Thread: Ask ExeTools: Best Antivirus & AntiMalware 2017
View Single Post
  #12  
Old 10-30-2017, 23:47
chants chants is offline
VIP
  
Join Date: Jul 2016
Posts: 737
Rept. Given: 37
Rept. Rcvd 48 Times in 30 Posts
Thanks Given: 671
Thanks Rcvd at 1,064 Times in 482 Posts
chants Reputation: 48
It is a famous "cat and mouse" game as you always have to stay current. Yes you can always wrap something and make it undetectable but the importance of staying current is an issue.

I always go with Windows Defender, a properly configured router, and care when running strange binaries by sandboxing/VM. Yes the random malware that infects legitimate sites like the one that occurred recently in CCleaner right after Avast, an antivirus company acquired it, is hilariously ironic in this case but its not so common that it cannot be dealt with as a one off.

The problem with AV, is its hard to measure future detection rates. And we don't care about the past so much here. The question on detection rate, is if some arbitrary malware comes out, how long it would take before that particular AV detects it or if not what % will it achieve. So we are left with our own empirical evidence and feelings and some configurability on top of a black box engine which we indeed can do nothing but speculate about.

Most of the malware nonsense is just fun and games anyway and questionable beyond at a big enterprise or for a sysadmin maintaining a lot of computers, or for really naïve users who would never be able to do a self repair.

It is only interesting if we are talking about BIOS hacking, and hypervisor chips and what the real racketeers hiding behind agencies are up to. Then well, really, someone probably already "owns yours box" especially if you browse this forum. And since they can physically break in and enter with almost no effort, unless you are going to design an unhackable chipset, you probably won't even be able to guard a new purchase past a week. But if anyone manages to beat the big crooks, it would be interesting. But its non trivial and would require a huge amount of work. And you are not getting much help from big hardware business these days who are largely trying to lock up their corners of the financial markets by complying and bending over backwards to the nearest government power structure. But the AV companies stay out of here too. And the hardware companies have dumped firmwares containing extremely sophisticated monitoring and harassment packages and keep their lips shut.
Reply With Quote