"Like the notorious hacker 4Chan, or a high-ranking member of anonymous who owns at least 3 katanas and 2 anime body pillows." I laughed too hard at that.
Installing antivirus on your computer is like setting a beartrap in your living room. You might actually catch something but it's probably not going to be a bear
@@wetoddedd i always make sure I can trust the AV software enough before using it. There are tests you can do to see if it will detect malicious files and such and to check if the real time protection works etc. I must say years ago I removed AVG antivirus from a laptop of mine cuz it performed badly. Good luck!
I hang out in piracy subs and I saw a guy say he installed a crack even though Windows Defender flagged it, blamed WD for making the crack not work so disabled it...proceeded to get spam ads
Yes, but it appears common sense *isn't* common enough. There are just too many technologically illiterate people and if you know someone who can benefit from this knowledge, help them out. :)
@@berkiyo So you're telling me you've never mistyped a url before? Personally I don't run antivirus but that's because most of them are actually spyware. Maybe ClamAV if I feel the need though.
Honestly? Anyone who is decent at coding and knows a thing or two about windows can create a good virus, privilege elevation is super easy and almost everyone clicks "run as admin" after 0.1 seconds of the UAC prompt opening anyway
Microsoft giggles back with months-old patch. Although it'd be nice if their customers were actual people and not useless eaters who are so averse to change that they won't even install security updates.
Bitdefender one time detected an adobe premiere pro update as a rootkit attack through heuristic analysis. For the record, I was running a legit license (student), no cracks or stuff like that. You could say it was a false positive, but I was never able to completely remove Adobe services from my machine. Even when I thought I cleansed everything, a creative clouds error window informed me that my license was expired, well after uninstalling and deleting everything. But it's Adobe, so it's ok to be spied by them I guess?
@@linoxyard Of course it isn't, Entropy would never be 0 or else we would not exist. Linux is a OS that we as a human race decided to create on the principle of being a safe OS for critical system operations. Community support make old hacks useless to up to date system; 0-day hacks are the only worthwhile investment. A hardened system would prevent malware from proliferating or accessing write permissions on read-only files. The only insecure method that is worthwhile is user error, which comes in the form of an improperly configured system or tricking the admin/root user to grant full permissions. Improperly configured systems are mostly daily drivers as the users are focused on accessibility and function vs reliability and security. Making a hardened system isn't easy and air gapping will only take you so far. Windows and MacOS will never be secure, which is why antiviruses were created, to add another layer above the OS to prevent complete access to all the files/resources. Even then, Intel ME or AMD PSP have the highest level of access to your hardware above your system kernel and malware-like antivirus and UEFI/BIOS boot OS. If someone found a hack for either ME or PSP then technically all systems will become vulnerable as that is breaking the trust chain that your system has. Your right, that is why people call antiviruses malware-like. Antiviruses add another layer of privilege over the Kernel, which is breaking the chain of trust, which all malware do. Intel ME and AMD PSP are the layer of privilege that all malware wish to be, but since they can't atm, they settle for second best, right below ME and PSP.
reason why I use antivirus: can't trust myself from not doing something stupid. I know you guys understand, when you're not supposed to do it, but you still do. that's why we have insurance
@@eduardorpg3329 although rare, there's malware that could "escape" from the VM and infect your physical machine, that remains a good practice of precaution though
The way i see it, antivirus is a backup, but your main method of protection is yourself, similar to IRL you dont go charging into viruses IRL and letting your immune system take care of it, you take measures not to get infected, and if you do, your immune system is the backup
The human body doesn't have an immune system, it has a detox system. Also, germs and viruses don't cause diseases; the germ theory of disease has already been proven incorrect
Technically anyone can get malware without any intervention. That's the whole point of 0-days found on a variety of platforms. For instance, one reason malware attack simply required the user to receive a tainted message on their iDevice, without the user even noticing that they received the malicious message. I suspect similar things happen on Android, Windows and Ubuntu.
On Ubuntu is a lot more difficult because the fork is pretty heavily protected, but I can guarantee that there have been similar cases for Windows (even though the last one I remember of this genre was for Windows 7)
I suspect there have been cases of malware on popular linux systems... but 0-day ones on new version releases? I feel like on linux it would be a tad harder for that to happen.
This exact thing happened with windows/javascript. People figured out that if you sent a certain string of characters in a Minecraft server’s chat box you could remotely execute code on any machine that received the message (yes I’m not joking)
Honestly dude, when I listen to your videos, I always lay down in bed and close my eyes. You have a perfect clear voice and if you would ever host a podcast or something just talking about these technical subjects or open source related stuff I would love to listen to it.
@@dantesk1836 it made me cringe this is a rather funny document i use amd proccesors BTW so i am dope hacker lol BSD, Lunix, Debian and Mandrake are all versions of an illegal hacker operation system, invented by a Soviet computer hacker named Linyos Torovoltos,
AV is like a fire extinguisher. It doesn't mean you never have to wory about fire/viruses again but if you have one you have a powerful tool that if used can possibly prevent your house/computer from being destroyed.
@@shadesoftime I mean at that point bust out tron-script but it's better to have a lighter tool that doesn't take so long to run for less serious infections.
Best antivirus for windows: * don't use an admin account * use an email client which blocks all images & attachments * use common sense * don't browse random pages * https everywhere
Using Windows not as an admin makes Windows more annoying than it already is. I wish it had a sudo setup like Linux, I know you can make it work like that but it should be like that by default and just because I'm interested in Linux doesn't mean want to ever open regedit. Also what do you kean by random pages? The point of the web is that you can get content super easily. I'd replace that with disable JS by default, that's one of the reasons I like Brave. NoScript has too many toggles frankly.
@@fiddley So what? By default making it so admin accounts can make changes without a password kinda weakens it I'd say. And you can't actually request to elevate privileges in cmd, maybe in Powershell but I haven't checked.
@@SchemingGoldberg Actually, I think it was more like "Antimalware programs could still be good, especially in Windows, it's a lot like carrying a gun in a dangerous neighborhood, but if you're not remaining vigilant you could still fall victm to a sneak attack..."
Would Microsoft hiding file extensions by default be a major contributor to systems getting infected? Without seeing an extension I've seen users happily open executable files obtained from an email no less that they thought were some regular documents.
If you see the file via Windows explorer then one column will tell you the type of file regardless of whether you have extensions hidden, exe files for instance say "Application".
I'm a managed service provider and have been supporting several hundred endpoints (Windows, Mac, and GNU/Linux). In the last 6 years I've been using ESET Endpoint Security and have not had any breach of security. I know endpoint security isn't the only form of protection, so I also use Untangle at the gateway. It's definitely a winning combo in my opinion.
When advertising networks are hijacked and browser vulnerabilities are exploited, most websites become suspicious; the problems aren't as bad as a decade ago, though, and the scourge of malvertising can be controlled by using an ad-blocker supplemented with anti-malware filter-lists, and more extremely by disabling Javascript (there have been drive-by download attacks using bugs in rendering images or webfonts, but those are rare).
I wonder how the feck can you insert malicious code into an image and embed it so it works AS SOON AS a user simply downloads the image (f.e. to the %temp% folder in windows when you're browsing and its downloading all those images on a web page)
@@Juppie902 The key is that whatever software library a browser uses to decode the image (like GIF, JPEG, PNG, WEBP, or even fancier ones like HEIC, JXL, and AVIF) may behave unexpectedly when decoding corrupt images (as an example, usually if a JPEG is corrupt, you just see an oddly colored macroblock, and then the image corresponding to the data after that corruption is displayed as uniformly grey, but that fallback isn't guaranteed); I'm not even sure that un-compressed image formats like BMP are safe.
You forgot to mention all the false positives. Signature is somewhat prone, and Heuristic can be heavily prone. I've had AVs that flag software I've built in Visual Studio from my own source (and I am not in the business of authoring malware)
Lol. Offtopic* story: 1. I deleted cow-it spyware update on my android. 2. I build my game with no google services etc. 3. My phone tells me my game wouldn't work without g-shit update)) .. lol. Chrome says it won't work every time it starts)) I'm getting sms that sms won't work too))
There are some key points that I would like to add here: 1. Antivirus security programs can, will, and do sometimes have false positives, which may require adding exclusions. 2. While all computer viruses are malware or threat programs, not all malware or threat programs are computer viruses. For example, there are also computer worms, Trojan Horses (or simply Trojans), rootkits, and exploit kits. 3. Not all malware always necessarily or inherently require user intervention. One such major notable example is the Code Red computer worm, which didn't require any users to ever do anything at all in order to be/get infected. Instead, rather, this computer worm only ever required users to have active and working Internet and network connections or connectivity and access in order to take advantage of users and infect, propagate, and spread/transmit between computers and their networks.
Thats why i never understood the "just use your brain" bs also my friend 20 years ago used to torrent shit better believe he had a vm and avast (back when avast wasnt shit)
@@Kristibek not really how it works... If you get chromium from trusted sources (official chromium webpage or in linux the official repostlitory of your distro) it's perfectly safe to use. I use it daily w/o any issues.
Another thing is that a lot of stuff that is considered malware for us looks like normal behavior to an OS, I know that grabbing a Discord token is as simple as browsing the filesystem and just regex searching in a cache file..
It's like in that one Ted talk (or whatever it was, it was in German), it was about establishing security in an office environment as the it-guy, "You are the shepherd and they are the sheep, but they are on fire and click everywhere"
"A computer worm is a type of malware that spreads copies of itself from computer to computer. A worm can replicate itself without any human interaction". So you do not have to open programs to get malware
Don’t know if this is possible, but someone should design antivirus software that baits the virus while it’s in the virtual machine by putting up fake specs that the malware detects as a real system, and as soon as it attempts to run the antivirus software catches it and deletes it. Seeing as I, a simpleton, had this thought I’m assuming someone has already designed such software. Edit: if this software does not exist, someone with coding/programming experience please steal this idea and make millions. Please lol
I don't actively use antivirus, I just have malewarebytes installed but not really open unless I'm installing something possibly sketchy, in which case ill just scan that one file and then close up the program until next time, since I don't really need one unless I have a reason to believe I might be installing a virus, and even then a decent enough virus might not even be detected.
i got a trojan virus once, i deleted it the next day but i think it stole my Origin informstion because it told me someome was using the account and i got banned in Apex legends
Me: Antivirus, look, this is a folder I forbid you to check, quarantine or prevent me from running programs in it. I am fully aware this is the sketchiest software you can get on the internet (“driver packs” when you need to get some obscure outdated driver) but I know better if I want it to run or not. Antivirus: (bugs bunny meme) No Who's surprised that a piece of software with higher privileges than the user ignores the user.
This is why I consider Linux and the BSDs the only operating systems that are considered ethical. Even Stallman understands that UNIX-based systems are less vulnerable and do not demand antivirus protections.
Things are moving in direction of detecting suspicious behavior regardless of the binaries involved, like Outlook executing a powershell script. At least with corporate software.
Yknow there are more than enough malicious programs that run in the background and are just spreading itself or something else with garbage you pass around.
I actually got a trojan recently a few days ago as i'm typing this, and windows explorers was kind of weird when resizing, and my idea was that it was a trojan, and i got to avast and every antivirus and i put all of them to work, and it was put to sleep and after like a few hours later, or a reset later it worked like nothing ever happened.
I do understand how one can quarantine a file, but I really don't understand how an unquarantined file can replicate or, in general, do anything at all?! Files are not processes. Isolating files is curing the symptoms, without dealing with the cause.
i haven't run personal antivirus since 2005. Other admins tell me I'm foolish, but I've never downloaded a virus. They are really easy to avoid if you know what to look for.
No. While it's important to watch out for dirty downloads and other ways viruses can infect your system antivirus software is the best way to remove the viruses if you get any. Trying to catch the virus on your system on your own is impossible unless your watching every file it changes or latches to.
@Kartoffelbrei yeah thats the thing, any antivirus you may use is entirely useless against fresh viruses. I remember something like that happening for me as well, if I remember correctly secure mode on windows was enough to remove it.
Meanwhile I disabled defender along with UAC where I run as admin everything and firewall because my laptop is terrible so terrible that it can't play 720p RU-vid videos and every megabyte counts.
@@deltaoscaruniform1316 if there's a cd drive you can use puppy linux which is fairly lightweight and the whole thing loads into ram so no need to use the hard disk if you don't want to
@@egg5474 the usb 3.0 port in my laptop is rekt and 2.0 usb is pain in the ass in the 2gb laptop of mine. Even two tabs freezes the pc for half a hour. I wanted to partition the laptop but hdd is super small and keeps clicking
when you're pirating stuff or running various github scripts you're always prone to viruses, keep that in mind. triple vigilance when doing that type of stuff.
based detection is no detection just use a firewall thats open source and will stop something from being ran and tell you what its trying to accses best way of not getting infected is by not giving a random file from a shady website full accses to your cumputer
And whenever you log onto Firefox it’ll tell you you have 13 viruses IF the antivirus has expired. It still has access to the permissions so it may tell me to renew the antivirus.
