Security essentials is ok and doesn't spam you, but it's just ok.
Security Essentials used to be just ok. Over the past year or so, it's turned into the most useless piece of crap I've ever seen. I used to recommend it as a free option for some people, but lately I've been ripping it out of every machine I see it on, in the same way I used to do with Norton a few years back.
You don't need no brakes on your car to study what happens to some other guy when they crash their car.
Similarly, I don't need antivirus on my computer to reverse engineer the infected files I pulled from a client machine; which, incidentally, their antivirus said was clean, and I found them manually. (But wait! How did you find them without the antivirus telling you that they were infected?! That's unpossible!!! <head explodes>)
Don't forget checking the state tables on your router every once in a while.
Oh...that's right; most routers don't actually let you see that information. You have to be running something actually, you know, useful. Like pfSense.
Hardy har har. I'm pretty sure you were trying to be funny.
But, just in case you, or any of the other similar comments were actually being serious:
Maybe that actually meant "don't run anything resembling antivirus software," since, you know, that's what the thread and the article are all about.....
Well, once I sorted out your bizarre punctuation and capitalization, I realized I agree with you.
Every one of my computers has Sandboxie installed. It's one of the tools I used when analyzing malware, when I want to see exactly what it does to the machine.
I don't execute virus files on my work computer. That would be stupid. I decompile/reverse engineer/etc them.
I have a separate computer that I use if I need to actively infect one. It's not a VM (for the exact reason that some posters have already given) but I do have a Clonezilla image of it, so I can quickly wipe/reinstall after analyzing the infection.
AC: "I'm a fucking idiot, and have no idea how to tell if a computer's infected without big scary warnings from my antivirus software, therefore everybody else is exactly the same."
Never mind the fact that if nobody could detect an infection without a/v software, then it would be impossible to ever add new viruses to the definitions of any antivirus software; meaning, of course, that all antivirus software would have a precisely zero detection rate, and therefore would be completely useless. So, even if you're right, then you're still wrong.
That would be "in before somebody says 'don't run Windows'".
Having said that, I've run Windows (among other things) for years, and haven't run anti-virus in over a decade for two reasons:
- it's more trouble than it's worth when you know what you're doing,
- it's hard to do any kind of virus research at all when you've got antivirus trying to delete every infected file you're examining.
In the time I've not run a/v, I've never had an infection. (I never had an infection before that, either, but that's beside the point.)
I use Comodo Endpoint Security on the kids' computer, and the HTPC, but my main Windows desktop hasn't had it for years, and won't have it for the foreseeable future, either.
All my Linux machines, of course, don't run anything, except for my mail server, which has ClamAV on it, just to scan attachments.
Bullshit. Most (all?) of the Northern hemisphere had the most brutal winter we've had in decades. We broke cold temperature records that were 100 years old or more. Then, on top of that, summer basically never happened. We didn't actually get to normal summer temperatures until September, and there were reports of similarly cool June, July and August temperatures from far afield.
So for 2014 to be a record hot year, I have to ask: where the fuck was it actually hot? Unless all the land in the southern hemisphere was actually on fire, this claim seems to be a flat out lie.
You can see this whole list of tor nodes here: https://torstatus.blutmagie.de...
All Lizard nodes resolve to *.bc.googleusercontent.com
That's not the whole list. I've been running a node for years, and it's not listed on that page.
Times are changing, nowadays you can commit crimes without even going out of your house, real-time encrypted communication with your whole gang.
When has this not been true? Invite a bunch of neighbours over with some balloons tied to the front porch, and a sign up that says "Happy Birthday Son!"
Then, sit in the kitchen talking about your plans to blow up some local municipal building, while some co-conspirator dresses as a clown and entertains the kiddies in the front room that you can see through the window from the street. (Ok, so you probably had to leave the house to buy the balloons, but still.)
Police methods and laws need to keep up with the technology and their use by criminals.
Provide evidence to a judge, receive a warrant. That's the process. Period. As technology progresses, the types of evidence you can present to a judge also progress. That right there is now they keep up with the technology.
Evidence != Conviction.
1. You suspect someone of a crime based on some evidence you obtained legally, either by accident,by witnessing something in a public place, by a witness statement, by a confession, or some other method, but regardless, it's without a warrant, but using a method that's legal to obtain evidence without a warrant.
2. Based on this evidence, you obtain one or more warrants and use them to gather more evidence.
3. If the totality of evidence points to a crime being committed, you arrest and charge the target with a crime.
The problem with the NSA/GCHQ, etc, is that they're not following this pattern. Instead, they're doing this:
1. Perform surveillance on everybody without warrants.
2. If you find anything pointing to a crime committed by an individual, then, well, repeat step 1.
If there is an Internet connected switch on the dedicated SCADA network, then it's not air gapped, by definition. Air gapped means there's no wire running from the Internet side to the protected network. Hence, there is an "air gap" in between the two networks.
In Windows the video driver is installed automatically on the fly. All you get is a couple of seconds a blank screen, and you don't even have to exit the desktop.
Err....no. No, it's not. After you've figured out the video chipset manufacturer, been to their website, found the right driver package, downloaded it, double clicked the installer, agreed to the EULA, and clicked next a few times to copy the files to the hard drive.....then, and only then, is the video driver installed automatically on the fly.
That's like saying you've got a self driving car that gets you from home to work automatically, when it fact, you've got a recent Ford that only has parking assist.