• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Interesting Artical Trend Micro: Antivirus industry lied for 20 years

hatab

VIP Member
VIP Member
Premium Member
Joined
Jul 12, 2001
Messages
6,266
Likes
113
#1
No real surprise, it makes a change for one of the ceo's to come out and say what we all know that no av solution is 100%

Trend Micro: Antivirus industry lied for 20 years

Tom Espiner ZDNet.co.uk

Published: 30 Jun 2008 11:31 BST

Trend Micro: Antivirus industry lied for 20 years

Eva Chen, chief executive of Trend Micro, has strong views about how effective the antivirus industry has been over the past 20 years.

According to Chen, the security industry has over-hyped how effective its products are — and so has been misleading customers — for years.

Chen believes that no single company can offer adequate protection against the sheer volume of new viruses that are being churned out by cybercriminals. According to the security industry, five and a half million new samples were detected in 2007.

Q: Trend Micro has recently moved to an 'in-the-cloud' service. Surely traditional security methods are still effective enough?
A: In the antivirus business, we have been lying to customers for 20 years. People thought that virus protection protected them, but we can never block all viruses. Antivirus refresh used to be every 24 hours. People would usually get infected in that time and the industry would clean them up with a new pattern file.

In the last 20 years, we have been misrepresenting ourselves. No-one is able to detect five and a half million viruses. Nowadays there are no mass virus outbreaks; [malware] is targeted. But, if there are no virus samples submitted, there's no way to detect them.

But how about analysis using other methods? You don't need to rely solely on antivirus.
Every year there's a new industry buzzword, but they always fail. Heuristics use a rule to inspect the file, but virus writers know this. They split the complete malicious program into different files, and download each file to test it against the heuristic rule. Each file looks innocent but, when combined, they become a virus.

People thought that virus protection protected them, but we can never block all viruses


Eva Chen, Trend Micro

Three years ago, the buzzword was 'personal firewalls', but you can't block everything. To have an effective personal firewall, you'd have to block port 80, but HTTP uses port 80. If you blocked that, no-one could use [the internet].

HIPS [host-based intrusion-prevention systems] have a lot of rules to tell if this application is trying to touch another application. HIPS behavioural monitoring requires files to be executed, so virus writers make sure they evade the rules.

So isn't 'in-the-cloud' computing suffering from the same hype?
Trend Micro has gone to cloud computing because it's a necessity. Usually, hackers now infiltrate websites. When a user clicks on a URL they are redirected to a malware-hosting site. They download the first components, usually a downloader, which downloads more components and a recompiler.

Two Trend Micro sites were infiltrated in March, weren't they?
That shows that it's everybody's problem. Our websites were outsourced and, in [website code], there are a lot of commands that can be compromised. An attacker can insert an Iframe through SQL injection. It was an Iframe-injection attack on the page we outsourced to a developer. I don't know which development company it was.

Do you know who attacked the Trend Micro sites?
We don't know who did it. It was a mass attack — 20,000 sites — so very hard to trace.

Trend Micro is in the process of a lawsuit against Barracuda Networks over a patent dispute. As Barracuda uses the open-source ClamAV engine, there has been disquiet in the open-source community that any company that incorporates ClamAV into a gateway-security product will be sued by Trend Micro. Is this the case?
I'm suing Barracuda, not ClamAV. The patent is about how to stop viruses in transmission. We've traded patents with IBM and Symantec, and settled with McAfee when they were Network Associates. We won the litigation with Fortinet. We respect other people's intellectual property; we just want people to respect ours. This has nothing to do with free software. It's about the implementation.
 
Last edited:

Jooooles

Inactive User
Joined
Sep 14, 2006
Messages
6,326
Likes
66
#2
I use trend micro internet security 2008 (not pro) though and think its the best anti-virus ive ever used user freindly and very safe I have a kgen if anyone wants to share the fun lol
 

Seedy_r0m

DW Regular +
Joined
Mar 22, 2005
Messages
4,232
Likes
311
#3
Anyone who thought that their AV was 100% effective is sadly deluded.

All they could ever hope for is to catch the vast majority out there in the wild.

The only way to stay virus free is to:

Remove your computer from the network.
Do not load any software onto your machine.
Disable, Floppy, USB, CD, DVD drives.

Use Linux as an OS, or use a Mac.
 

hatab

VIP Member
VIP Member
Premium Member
Joined
Jul 12, 2001
Messages
6,266
Likes
113
#4
Anyone who thought that their AV was 100% effective is sadly deluded.

Use Linux as an OS, or use a Mac.

but there are people who do believe that, you only need to look at the posts on this forum where av is endlessly discussed and members argue as to which is best. there will be posts saying "ive used x or y product for 10 years and never had a virus" and they will believe it if you try and suggest running a different software package and scanning they will steadfastly stick to the same "known" program.

i agree linux or mac are much less likely to be affected but there are a few nasties out there for them too.

it was just a nice artical bringing av companies out in the open....
 

Jooooles

Inactive User
Joined
Sep 14, 2006
Messages
6,326
Likes
66
#5
Its true that none are 100% thats why i tend to try and scan with different ones when the free scan options come available of there sites however some good advice is dont use adult sites (urls) dont use torrents and dont use limewire edonkey are what ever these free p2p sites share

especially looking for cracks and kgens on weraz sites is a nightmare stick to newzgroups and read comments closley

i downloaded a OS of a certian member on here not long ago and it was ridded with trogans

just read and be carefull its not the antivirus that lets you down its YOU ?
 

nozzer

VIP Member
VIP Member
Joined
Jan 25, 2005
Messages
6,662
Likes
72
#6
The only way to stay virus free is to:

Remove your computer from the network.
Do not load any software onto your machine.
Disable, Floppy, USB, CD, DVD drives.

Use Linux as an OS, or use a Mac.
A simpler way is probably to just use a virtual PC to do all your internet work, run keygens or whatever. Once you've done the job just abandon the session and return it to a clean VM ready for next time.

I tend to use a Win98 session as its relatively quick to load. If it does get infected you dont really care as the host is insulated.