![]() |
![]() |
#1 (permalink) | ||
Senior Edtor
Join Date: Jul 2010
Posts: 1,380
|
![]()
What is the opinion about the outlook for a worsening malware problem given in this article? It begins
Quote:
Quote:
__________________
Vic |
||
![]() |
![]() |
![]() |
#2 (permalink) |
Senior Member
Join Date: Mar 2012
Location: England
Posts: 657
|
![]()
I don't really understand the second statement ...
Comodo auto-sandboxing kicks in as soon as an executable runs however long it's been sitting on your HDD and will block or isolate it depending on your settings. I don't understand how "wait to invade" would compromise that? I'm not proposing that CIS is immune, just that I don't follow the idea being presented here. |
![]() |
![]() |
![]() |
#5 (permalink) |
Senior Edtor
Join Date: Jul 2010
Posts: 1,380
|
![]()
Are you saying that there is no substance at all to the idea that malware writers are devising smarter, harder to detect exploits? AV companies certainly have a vested interest in making things sound bad but should everything they say be dismissed out of hand? What do you tell ordinary people who read about threats and ask you about them?
__________________
Vic Last edited by v.laurie; 29. Jan 2014 at 05:11 PM. |
![]() |
![]() |
![]() |
#6 (permalink) | |
Senior Member
Join Date: May 2008
Posts: 424
|
![]() Quote:
The gist of this article is to dismiss Sandboxing with the advent of "wait to invade" malware - have you seen this out in the real world? The article says " I predict we’ll see a new generation of “wait to invade” malware." offering no proof. As to the other main point of the article on the "new" open source attitude in malware - that is not new at all. |
|
![]() |
![]() |
![]() |
#8 (permalink) | |
Senior Member
Join Date: May 2008
Posts: 424
|
![]() Quote:
I am just saying that is what has happened in the past and is likely to happen in the future. My solution- do not download anything unless you know what it is and do not open suspicious attachments on emails. [Personal comment edited out] Last edited by MidnightCowboy; 29. Jan 2014 at 08:03 PM. |
|
![]() |
![]() |
![]() |
#10 (permalink) |
Senior Member
Join Date: Mar 2012
Location: England
Posts: 657
|
![]()
So can anyone here actually understand/explain this concept of "wait to invade"?
"Today’s sandbox techniques that identify new malware rely on the malware being executed immediately, or at most, after an initial reboot. This is an easy challenge for hackers to overcome ..." This idea that sandboxing only works if malware is executed immediately doens't make sense to me. Perhaps I'm just being a bit slow. Also, if it's such an easy challenge why hasn't it been overcome already? |
![]() |
![]() |
![]() |
Thread Tools | |
Display Modes | |
|
|