What's your virus/security procedure?

"Please leave a message at the beep, we will get back to you when your support contract expires."

Moderators: phlip, Moderators General, Prelates

User avatar
King Author
Posts: 736
Joined: Sun Apr 12, 2009 12:30 pm UTC
Location: Pennsylvania, USA

What's your virus/security procedure?

Postby King Author » Tue Jul 28, 2015 3:56 pm UTC

I don't have any antivirus software on my old XP netbook I use for random web surfing.

It's fine 'cause I don't have any sensitive files on the disk, I don't log into anything personal or sensitive on the web, and I'm on Wifi so I'm not vulnerable to direct attack unless someone's physically close enough to pick up my Wifi signal, and I'm not too worried about that.

However, just for the sake of it, I wanna try running some stuff, see what it finds, if anything.

What free, XP-compatible software would you recommend?
I have signitures disabled. If you do, too...you can't read this, so nevermind >_>

User avatar
WanderingLinguist
Posts: 237
Joined: Tue May 22, 2012 5:14 pm UTC
Location: Seoul
Contact:

Re: What's your virus/security procedure?

Postby WanderingLinguist » Wed Jul 29, 2015 6:36 am UTC

To be honest, my security procedure for XP is not running XP.

Seriously, XP is very old and support has officially ended; there will be no more security updates (haven't been any for a year now). So connecting an XP system to the internet is pretty much at-your-own-risk. As time goes by and more un-patched vulnerabilities come to light, it will become more and more risky. It will become less a matter of if the system will be compromised and more a matter of how quickly.

XP aside, my security procedure is basically:
1) Staying up to date on all the latest patches as soon as they come out (I generally try to update the day patches come out; I don't use the "postpone" button if I can avoid it)
2) Only installing software from known reputable sources

Problem is, #1 is no longer an option on XP...

User avatar
King Author
Posts: 736
Joined: Sun Apr 12, 2009 12:30 pm UTC
Location: Pennsylvania, USA

Re: What's your virus/security procedure?

Postby King Author » Wed Jul 29, 2015 10:15 am UTC

-_-
*siggggn*

How did I know that was gonna be the response? Like, 90% of my tech problems receive utterly unhelpful "do something different" responses first-off.

"I'm learning BASIC -- how do I jump back to the main code path after GOTOing somewhere else?"
"Lol, first off don't use GOTO, second of don't use BASIC, lololol."
"..............."

"GOM Player won't play certain codecs of FLV right for me. It plays them at double speed. Any help?"
"Yeah, don't use GOM Player, VLC is so much better."

Can you not see how unhelpful and jerk-y that is? I can understand offering an opinion alongside the requested information...

"Well, BASIC is a pretty cruddy language and you should think about converting to such-and-such, but anyway, what you do is..."
"Go into Settings and change blah-de-blah, that should work. VLC is better than GOM, though, you won't run into these kinda problems."

...but what's the point of purposefully being unhelpful? Seriously, I want you to answer me, WanderingLinguist -- what specific thought process went through your head that lead to you making that post?

(I'll look elsewhere for help, since I'm clearly not gonna get it here, but at this point I just wanna know why you thought being an asshole was a great idea.)
I have signitures disabled. If you do, too...you can't read this, so nevermind >_>

User avatar
Quercus
Posts: 1757
Joined: Thu Sep 19, 2013 12:22 pm UTC
Location: London, UK
Contact:

Re: What's your virus/security procedure?

Postby Quercus » Wed Jul 29, 2015 10:34 am UTC

I use avast free version on my windows 7 box, which seems to do pretty well in the tests that I've seen. They have pledged to support xp till at least 2017, so that might work for you*. Malwarebytes also claims to have xp support, and seems to be lots of peoples go to choice for standalone scanning, or if they suspect they might already have an infection (I've never used it as I tend to just reinstall windows if anything makes me suspicious).

I do agree with WanderingLinguist that it's simply not possible to run a copy of Windows XP securely any more. Antivirus is very much a secondary security measure after updating religiously and sticking to trusted software, not opening files of untrusted origin etc. As you state that you don't particularly mind if this PC is compromised however, I guess that doesn't matter.

I suppose one could argue that it's a bit irresponsible to knowingly run an insecure internet-connected machine that will probably become part of one or more illegal botnets, but I guess that there are so many insecure machines out there that one more doesn't make much difference.

*By work I mean "run and possibly pick up some malware", not "make XP secure". Nothing can do that.

User avatar
Dthen
Still hasn't told us what comes after D
Posts: 553
Joined: Sat Jan 02, 2010 6:35 pm UTC
Location: Ayrshire, Scotland

Re: What's your virus/security procedure?

Postby Dthen » Wed Jul 29, 2015 11:44 am UTC

WanderingLinguist isn't deliberately being mean. XP genuinely is a terrible, unsupported security risk these days. It looks to me like you overreacted considering the thread question is "What's your virus/security procedure?" and not "What should my virus/security procedure be?".

That said, I know from other threads your well-considered reasons for still using it and I won't criticise you for it.
If you're just curious as to what running a scan may turn up, I suggest you run a scan using the free version of MalwareBytes. It seems to be the best at finding and removing malware.
Dthen wrote:I AM NOT A CAT.

User avatar
Izawwlgood
WINNING
Posts: 18686
Joined: Mon Nov 19, 2007 3:55 pm UTC
Location: There may be lovelier lovelies...

Re: What's your virus/security procedure?

Postby Izawwlgood » Wed Jul 29, 2015 11:57 am UTC

I saw this post yesterday, and knew you'd respond this way.

You: "Every time I jam a fork into this electrical outlet, I get shocked! Can someone tell me what fork I should use to not get shocked?"

Everyone else: "Uh, you shouldn't jam forks into electrical outlets"

You: "Siiiiiiiiiiiiiiiiiiiiigh. This is unhelpful why would you possibly be this unhelpful?"
... with gigantic melancholies and gigantic mirth, to tread the jeweled thrones of the Earth under his sandalled feet.

User avatar
Echo244
Posts: 511
Joined: Wed May 20, 2015 9:49 am UTC
Location: Ping! Ping! Ping! Ping!

Re: What's your virus/security procedure?

Postby Echo244 » Wed Jul 29, 2015 12:05 pm UTC

I too have an old laptop, running XP, used as a media toaster and occasional net surfing when I don't want to be at my home desk.

It will always be insecure.

It has no details on I care about - not even my name.

I've got a free antivirus on that still supports XP.

I run trusted programs from trusted sources only.

I won't particularly care if I lose it, or any of the data.

When I'm not browsing, I pull out the network cable.

It's not perfectly secure, but mneh. If I really cared, I'd install a free, up-to-date, secure OS/antivirus and get it up and running with that, but I wouldn't call that fun, these days. The laptop does what I want it to, the risks and consequences of <Bad Thing> are low, it's not worth doing more than that.
Unstoppable force of nature. That means she/her/hers.
Has committed an act of treason.

User avatar
ahammel
My Little Cabbage
Posts: 2135
Joined: Mon Jan 30, 2012 12:46 am UTC
Location: Vancouver BC
Contact:

Re: What's your virus/security procedure?

Postby ahammel » Wed Jul 29, 2015 2:25 pm UTC

The effectiveness of of AV software these days is questionable.
He/Him/His/Alex
God damn these electric sex pants!

User avatar
Quercus
Posts: 1757
Joined: Thu Sep 19, 2013 12:22 pm UTC
Location: London, UK
Contact:

Re: What's your virus/security procedure?

Postby Quercus » Wed Jul 29, 2015 2:37 pm UTC

ahammel wrote:The effectiveness of of AV software these days is questionable.


Even as a strictly supplementary security measure? I debated ditching AV, but in the end I concluded that even if it's only marginally effective then the small amount of overhead is worth it for me, given that it's basically unnoticeable on my PC. I'm very careful to avoid falling into the trap of relaxing my other security habits as a result of having AV.

Although if I ever had performance issues with my PC, AV would be among the first things to go.

User avatar
Dthen
Still hasn't told us what comes after D
Posts: 553
Joined: Sat Jan 02, 2010 6:35 pm UTC
Location: Ayrshire, Scotland

Re: What's your virus/security procedure?

Postby Dthen » Wed Jul 29, 2015 2:50 pm UTC

ahammel wrote:The effectiveness of of AV software these days is questionable.


Eh, Symantec make Norton, so I'm disinclined to trust or believe anything they say.
Dthen wrote:I AM NOT A CAT.

User avatar
Izawwlgood
WINNING
Posts: 18686
Joined: Mon Nov 19, 2007 3:55 pm UTC
Location: There may be lovelier lovelies...

Re: What's your virus/security procedure?

Postby Izawwlgood » Wed Jul 29, 2015 2:52 pm UTC

I think it was Norton that warned me it had found itself as malicious activity.

So... Good job Norton?
... with gigantic melancholies and gigantic mirth, to tread the jeweled thrones of the Earth under his sandalled feet.

User avatar
Quercus
Posts: 1757
Joined: Thu Sep 19, 2013 12:22 pm UTC
Location: London, UK
Contact:

Re: What's your virus/security procedure?

Postby Quercus » Wed Jul 29, 2015 3:08 pm UTC

At least it's honest

User avatar
SecondTalon
SexyTalon
Posts: 26293
Joined: Sat May 05, 2007 2:10 pm UTC
Location: Louisville, Kentucky, USA, Mars. HA!
Contact:

Re: What's your virus/security procedure?

Postby SecondTalon » Wed Jul 29, 2015 3:34 pm UTC

I disagree with Izzy's analogy.

I think a better one would be

KA "I like to store my oily rags and open containers of kerosene and gasoline in this poorly ventilated wooden shed with large southern facing concave windows."

Everyone "That's a terrible idea"

KA "Whatever"

*later*

KA "So, I'm just curious as to how effective these sprinkler systems are, and want to have one installed in my poorly ventilated wooden shed to see if it goes off. I'm pretty sure it's fine, but honestly, it's kinda hard to look directly at it, due to the intense glowing from some unidentified chemical reaction producing a glow as well as heat and smoke. Anyway, anyone able to recommend a good installation company?"


Because, seriously, that laptop is in a botnet. It's got the malwares and the spywares and the everything.

...

But yeah, Avast or AVG and mbam. Run those, maybe run copy of spybot search and destroy too. All those are freeware for private use and, if you can't find a current version that works on XP, you should be able to find a prior XP friendly version on OldVersion
heuristically_alone wrote:I want to write a DnD campaign and play it by myself and DM it myself.
heuristically_alone wrote:I have been informed that this is called writing a book.

User avatar
WanderingLinguist
Posts: 237
Joined: Tue May 22, 2012 5:14 pm UTC
Location: Seoul
Contact:

Re: What's your virus/security procedure?

Postby WanderingLinguist » Thu Jul 30, 2015 4:50 am UTC

King Author wrote:-_-
Can you not see how unhelpful and jerk-y that is? I can understand offering an opinion alongside the requested information...


I honestly wasn't trying to be a jerk.

I really don't think there's a way to do what you want to do. Back in the day, I'd have said "just don't open any suspicious e-mail attachments". But really, as the number of known vulnerabilities in XP grows, there will probably come a day when it's "don't use a web browser" and then maybe someday "don't connect it the internet" or "don't plug in anything on USB".

Seriously, any software that is no longer being maintained (that no longer gets regular updates and security patches) is going to be a security risk. The more popular the software is, the more widespread the usage, the more of a target it will be. XP is a pretty big target.

Just to give you an idea of some vulnerabilities that Microsoft has patched in the past: Ability to run arbitrary code when opening a JPEG image (read: visiting a web page). Ability to run arbitrary code when displaying text in a TrueType font (web pages can embed TrueType fonts, so...same thing). Now, these are patched vulnerabilities, so you don't need to worry about them. But Windows is large and complex; the change of more similar vulnerabilities coming to light in the future is nearly 100%. It will happen, and they won't get patched. And no matter what anti-virus software you have, it won't be safe to connect to the Internet.

It's technically possible someone could make some kind of firewall that protects your otherwise-vulnerable XP system from exploits before they reach it, but I've not heard of such a thing, and it doesn't seem like it would be worth the effort: Such a system would require constant updating and cost money. When you can just upgrade to a newer, supported version of Windows, there doesn't seem much motivation for a company to develop that kind of solution.

I'm not trying to be a jerk; I really seriously think keeping an XP system connected to the internet is a very bad idea and very risky.

Edit:
SecondTalon wrote: But yeah, Avast or AVG and mbam. Run those, maybe run copy of spybot search and destroy too. All those are freeware for private use and, if you can't find a current version that works on XP, you should be able to find a prior XP friendly version on OldVersion

Thing is, it's unlikely these are being actively updated for new vulnerabilities discovered in XP (especially stuff from OldVersion, for obvious reasons), so as time goes on they really won't protect you much.

Edit 2:
King Author wrote:(I'll look elsewhere for help, since I'm clearly not gonna get it here, but at this point I just wanna know why you thought being an asshole was a great idea.)

Hmm, somehow missed this one on the first read through. I wasn't being an asshole, although I see how the way I phrased it could've been taken that way. Let me rephrase: There is no safe way to use Windows XP. My thought process for trying to dissuade you from using Windows XP would be similar to my though process for trying to dissuade someone from driving drunk: It's dangerous behavior. You have to assume there could be a keylogger sending everything you type instantly to someone with malicious intent. Even if you don't using the computer for anything sensitive, it's really incredible how much personal information you can reveal indirectly. And there's no way to secure yourself against that any more.

Okay, okay, my practical advice for using XP safely: No internet. Without any connection to the outside world, it's relatively safe. Relatively.

User avatar
PM 2Ring
Posts: 3652
Joined: Mon Jan 26, 2009 3:19 pm UTC
Location: Mid north coast, NSW, Australia

Re: What's your virus/security procedure?

Postby PM 2Ring » Thu Jul 30, 2015 7:39 am UTC

FWIW, I have XP on this machine for those very rare occasions when I need Windows, but since XP was discontinued I turn off my ADSL modem before booting into XP.

Another useful anti-malware program that still works on XP is AdwCleaner - it can occasionally find things that MBAM misses. Obviously, I don't need it for this machine, but I was impressed with it last Christmas when I was cleaning up my sister's badly infected Win 7 box.

User avatar
Shro
science genius girl
Posts: 2139
Joined: Fri Feb 16, 2007 12:31 am UTC
Location: im in ur heartz, stealin ur luv.
Contact:

Re: What's your virus/security procedure?

Postby Shro » Thu Jul 30, 2015 6:51 pm UTC

Not only do you haven't to worry about being under direct attack with your information stolen, you have to worry about the botnet angle; your computer could be used to send out spam, execute DDoS attacks, etc. To expand on SecondTalon's analogy, not only are you storing oily rags and kerosene in a poorly ventilated wooden shed, your wooden shed happens to be next to a lot of other building that could be effected if you don't stop what you're doing. Your computer is insecure, you don't care it's insecure, fine. But you need to know that your decisions effect other computing users as well. This is why people are telling you to not use XP, not because they're out to get you, or trying to be jerks, but they know their stuff, and want to make sure the internet is secured for everybody. If you didn't want opinions about this, maybe you should have put in your OP "No, I'm not switching from XP. Don't recommend that I switch from XP", then people would have had an idea that you want to know how to make XP secure, instead of just having a secure PC. Because the amount of time and effort that it will take to make an XP PC secure is absolutely mind boggling - people know this, and instead of trying to get you to do things you might not be comfortable with as a computing user (registry hacks are no fun), the recommendations were based on the easiest course of action for a normal computing user standpoint.

That being said, Here are some things you can do if you absolutely have to have XP:

1) Make sure you never run as administrator
2) If you do get an anti-virus, make sure it's definitions are also up to date - you only have about two years before anti-virus makers stop providing definitions for XP computers
3) Make sure you're running the most current versions of any software
4) You can try a certain registry hack to keep getting updates because Microsoft is still supporting XP for ATMs and POSs and such
5) Use an up-to-date web browser
6) Microsoft has this tool: https://technet.microsoft.com/en-US/security/jj653751. You need SP 3 for version 4.1
7) Don't use Office 2003 or earlier.
8) Update your device drivers
9) NEVER USE INTERNET EXPLORER
10) Turn off autorun
11) Turn on Data Execution Prevention Protection for all applications
12) Consider upgrading and virtualizing XP
13) Make a reinstall disk with XP with SP3 so you can get a clean install quickly
argyl3: My idea of being a rebel is splitting infinitives.
Alisto: Rebel without a clause?

I made this thing:
www.justthetipcalculator.com

cphite
Posts: 1296
Joined: Wed Mar 30, 2011 5:27 pm UTC

Re: What's your virus/security procedure?

Postby cphite » Fri Jul 31, 2015 4:11 pm UTC

King Author wrote:I don't have any antivirus software on my old XP netbook I use for random web surfing.

It's fine 'cause I don't have any sensitive files on the disk, I don't log into anything personal or sensitive on the web, and I'm on Wifi so I'm not vulnerable to direct attack unless someone's physically close enough to pick up my Wifi signal, and I'm not too worried about that.

However, just for the sake of it, I wanna try running some stuff, see what it finds, if anything.

What free, XP-compatible software would you recommend?


I know it seems like this is piling on, but what you (and a lot of other people) don't understand is that XP is an unsupported operating system that is still somewhat popular. Those two things combined are the problem. There are still enough people using XP to make it lucrative to attack XP. And when holes are found there is literally no effort put into plugging them, or in most cases even detecting them.

Now... in your specific case you say you have nothing important on the laptop, and that you don't use the laptop for anything personal. Which is good.

The problem, as others point out, is that viruses these days are not limited to stealing data from the machine they primarily infect. Your machine could be used to send out spam, or to commit denial of service attacks against other people.

And assuming for the sake of argument you don't care if your machine is doing those things... do you have other computers at home? Ones that you do use for personal/financial purposes? If so, those machines could be at risk. It's entirely possible for an infected computer to seek out and access data on machines (other computers, storage devices, etc.) that it can reach on the same network or even on different networks, depending on the level of security.

All of that being said, if you would like to continue using XP and are looking for a decent anti-virus program, here are some things to consider. Firstly, make sure it has heuristic scanning; basically this is the ability to detect "virus-like" activity so that it isn't limited to known threats; this way you're not limited to threats specific to XP that have been identified.

Second, choose one where the developers have committed to continued XP support.... here is a list:
https://www.av-test.org/en/news/news-single-view/the-end-is-nigh-for-windows-xp-these-anti-virus-software-products-will-continue-to-protect-xp-after/

To be perfectly honest, even when running an AV that "supports" XP I would assume that the machine is unsafe for handling any important data. Another thing you might consider, if your router has the ability to offer a "guest" network, use that for the XP machine and keep the other machines on the main (hopefully secured) network. This won't necessarily prevent all attacks; but it'll provide some protection.

User avatar
Izawwlgood
WINNING
Posts: 18686
Joined: Mon Nov 19, 2007 3:55 pm UTC
Location: There may be lovelier lovelies...

Re: What's your virus/security procedure?

Postby Izawwlgood » Fri Jul 31, 2015 4:15 pm UTC

Question for the computer savvy - say I have an old retired laptop that I use for nothing but word processing. Wifi is always disabled, and word documents transferred via USB.

Presuming the computer I print from is kept up to date and secure, is there anything that this isolated old laptop could be exposed to that could be a problem?
... with gigantic melancholies and gigantic mirth, to tread the jeweled thrones of the Earth under his sandalled feet.

User avatar
Thesh
Made to Fuck Dinosaurs
Posts: 6325
Joined: Tue Jan 12, 2010 1:55 am UTC
Location: Colorado

Re: What's your virus/security procedure?

Postby Thesh » Fri Jul 31, 2015 4:23 pm UTC

Summum ius, summa iniuria.

User avatar
Izawwlgood
WINNING
Posts: 18686
Joined: Mon Nov 19, 2007 3:55 pm UTC
Location: There may be lovelier lovelies...

Re: What's your virus/security procedure?

Postby Izawwlgood » Fri Jul 31, 2015 4:36 pm UTC

Right, I understand the old laptop can be infected, but assuming the only source of information flow off the thing is via USB to a secured computer, is that a problem?
... with gigantic melancholies and gigantic mirth, to tread the jeweled thrones of the Earth under his sandalled feet.

User avatar
Thesh
Made to Fuck Dinosaurs
Posts: 6325
Joined: Tue Jan 12, 2010 1:55 am UTC
Location: Colorado

Re: What's your virus/security procedure?

Postby Thesh » Fri Jul 31, 2015 4:39 pm UTC

Your unconnected laptop can be assumed to be as secure as the least secure machine you transfer USB sticks to and from. So if that machine is not infected with anything, your laptop cannot be infected with anything.
Summum ius, summa iniuria.

User avatar
WanderingLinguist
Posts: 237
Joined: Tue May 22, 2012 5:14 pm UTC
Location: Seoul
Contact:

Re: What's your virus/security procedure?

Postby WanderingLinguist » Fri Jul 31, 2015 10:08 pm UTC

Thesh wrote:Your unconnected laptop can be assumed to be as secure as the least secure machine you transfer USB sticks to and from. So if that machine is not infected with anything, your laptop cannot be infected with anything.


Technically speaking, I suppose it could be less secure than that.

For example, suppose you've downloaded a JPEG file on your newer more secure machine. That JPEG file contains data designed to exploit a flaw in the JPEG decoder that either has been patched or doesn't apply on the OS on your newer machine. Your virus/malware detection may not care about it because it's not relevant to the platform. So you don't know it's a problem, and stick the JPEG file in a word document because it suits whatever it is you're writing in that document. Later, take it over to the older machine, where the exploit works and (for example) turns on wi-fi and sends out your data.

It's a bit of a contrived example, and I can't imagine someone making malware like that unless they were specifically targeting you, so it's probably not something to worry about. But technically it could happen.

So I think your rule of thumb is generally correct, but if there's sensitive data or a situation where someone might target you specifically, it might need to be assumed to be less secure.

User avatar
Thesh
Made to Fuck Dinosaurs
Posts: 6325
Joined: Tue Jan 12, 2010 1:55 am UTC
Location: Colorado

Re: What's your virus/security procedure?

Postby Thesh » Fri Jul 31, 2015 10:19 pm UTC

I don't think that is contrived at all, especially when you take word documents and PDFs into account, which could contain macros - these have been exploited many times in the past.
Summum ius, summa iniuria.

User avatar
gmalivuk
GNU Terry Pratchett
Posts: 26533
Joined: Wed Feb 28, 2007 6:02 pm UTC
Location: Here and There
Contact:

Re: What's your virus/security procedure?

Postby gmalivuk » Sat Aug 01, 2015 6:17 pm UTC

I feel like you're still misunderstanding Izawwlgood's question.

The question wasn't whether the unconnected laptop could be infected, but whether that would actually be a problem (in terms of personal data or botnet vulnerability or the like) if the only transfer *off* the laptop was via USB to an up-to-date secured computer.
Unless stated otherwise, I do not care whether a statement, by itself, constitutes a persuasive political argument. I care whether it's true.
---
If this post has math that doesn't work for you, use TeX the World for Firefox or Chrome

(he/him/his)

User avatar
WanderingLinguist
Posts: 237
Joined: Tue May 22, 2012 5:14 pm UTC
Location: Seoul
Contact:

Re: What's your virus/security procedure?

Postby WanderingLinguist » Mon Aug 03, 2015 3:03 am UTC

gmalivuk wrote:I feel like you're still misunderstanding Izawwlgood's question.

The question wasn't whether the unconnected laptop could be infected, but whether that would actually be a problem (in terms of personal data or botnet vulnerability or the like) if the only transfer *off* the laptop was via USB to an up-to-date secured computer.


But if malware could make it on to the laptop somehow, couldn't it theoretically enable wi-fi? In this case the only route would not be via USB any more. Of course, if it's an older laptop with a physical wi-fi switch, this may be a moot point. But if the security is due to disabling wi-fa via software, that could be compromised. (Again, that's in theory; I'm not sure in practice how likely it would be fore someone to build that kind of malware; it seems such a specific application it would most likely be an issue only if you were targeted specifically by someone who knew the setup... so while the setup described may not be perfect, it may be "good enough"...)

User avatar
gmalivuk
GNU Terry Pratchett
Posts: 26533
Joined: Wed Feb 28, 2007 6:02 pm UTC
Location: Here and There
Contact:

Re: What's your virus/security procedure?

Postby gmalivuk » Mon Aug 03, 2015 12:13 pm UTC

No setup is perfect, regardless of operating system. If data can go between the computer and the internet, the computer can be compromised.

But if the only way that's feasible is for someone to specifically attack an unconnected XP computer through USB sticks, it seems like a pretty acceptable risk.
Unless stated otherwise, I do not care whether a statement, by itself, constitutes a persuasive political argument. I care whether it's true.
---
If this post has math that doesn't work for you, use TeX the World for Firefox or Chrome

(he/him/his)

User avatar
Izawwlgood
WINNING
Posts: 18686
Joined: Mon Nov 19, 2007 3:55 pm UTC
Location: There may be lovelier lovelies...

Re: What's your virus/security procedure?

Postby Izawwlgood » Mon Aug 03, 2015 1:16 pm UTC

Are there any examples of malicious code packaging important information for transfer via USB?
... with gigantic melancholies and gigantic mirth, to tread the jeweled thrones of the Earth under his sandalled feet.

User avatar
ahammel
My Little Cabbage
Posts: 2135
Joined: Mon Jan 30, 2012 12:46 am UTC
Location: Vancouver BC
Contact:

Re: What's your virus/security procedure?

Postby ahammel » Mon Aug 03, 2015 2:32 pm UTC

Izawwlgood wrote:Are there any examples of malicious code packaging important information for transfer via USB?

There seems to be the suggestion that the BadUSB vulnerability could be used for that purpose. Not sure anybody has cooked up a proof of concept for it, though.

Slides (PDF)
He/Him/His/Alex
God damn these electric sex pants!

User avatar
Quercus
Posts: 1757
Joined: Thu Sep 19, 2013 12:22 pm UTC
Location: London, UK
Contact:

Re: What's your virus/security procedure?

Postby Quercus » Mon Aug 03, 2015 7:38 pm UTC

https://xkcd.com/694/


Spoiler:
I'm really sorry. I just stumbled across this one and couldn't resist.

User avatar
Jorpho
Posts: 6220
Joined: Wed Dec 12, 2007 5:31 am UTC
Location: Canada

Re: What's your virus/security procedure?

Postby Jorpho » Tue Aug 04, 2015 1:50 pm UTC

I know an unpatched XP installation with no service packs (and maybe even with SP1?) will become magically infected if you just connect it to the Internet and don't do anything. Or at least, that's how it used to be. Would there still be systems out there actively probing IP addresses for ancient vulnerabilities?

Anyway, to the best of my knowledge, XP SP3 with all the patches isn't vulnerable, so I don't see the problem if you're not downloading new programs or using anything but Internet Explorer.

Microsoft Security Essentials for XP is still getting new updates, isn't it? (It's just barely possible to install that without having to "certify" your installation with Microsoft.)

On that note, the first "offline" scanner that comes to mind is Microsoft's Windows Defender Offline. It installs to a bootable USB drive without any fuss, and of course it's free.

User avatar
Echo244
Posts: 511
Joined: Wed May 20, 2015 9:49 am UTC
Location: Ping! Ping! Ping! Ping!

Re: What's your virus/security procedure?

Postby Echo244 » Tue Aug 04, 2015 2:30 pm UTC

This Microsoft Security Essentials?

The product received generally positive reviews praising its user interface, low resource usage and freeware license. It secured AV-TEST certification on October 2009, having demonstrated its ability to eliminate all widely encountered malware. However, it lost the certificate on October 2012, having shown a constant decline in protection and repair scores. In June 2013, MSE achieved the lowest possible protection score, zero


From here it seems they improved since that quote was added to Wikipedia; 0.5/6.0 is now the protection score...
Unstoppable force of nature. That means she/her/hers.
Has committed an act of treason.

User avatar
ahammel
My Little Cabbage
Posts: 2135
Joined: Mon Jan 30, 2012 12:46 am UTC
Location: Vancouver BC
Contact:

Re: What's your virus/security procedure?

Postby ahammel » Tue Aug 04, 2015 4:16 pm UTC

Jorpho wrote:I know an unpatched XP installation with no service packs (and maybe even with SP1?) will become magically infected if you just connect it to the Internet and don't do anything. Or at least, that's how it used to be. Would there still be systems out there actively probing IP addresses for ancient vulnerabilities?
For XP vulnerabilities? Yes, why wouldn't there be?
He/Him/His/Alex
God damn these electric sex pants!

User avatar
gmalivuk
GNU Terry Pratchett
Posts: 26533
Joined: Wed Feb 28, 2007 6:02 pm UTC
Location: Here and There
Contact:

Re: What's your virus/security procedure?

Postby gmalivuk » Tue Aug 04, 2015 5:16 pm UTC

Echo244 wrote:This Microsoft Security Essentials?

The product received generally positive reviews praising its user interface, low resource usage and freeware license. It secured AV-TEST certification on October 2009, having demonstrated its ability to eliminate all widely encountered malware. However, it lost the certificate on October 2012, having shown a constant decline in protection and repair scores. In June 2013, MSE achieved the lowest possible protection score, zero


From here it seems they improved since that quote was added to Wikipedia; 0.5/6.0 is now the protection score...
In any case, MSE stopped updating for XP quite some time ago, which is why I turned off wifi on my XP netbook and just use it as a hard drive at this point (I also have an old ubuntu installation on it, which is also no longer supported but is at least somewhat less likely to have people still actively trying to attack it).
Unless stated otherwise, I do not care whether a statement, by itself, constitutes a persuasive political argument. I care whether it's true.
---
If this post has math that doesn't work for you, use TeX the World for Firefox or Chrome

(he/him/his)

cphite
Posts: 1296
Joined: Wed Mar 30, 2011 5:27 pm UTC

Re: What's your virus/security procedure?

Postby cphite » Tue Aug 04, 2015 5:26 pm UTC

Jorpho wrote:I know an unpatched XP installation with no service packs (and maybe even with SP1?) will become magically infected if you just connect it to the Internet and don't do anything. Or at least, that's how it used to be. Would there still be systems out there actively probing IP addresses for ancient vulnerabilities?


Absolutely. The thing about XP is that it's out of service and still somewhat popular in the business world. Those two things combined make for a huge incentive to find exploits.

Anyway, to the best of my knowledge, XP SP3 with all the patches isn't vulnerable, so I don't see the problem if you're not downloading new programs or using anything but Internet Explorer.


XP SP3 is no longer supported; which means that it is getting no new security updates, and that exploits that are found will not even be officially recognized let alone addressed. In other words, I wouldn't use it without assuming it was vulnerable.

Microsoft Security Essentials for XP is still getting new updates, isn't it? (It's just barely possible to install that without having to "certify" your installation with Microsoft.)


Updates for MSE on XP ended July 14, 2015.


Return to “The Help Desk”

Who is online

Users browsing this forum: No registered users and 4 guests