploited with excessive CPU load. With so many devices capable of having their firmware reflashed it's possible to do that I suppose but it's very device specific.

Most malware authors are not trying to destroy your PC/OS. Frequently what they try to do is allow your computer to become part of a stealth network for relaying spam, stealing information (identity theft), performing Distributed Denial of Service attacks or other things that are useful to them.

[o_jinx]

Hell yeah, New York is suing a spyware/adware company

Now that's something we need more of.