5 Security Software Myths That Can Prove Dangerous
Here is an interest article that summarizes some common myths concerning net security: 5 Security Software Myths That Can Prove Dangerous.
Forum Discussion
That seems to happen with MS... they put out an AV product (MS OneCare for example), it stagnates... then they get back on the ball and update it, and the cycle begins again.
Of course, here is one fact from personal experience: Most exploits these days are via security holes served up from ad servers or web pages. They attack the browser and its add-ons. Usually no AV program will intercept this since a compromised instance of the Web browser in memory doesn't "look" to different from a regular instance unless the AV program constantly looks at other program's process space (very slow.) Since there are no executables or Trojan horses sitting on the hard disk (the code is loaded into the Web browser itself), there is nothing for a scanner to find until the rootkit gets downloaded/installed.
So, the first line of protection is isolating the Web browser from everything else. I prefer to run my Web browser in a sandbox, and that running in a VM, but just running the Web browser in a sandbox will go far to stop unknown attacks from compromising the entire machine. It also is wise to do security sensitive stuff in one browser while general browsing is done in another browser/sandbox/VM.
Keep the AV program, as it can't hurt, although unless it actively blocks IP addresses of malware sites, it will likely be bypassed by a "0-day" exploit (which come out quite often.)
Of course, here is one fact from personal experience: Most exploits these days are via security holes served up from ad servers or web pages. They attack the browser and its add-ons. Usually no AV program will intercept this since a compromised instance of the Web browser in memory doesn't "look" to different from a regular instance unless the AV program constantly looks at other program's process space (very slow.) Since there are no executables or Trojan horses sitting on the hard disk (the code is loaded into the Web browser itself), there is nothing for a scanner to find until the rootkit gets downloaded/installed.
So, the first line of protection is isolating the Web browser from everything else. I prefer to run my Web browser in a sandbox, and that running in a VM, but just running the Web browser in a sandbox will go far to stop unknown attacks from compromising the entire machine. It also is wise to do security sensitive stuff in one browser while general browsing is done in another browser/sandbox/VM.
Keep the AV program, as it can't hurt, although unless it actively blocks IP addresses of malware sites, it will likely be bypassed by a "0-day" exploit (which come out quite often.)
