Traditional antivirus software is useless against military malware

August 6, 2012, 7:13 AM PDT

Takeaway: Antivirus programs are obsolete. In that case, what are we supposed to do? Learn what the security community has to say.

Do not go on the Internet unprotected. If you do, you’ll regret it. Advice like that is common everyday fare. What follows is not:

“What this means is that all of us had missed detecting this malware for two years, or more. That’s a spectacular failure for our company, and for the antivirus industry in general.”

That’s from “Why antivirus companies like mine failed to catch Flame and Stuxnet,” a recent post by Mikko Hypponen, Founder and Chief Research Officer of F-Secure — a significant player when it comes to protecting digital equipment.

Statements like that aren’t normal for Mikko (his TED talk); the well-regarded computer-security guru is typically upbeat about things digital. I contacted Mikko asking if he had any further thoughts:

“Regular antivirus works fine for the regular malware out there. It doesn’t work well against government-funded super-malware. How likely is it you may be targeted by super-malware? I guess it depends on what you’re doing.

Bullet-proof vests and helmets work fine against a street robber who is out to get anyone he can find. They don’t work well against a government assassin who is out to get you and only you. How likely is it that are you may be targeted by a government assassin? I guess that also depends on what you’re doing.”

Mikko is referring to the new family of stealthy malware (military malware and super-malware are names I’ve found) that include Stuxnet, DuQu, and Flame. In gathering facts for this article, I found this was not the first time people questioned traditional antivirus programs.

I’d like to introduce Paul Schmehl, Senior Information Security Analyst at the University of Texas-Dallas. Paul, a fine writer, penned “Past its Prime: Is Antivirus Scanning Obsolete?” for SecurityFocus. The lead paragraph:

“The title and topic of this article is clearly controversial. It is guaranteed to get a strong reaction from the antivirus industry, which is firmly convinced it sees clear sailing ahead. So, is antivirus scanning obsolete? In a word, yes, but don’t throw out your scanner.”

It seems Mikko is not alone and not the first. Paul wrote that 10 years ago.

The final person I’d like to introduce is Bruce Schneier. Bruce is highly regarded when it comes to any kind of security. To see what I mean, check out Bruce’s new book, Liars and Outliers. In 2009, Information Security Magazine carried “Is Antivirus Dead?“, a point/counterpoint discussion between Bruce and Marcus Ranum. Bruce had this to say:

“Yes, antivirus programs have been getting less effective as new viruses are more frequent and existing viruses mutate faster. Yes, antivirus companies are forever playing catch-up, trying to create signatures for new viruses. Yes, signature-based antivirus software won’t protect you when a virus is new, before the signature is added to the detection program. Antivirus is by no means a panacea.”

To be fair, all three feel antivirus applications have their place, but the methodology signature-based antivirus programs subscribe to appears less than adequate.

Playing catch-up

Read More...
http://www.techrepublic.com/blog/security/traditional-antivirus-software-is-useless-against-military-malware/8203?tag=nl.e036

Well... I'm not going to make a silly little snide remark here. Like, Go Linux or Go Home. Because... the kind of Code that they are talking about here. I'm sure, could be and has been written to Penetrate any Operating System...:(

Don

Hot Discussions

News 08-07-12

: iGoogle; Linux Today - MSH Autoresponder 0.8 is now available; MSH Autoresponder; Linux Today - Microsoft mum on reasons for secure boot; Microsoft mum on reasons for secure boot; Linux Today - How to get your Linux feet wet with UNetbootin; How to get your Linux feet wet with UNetbootin | ITworld; NASA reveals Curiosity descent video and new Mars photos - SlashGear; NASA - SlashGear; Search result for Mars+curiosity - SlashGear; NASA - Curiosity's First Color Image of the Martian Landscape; Knock lock balks knock, uses CapSense without shock - Hack a Day; Southwest tour: OhmSpace in Oklahoma City, Oklahoma - Hack a Day; Edison’s Cradle is a bright idea - Hack a Day; How Apple and Amazon Security Flaws Led to My Epic Hacking | Gadget Lab | Wired.com; How to Find Out What is Causing Problems on Your Windows 7 PC; 8 Tons of Kids' Lunch Wraps Recalled Over Listeria; Hospital Chain Inquiry Cited Unnecessary Cardiac Work - NYTimes.com; Wade Page Is Suspected Sikh Temple Killer - NYTimes.com; Curiosity's Descent - YouTube; Replicopy| Custom Printed and Duplicated USB Drives; Weather chasers have IP-video, PoE network built into GMC Yukon - Cabling Installation & Maintenance; How CCTV advancements can help smaller IP video installations - Cabling Installation & Maintenance; PoE-based sensor adds security to wireless access point enclosures - Cabling Installation & Maintenance; Webinar to probe intersection of cabling, IP surveillance systems - Cabling Installation & Maintenance; TranSwitch to sell select telecom patents - Cabling Installation & Maintenance; But Mr. President, you didn't build that; President signs executive order affecting nation's communications networks; [Hacker Dojo] Renovations Kickstarter - Hack a Day; 'Wall of Shame' exposes 21M medical record breaches - Computerworld; Breaches Affecting 500 or More Individuals; Microsoft blocks Windows 8 Start button, boot-to-desktop hacks - Computerworld; Job Search Results on Sologig.com; Traditional antivirus software is useless against military malware | TechRepublic

Dons Deals

Tuesday, 7 August 2012