51

Re: About uselessness of antiviruses

Hello, Michael7, you wrote: M> the Muzhik from Google states interesting thoughts. https://geektimes.ru/post/282760/100 %, about 7 years ago  brakes imported  and at me are not present since then antiviruses viruses (on an extreme measure of times in a floor of year I run a wheelbarrow in manual  type    or   from  a web and anything never and did not find)

52

Re: About uselessness of antiviruses

Hello, smeeld, you wrote: S> They also are isolated, programs even are isolated from themselves, without having possibility to write down, for example, in the page frame, at which attributes only on reading. And , at penetration into system, clings not to those possibilities, which  owing to mentioned . For what it clings then?

53

Re: About uselessness of antiviruses

Hello, Los Chtostrjaslos, you wrote: > Hello, vsb, you wrote: vsb>> Because the car is mortally dangerous to associates, and misuse of the computer for surrounding a maximum is sensitive adds to spam and . > the computer can be such, for example > Image: landwind.png It is connected to the Internet? Then still it is possible to add everyones   stimulators...

54

Re: About uselessness of antiviruses

Hello, Sharov, you wrote: S> For what it clings then? For errors in implementation.

55

Re: About uselessness of antiviruses

Hello, Ops, you wrote: SK>> For a long time there are not difficult techniques of passage through NAT. Connection initialization outside, on a host which does not wait for it. Ops> with what    will be somewhere  exterior connection? In it all essence NAT. Because problems "imperceptible " and "default settings" are combined. https://community.rapid7.com/community/ … rabilities

56

Re: About uselessness of antiviruses

Hello, Stanislaw K, you wrote: SK> In it all essence NAT. Because problems "imperceptible " and "default settings" are combined. SK> https://community.rapid7.com/community/ … rabilities implemented by many SOHO-class routers and networking devices Selected. It at all level of the provider, it about soap trays which often stand at ultimate users, and give 1 more layer NAT. To their vulnerability are interesting only with the direct address.

57

Re: About uselessness of antiviruses

Hello, Privalov, you wrote: SK>> SK>> "Not to whom to open a communication channel with a cash dispense, closed on ". P> On  is I unsuccessfully expressed. I do not know precisely, for what reason it was closed. But to open in its morning on Saturday there was nobody. Yes anyway. The automatic computer system demanding constant manual interference... It is unnatural. P> in my case there was a similar situation. Then decided to use the certain existing infrastructure which has worked years. Something there did not consider, adjusting it for new requirements. We found and repaired. Good fellows. P>>> in that bank I worked. Not the administrator and not . But were intersected with them on operation. SK>> he was called by "Dima "? P> It is it of whom? The one who said to you that judging by  to broad gulls try to break its bank 24/7/365.

58

Re: About uselessness of antiviruses

Hello, Ops, you wrote: SK>> In it all essence NAT. Because problems "imperceptible " and "default settings" are combined. SK>> https://community.rapid7.com/community/ … rabilities Ops> Ops> implemented by many SOHO-class routers and networking devices Ops> Selected. It at all level of the provider, it about soap trays which often stand at ultimate users, and give 1 more layer NAT. To their vulnerability are interesting only with the direct address. Equally to it are subject and  pieces of iron. There it is selected SOHO that everyone understood that it concerns it personally. Besides, the malicious hacker an attacking host, can is in  networks, on adjacent from you IP.

59

Re: About uselessness of antiviruses

Hello, Stanislaw K, you wrote: SK> Yes anyway. The automatic computer system demanding constant manual interference... It is unnatural. In a case which should be assorted to our command with falling off communication - yes. But, as I already told, we repaired it. Happen  cases. For example, denominations in a cash dispense ended. Without manual interference not to manage. SK> good fellows. Still what! SK> the one who said to you that judging by  to broad gulls try to break its bank 24/7/365. And what it matters?

60

Re: About uselessness of antiviruses

Hello, Kingofastellarwar, you wrote: K> about 7 years ago  brakes imported  and at me are not present since then antiviruses viruses (on an extreme measure of times in a floor of year I run a wheelbarrow in manual  type    or   from  a web and anything never and did not find) Here what business. When on a pornosite suggest to download their special player for review of the most bonus porno in UHD, many after all do not see a dirty trick..., nearby ask: how to understand, what a site doubtful, on it it is not written?

61

Re: About uselessness of antiviruses

Hello, Privalov, you wrote: P> Happen  cases. For example, denominations in a cash dispense ended. Without manual interference not to manage. It is clear. SK>> the one who said to you that judging by  to broad gulls try to break its bank 24/7/365. P> And what it matters? Simply curiously.

62

Re: About uselessness of antiviruses

Hello, Stanislaw K, you wrote: SK> Equally to it are subject and  pieces of iron. Providers with   UPnP? Earlier like so did not do, but I for a long time with the direct address unless at  it is normal . Anyway, most likely a certain qualification on adjustment is available for the provider. SK> there it is selected SOHO that everyone understood that it concerns it personally. Not clearly, like simple  adjustments to make, eliminating such attack. And here who recustomizes - . SK> Besides, the malicious hacker the attacking host, can is in  networks, on adjacent from you IP. It any more from the Internet, and possibility strongly depends on the network device - I here generally neighbors do not see.

63

Re: About uselessness of antiviruses

Hello, smeeld, you wrote:>> and from data S> Programs  from the data, the program which does not have the rights to files, has to them no access. At me on a disk the file here lies. I casually downloaded and launched a virus, and it took also this file ciphered. Because by default OS does not offer any protection. Somehow artfully to place the rights to all files and permanently to support them, of course, it is possible, only here what is it? It is a crutch. Plus possibility of escalation of privileges as, besides, all OS are written in unsafe languages of type of S.Rezultat? Even more  crutches, a-lja https://habrahabr.ru/post/97594/. ARK>> And files thus that the curve architecture of their all existing OS in any way does not protect. S> above wrote about SELinux, try to bypass it, tried to receive file access to which access given seuser is forbidden. It is all not that. These are crutches atop initially wrong approach. For setting and which support the administrator with mountain of certificates is necessary.

64

Re: About uselessness of antiviruses

Hello, AlexRK, you wrote: ARK> at me on a disk the file Here lies. I casually downloaded and launched a virus, and it took also this file ciphered. It still that! Me once plundered, pulled down , since then I am not anchored to local files, all I am insolent on clouds, type mega

65

Re: About uselessness of antiviruses

Hello, AlexRK, you wrote: ARK> at me on a disk the file Here lies. I casually downloaded and launched a virus, and it took also this file ciphered. Because by default OS does not offer any protection. Somehow artfully to place the rights to all files and permanently to support them, of course, it is possible, only here what is it? It is a crutch. Plus possibility of escalation of privileges as, besides, all OS are written in unsafe languages of type of S.Rezultat? Even more  crutches, a-lja https://habrahabr.ru/post/97594/.  had the rights on  to files, from the point of view of system, he/she is the user the owner of files them ciphered, or the administrator. That is why  other question which concerns flaws in OS implementation, instead of in their architecture is executed in system, this already.

66

Re: About uselessness of antiviruses

Hello, smeeld, you wrote: S> Zlovred had the rights on  to files, from the point of view of system, he/she is the user the owner of files them ciphered, or the administrator. Unconditionally. And I consider possibility of it is in flocks.

67

Re: About uselessness of antiviruses

Hello, AlexRK, you wrote: ARK> it is unconditional. And I consider possibility of it is in flocks. To consider not bags , offer though a hint on such architecture of OS on which there could not be basically not declared possibilities.

68

Re: About uselessness of antiviruses

Hello, smeeld, you wrote: ARK>> it is unconditional. And I consider possibility of it is in flocks. S> to consider not bags , offer though a hint on such architecture of OS on which there could not be basically not declared possibilities. A hint idle time. There is, for example, a mp3-player. What for to it access to my xls-documents? What for? Why it has it? What for to the browser access to mp3? Why there is a uniform rubbish pit from all successively in which have access ALL? For the general data there should be at least repositories on types of files. By default the program should not have access to one repository, only to one directory of the adjustments (and yes, own executed files application to change cannot in any way). Access to certain data types should be required explicitly application and explicitly be given by the user exceptional through STANDARD system dialogue and in any way differently. OS should not give access to "to all at once" basically. Even better -  at level of OS of a category of applications and types of files to which can have access this or that category. A mp3-player? Only music and only reading. Video browser? Only video and only reading. The editor of video? Only video, a read and write. ? To a fire chamber, such application should write to be it is impossible. As a variant to allow to create "special categories", but only by a way  under the special administrator who can create only categories and anything else cannot do. There is a change more than N (by default 10, it is possible to change this number from . The administrator) media files? To brake the program, to show dialogue - whether all as it should be? Well, somehow so. It only the general idea.

69

Re: About uselessness of antiviruses

ARK> the Hint idle time. There is, for example, a mp3-player. What for to it access to my xls-documents? What for? Why it has it? What for to the browser access to mp3? Why there is a uniform rubbish pit from all successively in which have access ALL? So iOS. "All for your convenience" (only they went hardly further, and do not divide files into classes ("documents", "music", etc.), and arrive even easier - "it is files of a musical player, and only it to them has access". And that to this player to feed the mp3-file downloaded from the Internet, it is necessary to dance with a tambourine and iTunes.

70

Re: About uselessness of antiviruses

Hello, smeeld, you wrote: S> to Consider not bags , offer though a hint on such architecture of OS on which there could not be basically not declared possibilities. Generally speaking, to us on course on KB read that  (and its modifications) the most safe OS in respect of access control. Something of type "demonstrably safe . The environment". Somehow so. Well and at us in  its modifications are used (google).

71

Re: About uselessness of antiviruses

Hello, SkyDance, you wrote: SD> only they went hardly further, and do not divide files into classes ("documents", "music", etc.), and arrive even easier - "it is files of a musical player, and only it to them has access". And that to this player to feed the mp3-file downloaded from the Internet, it is necessary to dance with a tambourine and iTunes. They went strongly further. I offer repositories for joint access. But controllable access, instead of one dustbin on all.

72

Re: About uselessness of antiviruses

Hello, Ops, you wrote: SK>> Equally to it are subject and  pieces of iron. Ops> providers with   UPnP? For any media flows of type , . Ops> Earlier like so did not do, but I for a long time with the direct address unless at  it is normal . Earlier so did not do, because there was no standard UPnP. Ops> Anyway, most likely a certain qualification on adjustment is available for the provider.  from a question - what for to the provider to do such adjustment? SK>> there it is selected SOHO that everyone understood that it concerns it personally. Ops> it is not clear, like simple  adjustments to make, eliminating such attack. And here who recustomizes - . With them  does not work and  cinemas slowly swing. SK>> Besides, the malicious hacker the attacking host, can is in  networks, on adjacent from you IP. Ops> It any more from the Internet, and possibility strongly depends on the network device - I here generally neighbors do not see. It from WAN. That is the same Internet.

73

Re: About uselessness of antiviruses

Hello, Stanislaw K, you wrote: SK> For any media flows of type , . For what - clearly, simply did not know that it generally do. , by the way, quite for  without UPnP works, only  long. , , too somehow is able to punch. SK> earlier so did not do, because there was no standard UPnP. Not, already was, and was to many noise because of its holes. Then like calmed down, and then already began to produce direct addresses. SK>  from a question - what for to the provider to do such adjustment? In order that somehow it is necessary to adjust all the same. Hardly generally there UPnP it is included . SK> with them  does not work and  cinemas slowly swing. Someone's? All will work bright, simply it is not necessary to listen to requests UPnP about the exterior interface and that comes with internal, is already expected by the client. SK> it from WAN. That is the same Internet. Well not the same, all the same is a small segment. In addition, providers lately often do not give any , and your traffic can be isolated from (majority) of other users generally.

74

Re: About uselessness of antiviruses

Hello, AlexRK, you wrote: ARK> the Hint idle time. The same that above named crutches, only it is ready more "" as implemented not at level of categories and abstractions of a kernel of OS which are orthogonal to all entities concerning the world of the user applications, and at level of categories and abstractions of the user applications what there can be the infinite set so, and "" there it is necessary indefinitely, as well as is mandatory there will be the infinite set of the errors leading to appearance of not declared possibilities. The enumerated circuit of demarcations without problems is implemented by such systems, as mentioned above SELinux where is available certain  a dial-up of abstractions, orthogonal to the user applications by which the system of demarcation of the access, concerning to  to applications is built. Esteem about contexts and policies SELinux.

75

Re: About uselessness of antiviruses

Hello, smeeld, you wrote: S> the Same that above named crutches, only it is ready more "" as implemented not at level of categories and abstractions of a kernel of OS which are orthogonal to all entities concerning the world of the user applications, and at level of categories and abstractions of the user applications what there can be the infinite set so, and "" there it is necessary indefinitely Yes is not present. The repository with something is same high-grade essence of OS, as well as "file". And same orthogonal to all remaining abstractions." Application type "- just the same essence. There are no categories and abstractions of the user applications. All - at level of entities of OS. In the plan" categories and abstractions of a kernel of OS "- ANY DIFFERENCE that is. The reality can be only in lists of specific types of files and types of applications. But, as I spoke,  in OS even is optional is all can quite be  adjustment with change possibility through the special administrator. And, by the way (irrespectively to correctness or abnormality of my approach), and what, at us in the modern OS is not enough that ? Megatons only. Both users, and certificates, and IP addresses, and still a devil's abyss. S> the enumerated circuit of demarcations without problems is implemented by such systems, as mentioned above SELinux where is available certain  a dial-up of abstractions, orthogonal to the user applications by which the system of demarcation of the access, concerning to  to applications is built. Esteem about contexts and policies SELinux. Crutches it, crutches. The system by default should be safe and convenient. That in SELinux is implemented - probably in any sense safely (though and without any warranties as adjusted received), but not by default, is inconvenient for application by the normal user and demands special knowledge in this area. Just because for data security of the user all modern OS do hardly less, than anything, antiviruses in these OS and are necessary. Simply all  OS are created, proceeding from others (hopelessly become outdated, in my opinion) principles.