Non aviation content. Play nice – No religion, no politics and no axe grinding please.

Moderator: Flyin'Dutch'

#1662004
Kaspersky is bigger in China than Russia. It is also NOT government owned. The scare stories are way off.

Even if you are worried about Kaspersky, if running on a PC get a proper full blooded security suite. I have spent too many hours getting rid of the odd virus, but more importantly various bits of Malware - the free anti-virus products don't protect against them, and they can cause loads of problems/grief.

Admittedly sensible use of the net will go a long way - one old friend actually followed a malware link. and paid £40 or £50 to get it properly installed :wall: That took me over 24 hours solid work to clear. Wouldn't have been to bad if they had current backups, it would have been quicker to reinstall, then restore backup.

Save yourself the hassle for £20 to £40 a year!


KE
#1662033
@Townleyc I don't know where you get your advice from, but as a critical national infrastructure business, I know where mine came from, and I'm confident it's not unfounded scare stories. In defence of Kaspersky, the claim has not been that Kaspersky themselves are acting maliciously, but that it sends data over networks/to data centres that can be compromised, in a jurisdiction that could require them to give access, plus a high degree of transparency of its source code, make it vulnerable to malicious action. That said, an individual user is unlikely to be at risk of malicious action in the way that critical national infrastructure might be.

An analogy is to think of your computer as a factory. The factory by default comes with decent locks and an alarm system (Windows Defender). You could choose to rely on these locks and alarms, or you could choose to appoint a 24hr site security team ('anti-virus' software). In theory the 24hr site security team can spot and respond to issues that the locks and alarms don't - but you have to give the 24hr security team free rein to access the site, and override at least some of the locks and alarms They gain detailed knowledge of the factory and how it works, and send maps/photos of the workings back to base.
In theory a good security team is going to be better than your locks and alarms, but if the security company has weaknesses in its vetting of its staff or can't keep your keys safe, then you might have been better off without them.
Perversely anti-virus software creates a new attack vector - therefore needs to be considered in balance as to whether the risks that it mitigates exceed those that it creates.
Rob P, nallen, kanga and 1 others liked this
#1662084
Despite the rumours, there is no public evidence that Kasparsky has been compromised by the Russian government. There was a leak from the USA that Israel had hacked into Kasparsky's internal network, and found that unsurprisingly Kasparsky was searching user's computers for viruses.

However if you are computer savvy, keep up to date and don't do silly things there should be no need for more than what comes with windows 10.
I have got a network virus in the past (passed from PC to PC via flawed network card firmware) which was too new to be caught by the anti-virus software installed (McAfree) on my work laptop.

Yes, Macs can get viruses:
https://www.macworld.co.uk/feature/mac- ... y-3668354/
#1662105
I'd argue that Macs get very few viruses per se but are as intrinsically prone as any other system to the installation of malware by inattentive users with administrative rights. There does appear to be a huge amount more malware for MS operating systems than for others.

In the early days of Windoze and DOS, there was no such thing as an administrator and consequently it was a piece of cake to write software that would silently install itself and quietly do its nastiness - often via a network such that the user literally could do nothing except turn his computer off to prevent infection.

As for critical systems - it concerns me enormously that there is a single ecosystem running TCP/IP across most of the country's economy. It strains credulity to believe that our enemies in the next war will be incapable of poisoning the single protocol on which so much depends.
#1662112
VRB_20kt wrote:In the early days of Windoze and DOS, there was no such thing as an administrator and consequently it was a piece of cake to write software that would silently install itself and quietly do its nastiness

JAAMOI, how many Mac users sign in using a non-Admin User for their day-to-day work? I know I have never done so, but perhaps I ought to? It has always struck me as a PITA to do so, but perhaps I am misguided in this approach?
#1664169
VRB_20kt wrote:As for critical systems - it concerns me enormously that there is a single ecosystem running TCP/IP across most of the country's economy. It strains credulity to believe that our enemies in the next war will be incapable of poisoning the single protocol on which so much depends.


Which is about as helpful as saying "criminals use roads to go places to commit crime: to stop criminals committing crime, we must replace roads with something more secure"..
#1664171
matthew_w100 wrote:We use de-duplicating (though on Linux boxes) as a scripting exercise for potential recruits to demonstrate their worth. It can be done quite elegantly, but I won't tell you how in case you apply for a job :D


;-)

find, xargs...
#1664359
dhs wrote:Which is about as helpful as saying "criminals use roads to go places to commit crime: to stop criminals committing crime, we must replace roads with something more secure"..

More of a comment on the inherent risks in monoculture. When our entire society i massively dependent on a single thing, we must be very sure that that thing can't be compromised.
kanga liked this