Wikipedia

Defensive computing: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
KolbertBot (talk | contribs)
Bots
1,166,042 edits
m Bot: HTTP→HTTPS (v462)
added other perspective to anti-malware
Line 15:
A basic strategy for all defensive computer users is to install and use anti-[[malware]] software.
Firewalls may not completely protect a computer. Malicious software may be able to get through a firewall and onto a system. Anti-Malware such as anti-virus, anti-phishing and email filtering software offer some protection against harmful software that reside within a computer. The amount of malicious software available over the Internet is steadily increasing.<ref name="three">[https://www.washingtonpost.com/wp-dyn/content/article/2008/03/19/AR2008031901439.html https://www.washingtonpost.com/wp-dyn/content/article/2008/03/19/AR2008031901439.html], Antivirus Firms Scrambling to Keep Up</ref> It is important for defensive users to use to anti-malware that is both effective and easily updated in order to combat new strains of malicious software that are developed.<ref name="two"/>
 
The other side of anti malware is that it contains serious vulnerabilities itself <ref name="eight">[https://googleprojectzero.blogspot.com/2016/06/how-to-compromise-enterprise-endpoint.html https://googleprojectzero.blogspot.com/2016/06/how-to-compromise-enterprise-endpoint.html] Security Products Contain Critical Vulnerabilities</ref>. A malware could use vulnerabilities of anti-malware to launch malicious code.
 
Anti-malware works by scanning files an network connections for known signatures. Those signatures can never be up to date. To be able to scan network connections, encryptions (SSL/TLS) need to be bypassed or even broken by anti-malware software. When monitoring emails anti-malware opens all attachments for analysis, a bug in this scanner can be used as a starting point for malware. Attackers just need to send malware to a mailbox that is scanned automatically.
 
It is questionable if malware scanners are even useful at all. Ex Mozilla developer Rober O'Callahan writes in his blog that anti malware software should be disabled (except windows defender)<ref name="nine">[https://robert.ocallahan.org/2017/01/disable-your-antivirus-software-except.html https://robert.ocallahan.org/2017/01/disable-your-antivirus-software-except.html] Disable Your Antivirus Software (Except Microsoft's)
</ref>
 
=== Skepticism ===
Retrieved from "https://en.wikipedia.org/wiki/Defensive_computing"