Running Antivirus thinking you will be safe......Madness!!!

[Guest]

[Melih]

Do you really think you will be safe if you run an antivirus program?

If you do, then you are MAD, MAD, MAD!!!!

Melih

[Endymion]

Then which is safer between Comodo Internet Security V4 (no-optout install-time config) and Comodo Firewall V4 with Proactive configuration (user chosen install-time optin) ?

[Melih]

Depending on the threat model..both are safe enough.. but you can always go deeper in protection if you are to manually configure it. Of course there is a fine line between highest security and usability where the ROI stops paying off.

However, you do raise an important issue and does deserve its own topic (it will also keep this thread on topic).

thank you

Melih

[Endymion]

Thanks for the reply.

It was not my intention to raise an issue but rather having a chance to acknowledge the rationale behind the two packaging approaches I mentioned.

[Melih]

Thanks for the reply.

It was not my intention to raise an issue but rather having a chance to acknowledge the rationale behind the two packaging approaches I mentioned.

np

We want to give the flexibility to our expert users, while still enabling our novice users with high security. Hence the configurability.

thanks
melih

[Chiron]

Do you really think you will be safe if you run an antivirus program?

If you do, then you are MAD, MAD, MAD!!!!

Melih

yes (I hope I'm not understating it)

[brucine]

The question is what Melih meant with his declaration, knowing he is the editor of a security suite including antivirus, firewall, hips (and now sandbox).

That whatever antivirus is enough? Or that he is aware that Comodo's one is said from reviews to be not that good?

That an antivirus+firewall+hips+sandbox is enough?

Well, maybe still not: everyone says that the best internet security is between the ears of the user, but Comodo or anyone else doesn't provide, free or paid, brains, does it?

And even assuming, it is a very subjective matter, that one has not "brains", but at least a secured internet behavior, shall he be sure not to be infected some day or another by some rogue or rootkit?

The question not of antivirus itself, it of course fails because it generally monitors, if ever it does, what HAS already been downloaded and installed, but of "total security" remains to be answered, particularly if people want to rely on a "ready to use" package asking them no interaction, whereas these same people's hardware and software configurations and usages can be very different.

In this regard, Mister the C.E.O., i shall at the day speaking continue to use CIS V3 in customized mode so i am asked of whatever the firewall and defense propose, in order for me, and even if i can mistake myself, to be the only one to decide, and never rely on whatever antivirus altough i actually have one installed (not yours) for merely cosmetic purposes.

[Chiron]

I think Melih meant that an AV was not enough security. Zero day threats are a huge problem that a traditional AV CANNOT conquer.

I can only assume Melih was implying that a HIPS is now a necessary addition to your security. Of course making good decisions is paramount to safety, but a HIPS also assists in that area.

And even assuming, it is a very subjective matter, that one has not "brains", but at least a secured internet behavior, shall he be sure not to be infected some day or another by some rogue or rootkit?

I do like this point. It is for this reason that an AV will always be a necessary layer of protection. I don't believe that there will ever be a security perfect enough to always protect a user from himself, but the idea is to limit the chances of infection.

i can mistake myself, to be the only one to decide, and never rely on whatever antivirus altough i actually have one installed (not yours) for merely cosmetic purposes.

Also, I'm not sure I understand what you mean that you are using an AV for merely cosmetic purposes.

[brucine]

An AV doesn't protect you against anything but some aspects of the user's behavior, for at least 2 reasons:

-a "new" virus, if not detected by heuristic characteristics, has the time to spread 10 times around the world before any editor has the time to upload a patch.

-it does not either protect you against malicious website scripting (active x, javascript...) and more generally against "deliberate clicking" (rogues, rootkits....).

So, yes, it should protect you against mail attachments and double extensions, but this does only assume that some people dumb enough to be infected by mail attachments still exist.

p2p, warez and porn is another story, but that is another story: when you play poker, you must sometimes be ready to lose...

I never run whatever without a firewall, but i stayed many years without any AV and only got infected twice in more then ten years (because, at that time, i liked to play, altough not very often, with warez download).

I installed an AV because everyone tells it should be done so, and the last one (avira) only because i was puzzled by some comment in this same forum telling it should not work with CIS (it actually does).

But i still don't believe, if proper and simple behavior and security measures are applied (mail, windows services, disabling scripting, not using warez, porn, p2p, im, be careful when and where clicking...) that virus (excepting, again, rogues and rootkits toward which they are totally unefficient) are a sufficient threat to deserve an AV to be installed.

[SS26]

In theory, "novice" user should force him|her -self to study subject X, subject Y, learn how to use software firewall (w outbound protection), behaviour blocker, hips etc. AND implement decent security on his/her system.
OR technician who install OS should setup decent security on machine AND after that educate customer how to use his/her perfectly safe system.

In real life people who install/configure systems for customers use AVs ONLY because ONLY AVs provide "zero-touch" operation once they are set up.  

"In theory, practice and theory are the same thing. In practice, however ........" (c) panic (Ewen)



Problem is not "Current AV industry deceives users" in terms "system would be safe if you will use OUR Antivirus".  They (users) would have found out related "unmasking" facts if they would have made an effort.  People may not bother on this case because:
- AV company/industry ("professionals") is trustwothy and all it tells is the Truth;
- why bother because of nothing when one has much more severe problems in real life;
- "malware is not a serious threat"
etc

Maybe here is how slogan "i'm safe because i use AV" lives and blossom.

[Jim__]

The use of an AV product has the potential to do harm in two ways.
1. The naive user has a false sense of security or invincibility because they assume the AV product will protect them against all threats and thus the user doesn't need to be particularly careful about what they do.
2. The AV product itself harms the system because a FP results in quarantining critical system files (this happened to some people over the past weekend).

So is an AV useless? No, it is a component of "a layered approach". CIS wouldn't include an AV component if it didn't provide some benefit.

[Peter1977]

Hi. I am new, in this community. Can someone help me how to put on a topic, on the message board.

I have a message for the developers of comodo.

I would be happy, if you could let comodo update its virusdatabase automatically, like Avarsti antivirus does.
And it would be great, if you enter an option, in schedule scans, so it could be managed to scan, every two weeks, and also the option to scan every month instead.  AVG antivirus has this option.

I wish you all. Oh happy day!

[MagusBR]

Peter1977,

- The virusdatabase IS automatically updated.
- Double-click Comodo's systray icon -> AntiVirus -> Scheduled Scans. This wasn't hard, was it? 

[bequick]

Do you really think you will be safe if you run an antivirus program?

If you do, then you are MAD, MAD, MAD!!!!

Melih

Nope, but I can run GesWall and will be completely sure that my PC is clean.

[Peter1977]

Ok! Thank you, for your answer MagusBR.

But still, the Comodo only has the option, setting a schedulled scan weekly.
I would prefer a scan once a month. (Monthly)

Best regards Peter

[Tags:]