Comments on: Watch out for the Honda Accords http://blog.eset.com/2009/03/30/watch-out-for-the-honda-accords Fri, 25 May 2012 00:29:30 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: Randy Abrams http://blog.eset.com/2009/03/30/watch-out-for-the-honda-accords/comment-page-1#comment-42775 Randy Abrams Wed, 01 Apr 2009 20:48:49 +0000 http://www.eset.com/threat-center/blog/?p=893#comment-42775 yes, but bot nets can also send spam from your computer, attack other computers using your computer and download and store illegal content on your computer and put oyu at legal risk. yes, but bot nets can also send spam from your computer, attack other computers using your computer and download and store illegal content on your computer and put oyu at legal risk.

]]> By: Goytá F. Villela Jr. http://blog.eset.com/2009/03/30/watch-out-for-the-honda-accords/comment-page-1#comment-42774 Goytá F. Villela Jr. Wed, 01 Apr 2009 20:23:03 +0000 http://www.eset.com/threat-center/blog/?p=893#comment-42774 Pat, you are not alone: there are many people out there who have no interest in the inner workings of computing and just want to do their word processing, browsing, gaming, etc. However, one thing that many people fail to understand is that some computing skills are necessary in today's world, and in order to do that, some basic knowledge *is* necessary. I often make an analogy with driving cars. Humankind survived very well until the late 19th or early 20th century without cars, but our lifestyles have changed a lot since then, and now a lot of people drive cars (and often *have* to). Do they have to understand car mechanics to do that? Certainly not, but there is a minimum of things they have to know: for example, that fuel is needed, that you need to change the lube once in a while, and that car theft is a reality and one has to be aware of the available ways to protect one's car. Personal computing is no different - it is a skill required for anyone to be inserted in the modern world, lifestyle and even labor market. You don't have to be an expert to do your job (unless that *is* your job), but there are some basics that one needs to know. And some of them are related to security. I have a friend who thought just like you and complained that it was all too boring and he was too busy. But he is a translator and works all day on MS-Word, translating texts. I replied that anything that directly involves and affects the way he earns his bread and spends all his day just had to be very, very interesting! Now he surprises me at how well informed he is about all trends in hardware, software and networking - far more than necessary for his basic needs. So, Pat, keep your "driver's license" current, so as to say. You won't regret it. Pat, you are not alone: there are many people out there who have no interest in the inner workings of computing and just want to do their word processing, browsing, gaming, etc. However, one thing that many people fail to understand is that some computing skills are necessary in today’s world, and in order to do that, some basic knowledge *is* necessary.

I often make an analogy with driving cars. Humankind survived very well until the late 19th or early 20th century without cars, but our lifestyles have changed a lot since then, and now a lot of people drive cars (and often *have* to). Do they have to understand car mechanics to do that? Certainly not, but there is a minimum of things they have to know: for example, that fuel is needed, that you need to change the lube once in a while, and that car theft is a reality and one has to be aware of the available ways to protect one’s car.

Personal computing is no different – it is a skill required for anyone to be inserted in the modern world, lifestyle and even labor market. You don’t have to be an expert to do your job (unless that *is* your job), but there are some basics that one needs to know. And some of them are related to security.

I have a friend who thought just like you and complained that it was all too boring and he was too busy. But he is a translator and works all day on MS-Word, translating texts. I replied that anything that directly involves and affects the way he earns his bread and spends all his day just had to be very, very interesting! Now he surprises me at how well informed he is about all trends in hardware, software and networking – far more than necessary for his basic needs.

So, Pat, keep your “driver’s license” current, so as to say. You won’t regret it.

]]> By: Andrew P. http://blog.eset.com/2009/03/30/watch-out-for-the-honda-accords/comment-page-1#comment-42761 Andrew P. Wed, 01 Apr 2009 13:38:48 +0000 http://www.eset.com/threat-center/blog/?p=893#comment-42761 As any flight student quickly discovers while learning to fly by instruments, SCAN THE PANEL. If one concentrates on just one instrument, the plane will soon go upside down or into a steep "graveyard spiral" toward the ground. This is also true of using computers and most other endeavours in life. Mind the Big Picture and don't get wrapped up in the details. As any flight student quickly discovers while learning to fly by instruments, SCAN THE PANEL. If one concentrates on just one instrument, the plane will soon go upside down or into a steep “graveyard spiral” toward the ground. This is also true of using computers and most other endeavours in life. Mind the Big Picture and don’t get wrapped up in the details.

]]> By: caffeine head http://blog.eset.com/2009/03/30/watch-out-for-the-honda-accords/comment-page-1#comment-42752 caffeine head Wed, 01 Apr 2009 05:07:15 +0000 http://www.eset.com/threat-center/blog/?p=893#comment-42752 even if someone used Conficker to steal my credit card info, there wouldn't be any credit there for them to exploit or spend even if someone used Conficker to steal my credit card info, there wouldn’t be any credit there for them to exploit or spend

]]> By: JT Mares http://blog.eset.com/2009/03/30/watch-out-for-the-honda-accords/comment-page-1#comment-42749 JT Mares Wed, 01 Apr 2009 03:40:00 +0000 http://www.eset.com/threat-center/blog/?p=893#comment-42749 What I'd like to know is what ESET (or any computer security firm, for that matter) is doing to prevent compromise and takeover by hacks of CPU hardware virtualization (such as "Blue Pill,") et al. As I understand it, if the Operating System can't even tell it's running on virtualized hardware, detection of malicious hypervisors is essentially impossible, let alone trying to remove something running in CPU-exclusive on-die memory. What I’d like to know is what ESET (or any computer security firm, for that matter) is doing to prevent compromise and takeover by hacks of CPU hardware virtualization (such as “Blue Pill,”) et al. As I understand it, if the Operating System can’t even tell it’s running on virtualized hardware, detection of malicious hypervisors is essentially impossible, let alone trying to remove something running in CPU-exclusive on-die memory.

]]> By: Randy Abrams http://blog.eset.com/2009/03/30/watch-out-for-the-honda-accords/comment-page-1#comment-42738 Randy Abrams Tue, 31 Mar 2009 21:03:44 +0000 http://www.eset.com/threat-center/blog/?p=893#comment-42738 I think THE POINT is that you do have to pay attention, even with antivirus. There is no such thing as security, there is only risk management. I use SandBoxIE to help manage risk. I couldn't use it effectively if I didn't have some level of computer education though. AV Software is not a scam, it is over-hyped though. It is quite wrong that marketing in the industry leads people to believe that they are more secure than is actually the case, but knowing the limitations and the benefits, I conclude it is not a scam. Could ESET have stopped the exploits? Anything is possible, it comes down to "You can have it good, you can have it fast, you can have it cheap... pick any two". Exploit detection is possible, but to do so efficiently and accurately within the confines of an anti-virus engine has varying degrees of difficulty and it is entirely exploit dependent. Our friends, parents, brothers, sisters, etc. use our software, we have a vested interest in making it as good as we can. I think THE POINT is that you do have to pay attention, even with antivirus. There is no such thing as security, there is only risk management. I use SandBoxIE to help manage risk. I couldn’t use it effectively if I didn’t have some level of computer education though. AV Software is not a scam, it is over-hyped though. It is quite wrong that marketing in the industry leads people to believe that they are more secure than is actually the case, but knowing the limitations and the benefits, I conclude it is not a scam.
Could ESET have stopped the exploits? Anything is possible, it comes down to “You can have it good, you can have it fast, you can have it cheap… pick any two”. Exploit detection is possible, but to do so efficiently and accurately within the confines of an anti-virus engine has varying degrees of difficulty and it is entirely exploit dependent. Our friends, parents, brothers, sisters, etc. use our software, we have a vested interest in making it as good as we can.

]]> By: Robin Jackson http://blog.eset.com/2009/03/30/watch-out-for-the-honda-accords/comment-page-1#comment-42737 Robin Jackson Tue, 31 Mar 2009 20:50:52 +0000 http://www.eset.com/threat-center/blog/?p=893#comment-42737 Randy, I don't disagree with you. However, Pat's point is THE POINT. Many, many customers trust ESET or another anti-virus company to keep them safe. Companies tout heuristics and all sorts of other buzzwords to assure customers that their products keep them "safe." The latest CanSecWest results show just how safe we are. You can be as cautious as possible, and as educated as possible and still be infected, in a heartbeat by a zero-day. You're brain cannot keep you safe if you cruise a reputable website that has had a SQL injection that you don't know about and a drive-by hits you. One of the greatest scams today is AV software (and yes we are a customer of yours). Google has the best idea in creating a browser from the ground up...God only knows how long that will last. Could ESET have stopped the Firefox or IE exploits? Inquiring minds want to know. Randy,

I don’t disagree with you.

However, Pat’s point is THE POINT. Many, many customers trust ESET or another anti-virus company to keep them safe. Companies tout heuristics and all sorts of other buzzwords to assure customers that their products keep them “safe.”

The latest CanSecWest results show just how safe we are. You can be as cautious as possible, and as educated as possible and still be infected, in a heartbeat by a zero-day. You’re brain cannot keep you safe if you cruise a reputable website that has had a SQL injection that you don’t know about and a drive-by hits you.

One of the greatest scams today is AV software (and yes we are a customer of yours). Google has the best idea in creating a browser from the ground up…God only knows how long that will last.

Could ESET have stopped the Firefox or IE exploits?

Inquiring minds want to know.

]]> By: Randy Abrams http://blog.eset.com/2009/03/30/watch-out-for-the-honda-accords/comment-page-1#comment-42723 Randy Abrams Tue, 31 Mar 2009 16:51:23 +0000 http://www.eset.com/threat-center/blog/?p=893#comment-42723 With all due respect Pat, you can't be secure online without education. ESET protects against millions of threats, including Conficker, but every day there are brand new ones that the bad guys are testing to make sure that they will bypass all security software. There is always a window in which you will be vulnerable. It is a fantasy to believe you can be safe without learning some security basics. It really is required. I hate to be the bearer of bad news, but despite years of antivirus industry marketing, no product makes oyu completely safe. You brain is the best tool you have for security if you feed it knowledge. With all due respect Pat, you can’t be secure online without education. ESET protects against millions of threats, including Conficker, but every day there are brand new ones that the bad guys are testing to make sure that they will bypass all security software. There is always a window in which you will be vulnerable. It is a fantasy to believe you can be safe without learning some security basics. It really is required. I hate to be the bearer of bad news, but despite years of antivirus industry marketing, no product makes oyu completely safe. You brain is the best tool you have for security if you feed it knowledge.

]]> By: Pat Hill http://blog.eset.com/2009/03/30/watch-out-for-the-honda-accords/comment-page-1#comment-42722 Pat Hill Tue, 31 Mar 2009 16:45:14 +0000 http://www.eset.com/threat-center/blog/?p=893#comment-42722 I don't want to seem disrespectful,but I don't want to deal with all that. I have eset software because I know nothing about security software, I need to focus my attention on other work, and I want to have the best security software I can at a reasonable cost, that updates my protection frequently enough to cover these issues. So all I want to know is this: Does the automatic eset virus update protect me from current viruses, including this one? And if not, how do I keep my computer protected the way it should be? That's all I need to know. I don’t want to seem disrespectful,but I don’t want to deal with all that. I have eset software because I know nothing about security software, I need to focus my attention on other work, and I want to have the best security software I can at a reasonable cost, that updates my protection frequently enough to cover these issues.

So all I want to know is this:

Does the automatic eset virus update protect me from current viruses, including this one? And if not, how do I keep my computer protected the way it should be? That’s all I need to know.

]]> By: jcanto http://blog.eset.com/2009/03/30/watch-out-for-the-honda-accords/comment-page-1#comment-42714 jcanto Tue, 31 Mar 2009 06:13:18 +0000 http://www.eset.com/threat-center/blog/?p=893#comment-42714 Aaaaaamen. Aaaaaamen.

]]>