Never install Antivirus

Discussion in 'PC' started by VroundS, Oct 15, 2020.

  1. Smoove Grooves

    Smoove Grooves Audiosexual

    Joined:
    Jan 26, 2019
    Messages:
    5,184
    Likes Received:
    1,962
    Any legit site can be hacked and have the JS injected into it; so we have to think beyond safe/unsafe.
    Plus, I thought I was about to browse a 'safe' site when the incident I mentioned happened! haha.
    Thank you Little Snitch!
    Interestingly, it was around the time of that article that Haliax posted!
     
  2. notrace

    notrace Producer

    Joined:
    Jun 19, 2011
    Messages:
    230
    Likes Received:
    77
    Well I've been in this game for over 25 years and have never experienced anything bad. However, a few months back (not sure where) I'm pretty sure it was after downloading a newer version of Macrium Reflect from a site, the shit hit the fan. I starting seeing some weird behavior on my Win 10 system so I immediately restored it from a recent backup and thought all was well. Well about a day later I noticed my D: drive had a number of files with the extension [email protected]. After researching it I found out It was the dreaded Phobos virus which to this day still has no Decrypt tool for undoing it's damage. Needless to say, I decided to replace the drive and store it away in hopes someone comes up with a Decrypt tool for Phobos Ransomware so I'll be able to retrieve a lot of those files since a number of them weren't backed up. Anyway, that unfortunate lesson taught me to definitely have protection installed on my system. Never again! I urge you to do the same! That's what I get for going to some new sites in search of the latest version of Macrium Reflect, and thankfully I had my main drive also backed up with Clonezilla which is freeware and very reliable! Macrium Reflect nags the shit out of you when a new version comes out and I fell victim to my own greed. :(
     
    Last edited: Nov 8, 2020
  3. Talula

    Talula Rock Star

    Joined:
    Apr 22, 2018
    Messages:
    1,152
    Likes Received:
    349
    not only in the OS itself, but also in the installed software.
    for example, a music player.
    about 15 years ago, winamp was the most popular, and there were constant vulnerabilities in it (updates were released frequently, but ordinary users do not update programs every day). I used one of them to demonstrate the ability to penetrate the system. For this, I created a regular playlist with a link to a song from a CD, but the name of the sound file consisted of a very large number of characters - this caused an error when reading the file. usually a buffer overflow followed by arbitrary code execution. at the same time, to increase the size, I simply entered a few megabytes into the file with the "0" symbol and changed the file extension to mp3. one of the local resources with the ability to listen to music online (which was downloaded by users), including through a music player installed on the computer, did not check the contents of the files and it was included in the list of available for listening.
    it was not a script or an executable file and no sandbox would help if other programs were involved.

    but that's not the point. look at what they write about system updates and you will understand that everything is very, very bad, since there are many holes in non-updated systems.

    hmm ... install an antivirus and open any sites calmly? no.
    bother with the sandbox every time, set up something there and, as a result, have protection with a bunch of opportunities to bypass it? Ooh yes!
    how you love to create problems for yourself ...
     
    Last edited: Nov 8, 2020
  4. Moonlight

    Moonlight Audiosexual

    Joined:
    Jun 12, 2011
    Messages:
    2,467
    Likes Received:
    762
    Location:
    Earth
    So Lil Snitch showed a popup that something wanted to connect somewhere ?
     
  5. Talula

    Talula Rock Star

    Joined:
    Apr 22, 2018
    Messages:
    1,152
    Likes Received:
    349
    depends on the settings. you can turn off any notifications, you can turn off only a part, or you can turn on all notifications.
     
  6. Vader

    Vader Platinum Record

    Joined:
    Jun 15, 2011
    Messages:
    523
    Likes Received:
    236
    Never read this kind of posts!
     
  7. twoheart

    twoheart Audiosexual

    Joined:
    Nov 21, 2015
    Messages:
    2,180
    Likes Received:
    1,359
    Location:
    Share many
    I am sorry that you had these problems.
    However, an antivirus program does not help against every kind of virus or worm. Especially if the systematic of the virus is relatively new, an A/V has no chance against the attack.

    So it makes sense to pay attention to certain things anyway.
    The separation of programs and data is for example such an important thing. One should regularly back up the data separately from the programs. If one doesn't do this, viruses on the system will be restored just like programs and data.
    The backup of the intact data should be done on an offline storage medium, then e.g. Ransomware cannot encrypt backups on network shares.

    What is also important: One should Load programs, if possible always from a reliable source. You can also download Reflect directly from the manufacturer.
    For extra security installing warez in a controlled environment first is a good idea e.g. in a virtual system or in a sandbox (sandboxie freeware).
     
  8. Gyro Gearloose

    Gyro Gearloose Audiosexual

    Joined:
    Jul 8, 2019
    Messages:
    4,234
    Likes Received:
    1,849
    Location:
    Germany
    and AV will not help for that...
    --
    i dont say noon should never install AV but the most here in thread not need it..
     
  9. The Freq

    The Freq Guest

    Security is a state of mind. You can have guard dogs, video surveillance, armed guards and helicopters flying over, steel bars on all entries, but if someone wants what you have badly enough, they'll work out a way to break in.

    A computer is no different and with a computer, accidents happen. All it takes is one wrong link click and your computer has been put up for ransom. Ransomware might be the most offensive of all new virus/malware/phishing style programs.
    If you feel safe good but that is a choice you made and perhaps you never will get infected, but the reverse goes for a lot of people too.
     
  10. OBKenobi

    OBKenobi Producer

    Joined:
    Jul 14, 2012
    Messages:
    216
    Likes Received:
    104
    These AV guys are the same ones that say if you don't update Windows every time Bill Gates demands that your whole life will be destroyed. I haven't updated my 3 Win 7 PCs since 2014 and haven't updated my main Win 10 PC ever. It's still running Win 10 Enterprise with every MS service shut off. I run all the latest software, no problems with compatibility. Actually seems like there are less problems hearing how people with the newest versions of Windows and OS X keep breaking all their shit. LOL I back up once in a while with Macrium Reflect, you know the Macrium Reflect the guy earlier was saying he got a virus downloading from some shady site.
     
  11. Moonlight

    Moonlight Audiosexual

    Joined:
    Jun 12, 2011
    Messages:
    2,467
    Likes Received:
    762
    Location:
    Earth
    Yeh I know I used little snitch some tiem agaoi before switcing to lulu. What exactly is trying to call home in such kind of case , which File , Appliation, which source ? I am just curious
     
    Last edited: Nov 9, 2020
  12. Talula

    Talula Rock Star

    Joined:
    Apr 22, 2018
    Messages:
    1,152
    Likes Received:
    349
    yes, something like that
    [​IMG]
     
  13. Moonlight

    Moonlight Audiosexual

    Joined:
    Jun 12, 2011
    Messages:
    2,467
    Likes Received:
    762
    Location:
    Earth
    Uh that sounds tedious , how often do you need to deny allow a day when surfing the net ? Donet it ask you all teh time when safari tries to connect to something since you havent whitelisted safari ?
     
  14. Talula

    Talula Rock Star

    Joined:
    Apr 22, 2018
    Messages:
    1,152
    Likes Received:
    349
    this screenshot is from google =)))
    I stopped using the app about a year ago - I don't need it anymore.
     
  15. ProJay

    ProJay Kapellmeister

    Joined:
    Dec 10, 2019
    Messages:
    130
    Likes Received:
    45
    Location:
    India
    Damn Vro. I got a bo##er looking at this image. But I am only 5'6" :(
     
  16. Pipotron3000

    Pipotron3000 Audiosexual

    Joined:
    Mar 13, 2013
    Messages:
    1,228
    Likes Received:
    616
    You can crawl the web with a virtual machine AND disable the IP stack from host OS.
    And scan files BEFORE transferring to host OS.
    So your host OS is not exposed to internet. And still get web :wink:

    Biggest trouble with AV/anti malwares (apart resources, false negatives ...) is they hook BETWEEN OS layers.
    So when they crash, you get a BSOD like an hardware driver crash.

    This is NOT a good way to do things. But need to be implemented like this to avoid malware reaching upper OS levels.
     
  17. Smoove Grooves

    Smoove Grooves Audiosexual

    Joined:
    Jan 26, 2019
    Messages:
    5,184
    Likes Received:
    1,962
    Yes. And the website was hidden behind a block that Little Snitch put up, telling me that if I proceeded, then an executable file would action.
    As it said in the article, a JS embedded in the web page.
    If I had landed on the page without LS, that would have been me screwed.
    I was trying to find some library I wanted to try out, so I was going 'out into the wild' a bit.
    It's never worth it.
     
  18. baszermaszer

    baszermaszer Member

    Joined:
    Apr 11, 2020
    Messages:
    26
    Likes Received:
    11
    This is the reason my win 7 PC doesn't have any Windows firewall, nor Defender. I don't use any Antivirus crap. I check every EXE online. Some check on a virtual machine. However I don't have the patience. System Restore points are a good idea. As is a Separate Internet PC - if you can afford it - to browse the internet and start install everything you download then watch for results, before you transfer the program to your main Work Machine. I have 10 svchost.exe-s in memory. My Win 7 PC is blinding fast with 0% CPU usage on Performance window and 550MB RAM used with nothing started only the Explorer.exe. No Themes, no background pics. Maximum performance!!

    My ""new"" Win10 machine I just bought used will have the very same minimum services: no trash OneDrive, No Skype, No Office, No Defender, No AntiVirus, No Firewall (only a hardware router), DISABLED TELEMETRY, No auto WinUpdate = FCK MicroPenisSoft!
    I need Win, since most Work-software I work with was optimized for it.
    This week I'll see, how can I transfer my last week's Win7-PC workflow to a never before used WIN10 environment.
    I already have saved webpages:
    How to disable Telemetry and Data Collection in Windows 10
    20 Services in Windows 10 that Can be Stopped Without Any Risk
    10 easy ways to speed up Windows 10 - CNET
    etc... etc..
     
  19. Moonlight

    Moonlight Audiosexual

    Joined:
    Jun 12, 2011
    Messages:
    2,467
    Likes Received:
    762
    Location:
    Earth
    Thank you for taking time to answer ! But doesn't little snitch ask once to allow safari ?
    That's why I am curious.
     
  20. Moonlight

    Moonlight Audiosexual

    Joined:
    Jun 12, 2011
    Messages:
    2,467
    Likes Received:
    762
    Location:
    Earth
    Have you ever tried to resore one ? It NEVER worked for me.

    is it even possible to disable it completely ?


    Do you know if there is a way to create a kind of snapshot of all services so that you can always reset to teh default setting ?
     
Loading...
Loading...