Open Question

Are People That Get Malware While Browsing On Windows OR PAY FOR ANTI MALWARE PROGRAMS USUALLY UNEDUCATED?

I admit I know a lot about computers, as I am a computer programmer, and security expert. Nonetheless I feel there is a lot of misinformation out there about malware and exploits which keeps the sla..v... I mean the proletari..it.. I mean the people buying the anti-malware and sometimes getting infected anyway.

NOTE: I know how to use Linux based OS'S but I hate them for desktop use so I'm not referring to Linux in this at all. People can use Windows and remain malware free if they are smart I believe.

People have been told to just buy anti virus and keep it updated and they will be fine. Then they go to their favorite porn site and bam a java exploit rapes them royally and in comes the malicious code and malware.

Then they cry in their corner thinking WHYYY WHYYY does this keep happening to me. I'm such a nice guy....why ohhhhh why. They simply don't understand what's going on under the hood so to speak.

The best way to stop malware is between your ears, and never letting it get a chance to install to start with.

This can be done via simple virtualization techniques with programs like sandboxie - free. Virtualbox - free" you just need to have a fast enough computer",

Or application and script white listing via no script - free for firefox, or use what's right inside every Window xp + machine i.e. group policy options you can block applications from running except the ones you are going to use and white list those.


Then you visit that evil java exploit site and bam the exploit code works but it tries to fire up a command shell with some shellcode but oops! cmd.exe is blocked it isn't the white list uh oh exploit didn't really work.
Hackers and Malware writers 0, You +1.

Sandbox time - you visit that exploit site again java time bam it works but shit it's trapped in sandboxie, the hacker can't get out and it doesn't affect your system You +1, Hackers and Malware writers 0.

No script only allow scripts on very secure sites like gmail - You visit that exploit site uh ohhh it won't even allow Java Scripts to work at ALL! You +1, Hackers and malware writers 0.


I once had a client whom needed his computer fixed allll the time from malware i.e. fave AV's running etc. etc. He insisted on using just his Anti Virus programs which didn't work. I finally told him how about sandboxie dude? He agreed he would set a little time aside to learn how to use sandboxie. Guess what? He hasn't called me since except once to tell me he has had no problems with malware.


This leads me to the last note. Anti Malware companies really don't want you to be 100% secure, and they don't want the malware to stop. Think about it, if nobody wrote another piece of malware again the companies would soon go broke. The whole thing is one giant businesses for bot the malware writers the people providing so called protection.


Lastly the techniques I talk about above work against drive-by-malware, but what about the dumb people who click anything that's there?

You've seen these stupid people I'm sure. They download some executable code/file and just start clicking. Did you do any research about this program via google before you downloaded and clicked it? Do you know if this executable or installer is digitally signed? Who's the publisher?

Ah well, click first ask question later [Click Click Click Click Click Click CLICK CLICK CLICK].

I chime in "Hey you do realize that those .exe files are executable machine instructions for the CPU right? You are basically giving express permission to whomever programmed that program to do whatever they want with your computer?

Really? They look at you awe struck. lol Opinions? Ideas? etc. on what I have said?

294 day(s) ago

Answer this Question

    Comment(s) (0)

    Report Abuse