I've written a whole posting in response to some of the comments in this article, as I had too much to say to capture in a simple comment. To read the posting go to:
http://havemacwillblog.com/2008/03/30/why-is-it-that-many-av-vendors-simply-dont-get-it/
Rich Rumble
Sat, 2008-06-07 16:16
The REAL issue is Admin by default. Mac’s and Linux (typically) do not require AV, because of the best practice of Least Privilege. There are naturally other factors, however, “windows is the most popular” isn’t in my opinion a valid argument, windows is the easiest target because of poor design.
http://richrumble.blogspot.com/2006/08/anti-admin-vs-anti-virus.html
I’ll write more on the blog soon, but the real flaw comes from windows, and the best defense is to lower privileges, and then put AV or white-list cludge’s on top of that. Windows 8 with any luck will learn from it’s previous mistakes, Vista … ehh nice try, but people still run as admin or at least ignore alerts and click OK to everything.
-rich
The Future of Antivirus
As signatures proliferate, antivirus vendors must ramp up other techniques for spotting and squashing malware
» View Article
i couldn't agree more
I've written a whole posting in response to some of the comments in this article, as I had too much to say to capture in a simple comment. To read the posting go to:
http://havemacwillblog.com/2008/03/30/why-is-it-that-many-av-vendors-simply-dont-get-it/
The REAL issue is Admin by default. Mac’s and Linux (typically) do not require AV, because of the best practice of Least Privilege. There are naturally other factors, however, “windows is the most popular” isn’t in my opinion a valid argument, windows is the easiest target because of poor design.
http://richrumble.blogspot.com/2006/08/anti-admin-vs-anti-virus.html
I’ll write more on the blog soon, but the real flaw comes from windows, and the best defense is to lower privileges, and then put AV or white-list cludge’s on top of that. Windows 8 with any luck will learn from it’s previous mistakes, Vista … ehh nice try, but people still run as admin or at least ignore alerts and click OK to everything.
-rich
graet site,
Dirty Tricks: Social Engineers' Favorite Pickup Lines
Tabletop Exercises: 3 Sample Scenarios
19 Ways to Build Physical Security Into Your Data Center
Get instant notifications when whitepapers, webcasts and case studies are added to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
» More blogs
CSO Perspectives
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
Trend Micro ranked #1 against real-world malware. Read more.
64-page prescriptive guide to security, compliance, and IT operations.
Removing Barriers To Better Server Virtualization Efficiency
Mining for Gold: Cybercrime Prevention and the Role of Log Management
The Executive Guide to Data Loss Prevention
Organizations can spend up to 50% more on compliance efforts than necessary.
White Paper: A Security Blueprint Delivered From within the Network
Read the RSA report: Security for Business Innovation
Upgrading to VMware vSphere with vWire
Explore the increasing importance of log management as cybercrime threats grow.
The Tripwire HIPAA Solution: Meeting the Security Standards Set Forth in Section 164
Implementing Best Practices for Web 2.0 Security
Five Ways to Reduce Your IT Audit Burden
THE IDG NETWORK