The Anti-Virus Software Myth

Add Your Comments

Common sense anti-virus approach – “Dribble Snort”

(Ed. note: With a name like “Dribble Snort,” it has to be good. :))

Let me start by stating that I am sure I will receive many flames for my views on anti-virus software and its use (or lack thereof)

All I can say is if you want to email me about it, you can reach me at dribblesnort@yahoo.com

The point of this article is simply to expose the myth surrounding the “dire need” for anti-virus software.

This does not mean that you shouldn’t have software like firewalls or spyware detectors like Ad Aware.

It just means that with a few minor modifications to your behavior, and a few minor modifications to your system, you do not “need” to shell out $70 for anti-virus software.

First, a little background on my experiences with computers. I have been using computers since I was 12 years old. That’s not a big deal. A lot of people these days can make that claim. However, since I am now 35, I can say that 21 years of experience has taught me more than the basics.

I was using computers long before the Internet became a public road. In all 21 of those years of visiting BBSes, warez sites, pr0n sites, and the like, I have yet to become infected with a single trojan or virus, or have a malicious java script crash my system.

Does this mean that I can guarantee that I will never get infected? No. I cannot guarantee that. But neither can your anti-virus software!

Most people order a new machine from a maker like Gateway or Dell, and it comes with anti-virus software pre-loaded. You usually get 30 days of free use before you are forced to fork over the money or buy a different product from a competitor.

At the end of those 30 days, I recommend you uninstall the anti-virus software and DO NOT PURCHASE NEW ANTI-VIRUS SOFTWARE!

Why? Because there are some simple steps that you can take to prevent yourself from being infected, none of which requires the purchase of anti-virus software. In fact, I’d say that the effectiveness of my method is greater than that of the anti-virus software companies.

My methods? Simple.

1) NEVER, N-E-V-E-R open emails from people you don’t know! How hard is that? Based on the sales of anti-virus software, you’d think it seems too hard for most users. However, just because it “seems” too hard doesn’t mean it “is” too hard.

2) Never use Outlook Express. NEVER. N-E-V-E-R. Use a program like “The Bat” email program (mind you, I’m talking family, not corporate PC). It doesn’t prevent you from sending or receiving pictures, music, or files. It just provides easy email composing, sending and receiving. It contains many, if not most of the same features of OE, without the vulnerabilities evil code creatures target.

3) What about receiving .doc or .xls or .ppt files that may contain macros, and possibly macro viruses? What do I do about those files?

There are two ways to deal with these types of files.

  1. Get a free email account like yahoo for your email! Besides being able to access your email from any area, you can scan your incoming emails with yahoo’s anti-virus software. Let Yahoo pay for the software to scan your emails!

  2. Many businesses today require you to send your resume as a text document. This is to prevent macro viruses from running. Same with xls files too. These files look the same as their .doc or .xls counterparts, they just do not allow a macro virus to execute when opened.

So make your friends and associates aware that you will only accept files in certain formats. For instance, with MS Word accept only Rich Text Format (or whatever format you choose that ISN’T in .doc format) and for MS Excel files, accept “tab separated value” files.

How hard is it to open these files? Right-click, open with, choose MS Word or MS Excel. Done. WHEW! That was DIFFICULT wasn’t it?! If it’s a good enough practice used in business for résumé’s and other corporate documents, it should be good enough for friends and family. No exceptions. NONE. Nada. Zilch. Get it?

Why? Because if you then receive a file from a family member or friend that ISN’T in one of those formats, it’s a good chance that a trojan or virus sent the email.

Simply reply to the friend/family member and ask if they sent the file in that forbidden format. If they didn’t, you have not only prevented YOUR system from being infected, you just caught the virus on a friend/family member’s system

4) Have friends and family send you links to .exe files with a description or screenshot of what they do or how they look, instead of the .exe file itself.

If the programs are so good that they felt the need to share, chances are they’re already on www.tucows.com or www.download.com . They scan their files for viruses regularly.

If you receive a file from a friend or family member with no description, screenshot, or message telling you about the program, chances are, they didn’t send it anyway. Most likely, it was a virus or trojan program that sent it.

5) Disable VB and Java Scripting in your browser, or use a browser like Mozilla or Opera.

6) Install a firewall like “ZoneAlarm” or “Tiny Personal Firewall” to prevent hackers from getting into your system, and install spyware detectors to keep the online tracking and popups from driving you to distraction.

Are these suggestions 100% guaranteed to stop any and all virus infections? Trojans too? Malicious scripts also?

No. They aren’t. Then again, if you read the disclaimer on the virus software you just paid $70.00 for THEY don’t guarantee they’ll stop any of these things either!

My methods have stopped a higher percentage (read 100% so far over 14 years) of viruses for $70.00 less. Take that $70.00 and use it to feed your kids, pay bills, or buy computer stuff!

Dribble Snort

Leave a Reply

Your email address will not be published. Required fields are marked *

Discussion
  1. Just a question to the people who don't use an anti-virus program, and say they don't get infected.

    How can you be absolutely 100% sure you don't have a virus?

    Not all virii mess up your computer so bad they become unusable.

    All it takes though is a friend to take over a disk to your computer, open a word document and you could be infected. Some virii are spread through websites, and not just emails.

    For those that use a software firewall, how could you say NAV is bloated?
    Outlook and Outlook Express.

    No. Not in the past 4 years, so I feel fine. Just in case it does, I set up a fake Outlook contact as a catch-all for any auto-mailing.

    I use Zone Alarm, that's it. Haven't had a virus in the past 3 months. I have no Anti-Virus software and I didn't catch the SoBig virus.

    Yes.

    It depends on the user. If you know what you're doing, you don't need anti-virus.

    Maybe, but I'm sure it would be at the cost of functionality.

    No. I use Outlook and Outlook Express w/no problem and the are easy to use. I do not open executables from people I don't know.

    YES! Zone Alarm is all I use. Prevention is the best method.

    Makes some good points, but most are overkill.

    My methods:

    -Install a firewall (hardware and/or software)

    -Disable auto-running of any scripts/ActiveX controls

    -Don't open attachments or files from people you don't know.

    -Create a fake invalid address book contact such as (FakeContact@@.com) so any auto-mailing will prompt you that this address is not valid and will therefore stop the mailing process.

    -Which E-mail software you choose to use is irrelevant.
    Skipping to the last two questions, yes it is relied on more than common sense alot of the time.

    The article was ok, but it basically stated AV software has no use, I think it still does it can stop spreading from the more ignorant folks that dont bother with precations.

    Also, my AV software is free(Computer Associates Etrust promotional, with free definitions) and most motherboards come with pccillin etc, so 99% of people that build pc's should have AV Software for free.
    I use Outlook and Eudora, depends on my mood, and Yahoo, hotmail etc via Mozilla Firebird (if that counts).

    Nope, never gotten one in the mail, ever.

    Common sense and Norton, but really only when I am dling things that I KNOW could be virus's, I just scan them w/ it. I don't Dl attachment fies unless they are text or sent by me.

    I think SOME user's, just because they dont use a lil commone sense, my mom for example dled and ran a 3byte .bat abou 10 times thinking it was an audio file.

    Ya, ya, except for not using anti-vi software.

    Tes.

    Good but I think it denys some good aspects of Anti-Virus Software.
    Thanx for that gfi.com link. I'm being tested and so far so good on my end. Pegasus and AVG are nailing all suspect files.

    Charter OTOH passed virtually all suspect email attatchments. I'm not surprised as I've talked with them and their philosophy is to just provide a broadband internet connection and figure it's up to the users to protect themselves. If something gets through and burns you, too bad and better get yourself effective protection.
    1) Mainly Thunderbird, and sometimes Eudora (different mail accounts). They're safe enough for me. I highly recommend these tests for your mail client to derive how secure it is.

    2) Nope. And just a note: my address book is fairly empty. Most email addys I remember off hand, or use the reply to button.

    3) Not really. I don't use MS mail clients at home (outlook @ work :(), I use an email virus scanner and I don't get email from anyone I don't know (and if it does have an attachement, it will really depend on what it is before I open it. However, there is no "I'm not going to open any attachements" rule in my book.

    4) Usually don't get any, but if I know it's coming, from a trusted friend, and my AV software didn't catch it, I see no reason not to.

    5) Are users not mad enough at viruses? I don't think that's the issue. I think the issue is that some people are grossly misinformed about viruses and email altogether.

    6) I think they have done a lot. A lot of companies that offer email software are usually on the ball about bug and exploit fixes. Microsoft, having the largest market share, and if you pardon my prejudice, the dumbest audience, so they are the biggest target. All email clients have bugs and exploits. Microsoft is being picked on because of the number of infectable boxes is large, and the users are generally dumb. They DO release fixes in a timely manner, like all other software companies, but their users don't always patch.

    7) For most people yes, having anti-virus software makes you immune to viruses and stupidity.

    8) I believe the article has it's merrits. I think antivirus software took a big hit when it came to SoBig. Mainly because of the false-"your infected" messages. They caused more damage than the virus itself. That only happened because the virus decided to do something different than all other email viruses, change the "from" field. In the past, however, it allowed countless unknowing users to know that they were infected. (And was a good thing until SoBig came along)

    Personally, I don't get any spam, or viruses. I didn't get a single copy of SoBig at any of my 4 email accounts. I havn't gotten spam in years. The trick that I've found is to not overly communicate your email address. I've found that www.sneakemail.com is an invaluable resource when filling out online forms, or the "email address" line on surveys at conventions. Only a tight-knit group of my friends know my email address, and they're smart enough not to (A) hand it out, and (B) get infected with a virus that would hand it out. I also don't post it to any sites or mailing lists.

    With that said, I am a firm believer that being smart about email can go a long way. However, it does not replace a virus scanner a good email program, and keeping up to date with updates and patches.

    Here's the links again, just incase you skimmed the rest of my post ;)

    http://www.gfi.com/emailsecuritytest/

    http://www.sneakemail.com/
    3) Do you use the protections listed in this article ? If not what do you use to protect yourself.

    I've used Trend Micro's PC-Cillan for about 5 years.I've always updated it and had the real time monitor operating 24/7 except when defragging or installing somthing.I've NEVER had a virus.Not 1 system crash either.It uses about 14k of resources on my system,maybe a little more with the firewall.Ive never felt any slowdown aside from the fact I have an xp2500 with 1gig of ram.:)
    1) The Bat! Standard settings are quite good and filters and layout are perfect for me, much more so than outlook.

    2) No. The email client has not and should not do that. It allows html viewing but it doesn't use ie to view and non-html can be off. no active x controls either.

    3) Some- I do use an av product because I use ie and because I idle in irc chats and get files sent to me all the time(not warez) and I do scan these files before opening them. I open email from anybody that I feel like opening email from without fear because I don't use outlook and with text as the default for reading the email I don't worry about loading targeting images from spammers. I do accept attachments and scan them before execution. I have only been infected when doing so intentionally just to practive removal.

    4) Yes

    5) MS can change defaults on the email client and I believe that they have done so more recently as I ran into an attachments problem on a customer that I upgraded. The fix, which was only done to shut her up, was to return to allowing her to open certain attachments from oe. They cater to the lowest common denominator with their email programs and many of these people cannot be bothered to save attachments and inspect them before opening.

    6) I think the advice in the article can protect you, but I think it inhibits the ability to fully exploit your email functionality and can make your life more difficult than it needs to be. I allow most of those things and do not get infected, simply due to the fact that I don't use oe and I pay attention to what I'm opening. That way I don't have to spend an hour to tell someone who is completely computer illiterate how to send me files via another route when all they know if email.

    7) common sense goes a very long way. I really didn't use av software until about a year ago, and I'm glad I started using it. I was never infected and occasional ran online scans from sarc.com. I tried NAV and discovered that it sucks and switched to nod32 which really doesn't seem bloated and it gets the job done while allowing me to use internet exploder.

    8) The article is good. If everyone followed the advice in the article we'd see fewer worldwide virus outbreaks, but then if fewer people were downloading pr0n/warez/mp3's from usenet and other filesharing mechanisms you'd see fewer worldwide virus outbreaks as well. Many of these viruses use social engineering, like the email warning to users from microsoft about the latest virus that is a virus itself and most definitely not from microsoft.
    1.good old outlook express

    2. Nope

    3. common sense

    4. only if the person who sent them told me in advace

    5. Nope, ignorance is the main problem

    6. sure they can, probably

    I pretty much have to use AV software because of my schools LAN- its infested with several viruses.
    1) What mail client do you use... do you consider its standard settings to be safe or have you changed them ?

    2) Has your email client ever mailed a virus to someone in your address book ? - How did you feel about this

    3) Do you use the protections listed in this article ? If not what do you use to protect yourself

    4) Do you allow executables such as .exe, .com, .bat, .src, .pif, .js, .vbs to be sent to you via email ?

    5) Are we the users part of the problem with out attitudes towards virus?

    6) Can companys producing email software such as Microsoft do more, Should they ?

    6) Is the following good advice as suggested by the article? Do you follow it

    7) Is Anti-Virus software overated and relied on more than common sence?

    8) What is your opinion of the Article ? ?

    1.) kmail, and yes-- i dont use my email much though

    2.) no, its hasnt

    3.) for the most part

    4.) yes--

    5.) deffinetley, people just put their faith in AV's-- and dont learn about prevention (sounds like im preaching in some VD class eheeh :P )

    6.) yea i follow most of it

    7.) deffinetley, i dont use anti-viruses ever yet i never get any viruses-- just because i only download from trusted places

    8.) i couldnt agree more with it, gj
    ill add my comments (heh, who cares!). I'm a firm believer in Anti-Virus software, but not because of email...I'll explain a bit.

    1. I've used Outlook ever since Office XP came out. I've always hated Outlook Express, and all versions of Outlook. I tried Eudora and just didn't like it. On the few occasions I have Mandrake Linux up, I use the KDE mail client (im a total Linux loser/noob lol)

    Standard settings are very unsafe if you don't have an anti-virus.

    2. nope, I've never been infected with a virus. Ever.

    3. I follow a lot of the protections. Not opening dumb file extensions that I know are dangerous being the main one, and not allowing a preview pane and not allowing script actions to be run are some others.

    4. I have to allow some extensions to come in that are dangerous. Attachments, no matter what they are, are never opened from ppl I do not know.

    Ones from customers that might send me a file to help their support always get scanned with Norton's before opening (I trust me, but I don't trust anyone else) if Norton's doesn't catch it on the way in (which, btw, it has never failed me yet, but I don't fall asleep at the switch either and become complacent).

    5. yep. Users are like cows the the slaughter for the most part (not us, but general users who only do email/web surfing or those in offices that trade dumb forwarded emails lol), and will hear all about how you aren't supposed to open certain things, or that you are supposed to not only have anti-virus software, but you have to keep it updated...then turn right around and open up exactly what they were told not to.

    Users being 'afraid' of their PC is a huge factor. "its to complicated" to remember little easy things like DONT FRIGGIN OPEN ATTACHMENTS OR EMAIL FROM PEOPLE YOU DONT KNOW.

    6. I have long thought for years that Microsoft should bear the brunt of this responsibility for making it so simple and easy to create such viruses and worms...and for not thouroughly testing their OS's for true vulnerabilities and holes and overflow buffer attacks etc. How many Linux/Unix viruses are there? hrmmm, I cannot answer, as I am not a linux guy, but I dont see Linux users scrambling for fixes over viruses. I'm sure you could write one for linux, but seems more trouble than it is worth when there's good old MS just begging to be exploited.

    7. any advice that is truthful and helpful and can teach someone something is good advice.

    8. I dont think AV is overrated...I do think its a crutch that gives ppl a false sense of protection. I can't count the number of times that customers have exclaimed in complete surprise that they couldn't possibly have a virus because they have Nortons or McAffee or something else. 90% of the time they do have AV, but it has never been updated (or hasn't been updated for who knows how long) and the other 10% swear up and down they do have an AV, but absolutely do NOT (and where do they think they have it or who told them they do is what I really wonder).

    AV software can be a lifesaver if used properly, updated regularly, and you use a little common sense. Relying on it without question though is dangerous.

    9. Article is good for ppl who are savvy enough to understand exactly what it means. For the average Joe, an AV program and a hammer to the forehead every few days to remind him to

    A: update your damn AV regularly fool

    and

    B: dont be opening attachments especially from strangers...and if its from someone you know, dont be a fool, learn what is and isnt safe to open

    and while that is happening, hopefully some IT guy will come along and disable it...but for home users...who knows =/

    Travis
    Half of my 100 or so daily emails are infected I suspect. They have all the subject header titles we've been warned about and most are from spoofed addys I don't know. One is supposed to be from Microsoft demanding I install the patch sent as an attachment LOL. I get several of these a day. I just selectively download what I want and delete the rest off the server.

    Charter doesn't do any spam or other filtering like AOL and many others do. They give you a 24/7 broadband connection and figure that it's up to you to protect yourself.

    I do and so far, so good.

    I also agree that the author's attitude wasn't to my liking. But it still did have good advice none-the-less.
    It is enough to make you wonder.

    My ISP's filter has caught about 40 infected emails today. That is after catching about 7 to 8 in the last year since they instituted a virus filter.

    Yes, my email address is in my profile.

    Anyone else experience anything like this?
    One more vote for being turned off by the superior attitude.

    I've never had a virus infect my system. I was behind on patches, so I have to credit the fact that I didn't get Lovesan to the McAfee firewall I run. During that period my computer was connected to Kazaa 24/7.

    I've never noticed a significant performance hit from McAfee. And $15.00 for a year of anti virus updates won't even get me one lap dance around here.

    I still use Outlook Express. I've had no compelling reason to get another mail program. I use Netscape for my spam account.

    I'm not nearly as paranoid about attachments as most who have posted. But there have been a few that I have deleted out of uncertainty. And my ISP has been catching some infected mail lately.

    I have never sent anyone an infected email.

    No, anti virus software isn't perfect. For every measure, there is always a countermeasure.

    I know that locking my car won't stop a serious thief. But I still do it anyway.
    1) What mail client do you use... do you consider its standard settings to be safe or have you changed them ?

    I used outlook but then I started using Eudora and now I use Thunderbird (part of the mozilla project). I think that Eudora and Thunderbird are safe at default settings mostly because people don't target them as much for virii.

    2) Has your email client ever mailed a virus to someone in your address book ? - How did you feel about this

    I don't believe so. I feel good.

    3) Do you use the protections listed in this article ? If not what do you use to protect yourself

    Yes, I used to use AVG and now I use Symantec Corporate Edition which was given to me by my school.

    4) Do you allow executables such as .exe, .com, .bat, .src, .pif, .js, .vbs to be sent to you via email ?

    If I have prior knowledge from another medium that it will be sent to me, and my AV is running, yes. If I was not notified I don't touch it.

    5) Are we the users part of the problem with out attitudes towards virus?

    Yes, people are stupid. Case in point the blaster virus, it has been out for 3 weeks yet people are still getting this thing because they don't patch their computers.

    6) Can companys producing email software such as Microsoft do more, Should they ?

    They may be able to, but I doubt it.

    6) Is the following good advice as suggested by the article? Do you follow it

    I am careful about virii and as a result I am very rarely infected.

    However I think that Antivirus has a purpose and at the very least you should run a free one like AVG. For example I was simply chatting on AIM and Symantec popped up a window saying the real time scanner found a virus Nebiwo. In the last 3 days, thats happened 3 times and everytime I quarantined it. If it wasn't for Symantec I would have had 4 instances of this virus on my computer without doing anything wrong.
    I'm going to jump to the last question.

    8) What is your opinion of the Article ?

    No personal offense to the author, but this piece left a bad taste in my mouth.

    The advise is 100% correct. And for the great majority of people who will post here, it is a case of preaching to the choir. Will everyone here who didn't know not to open an executable attachment please raise your hand? Thank you.

    Maybe I'm wrong, but I presume articles like this are written for people who don't already know how to protect themselves from virii. From that perspective, the tone of this article was really obnoxious. Like too many tech articles, it reads like the writer was trying to demonstrate how smart he was instead of concentrating on helping the reader understand.

    And the "stippers and beer" line in the lead only belongs in a general circulation article if you are trying to amuse fourteen year-old boys.

    BHD
    Netscape 4.7. I don’t think it has much in the way of settings to change. Even if it does, I haven’t bothered to go looking for them.

    I don’t maintain an address book so it is not likely that a virus could get out of my system, if I ever had one to get out.

    Yes, yes and I would not know as I have never received an executable attachment from anyone I would trust that much. Most of my email is from spammers and hits the trash unviewed.

    See above.

    Most people are part of the problem because most people just want stuff to work and they don’t take the time to understand what is going on inside their computers. In fact, the number of corporations that got hit despite having IT people who are supposed to prevent this type of stuff shows how easy it is to get complacent.

    Can they? Yes. Should they? That depends on what we expect of them. If the more they are going to do involves amending a EULA so that our privacy continues to erode then no. If the more they are going to do is fix the problems they have created in the first place, that would be nice. Like that is ever going to happen.

    Yes but not because someone ever told me to. In fact the only virus I have ever received was from a download from AOL (they claim that stuff is supposed to be scanned by the latest and greatest software – in a pigs ear it is).

    Well, I scan everything I download just on principal. However, I think the question is not is it overrated but do some people assume that it is something it is not. A fair number of people think of AV software they way they think of condoms. If they have it, they are protected. Of course this is just not the case. If you don’t update it periodically, then you are not protected the way you think you are.

    Of course common sense provides a measure of protection in itself and does not need to be updated weekly. However, if common sense was so common we would not see widespread virus outbreaks every month or so.

    It points out the fact that it is possible to run virus free without AV software. As long as one is reasonably cautious with one’s computer that is. However, there is still a place for AV software for most people.
    I "ONLY" use web based email (I have my eBay mail on yahoo and only get about 3 spams a week if that) I live by the KISS rule. And the only viruses I have gotten have been handed to me via USB drives