The Anti-Virus Software Myth


Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.

Common sense anti-virus approach – “Dribble Snort”

(Ed. note: With a name like “Dribble Snort,” it has to be good. :))

Let me start by stating that I am sure I will receive many flames for my views on anti-virus software and its use (or lack thereof)

All I can say is if you want to email me about it, you can reach me at [email protected]

The point of this article is simply to expose the myth surrounding the “dire need” for anti-virus software.

This does not mean that you shouldn’t have software like firewalls or spyware detectors like Ad Aware.

It just means that with a few minor modifications to your behavior, and a few minor modifications to your system, you do not “need” to shell out $70 for anti-virus software.

First, a little background on my experiences with computers. I have been using computers since I was 12 years old. That’s not a big deal. A lot of people these days can make that claim. However, since I am now 35, I can say that 21 years of experience has taught me more than the basics.

I was using computers long before the Internet became a public road. In all 21 of those years of visiting BBSes, warez sites, pr0n sites, and the like, I have yet to become infected with a single trojan or virus, or have a malicious java script crash my system.

Does this mean that I can guarantee that I will never get infected? No. I cannot guarantee that. But neither can your anti-virus software!

Most people order a new machine from a maker like Gateway or Dell, and it comes with anti-virus software pre-loaded. You usually get 30 days of free use before you are forced to fork over the money or buy a different product from a competitor.

At the end of those 30 days, I recommend you uninstall the anti-virus software and DO NOT PURCHASE NEW ANTI-VIRUS SOFTWARE!

Why? Because there are some simple steps that you can take to prevent yourself from being infected, none of which requires the purchase of anti-virus software. In fact, I’d say that the effectiveness of my method is greater than that of the anti-virus software companies.

My methods? Simple.

1) NEVER, N-E-V-E-R open emails from people you don’t know! How hard is that? Based on the sales of anti-virus software, you’d think it seems too hard for most users. However, just because it “seems” too hard doesn’t mean it “is” too hard.

2) Never use Outlook Express. NEVER. N-E-V-E-R. Use a program like “The Bat” email program (mind you, I’m talking family, not corporate PC). It doesn’t prevent you from sending or receiving pictures, music, or files. It just provides easy email composing, sending and receiving. It contains many, if not most of the same features of OE, without the vulnerabilities evil code creatures target.

3) What about receiving .doc or .xls or .ppt files that may contain macros, and possibly macro viruses? What do I do about those files?

There are two ways to deal with these types of files.

  1. Get a free email account like yahoo for your email! Besides being able to access your email from any area, you can scan your incoming emails with yahoo’s anti-virus software. Let Yahoo pay for the software to scan your emails!

  2. Many businesses today require you to send your resume as a text document. This is to prevent macro viruses from running. Same with xls files too. These files look the same as their .doc or .xls counterparts, they just do not allow a macro virus to execute when opened.

So make your friends and associates aware that you will only accept files in certain formats. For instance, with MS Word accept only Rich Text Format (or whatever format you choose that ISN’T in .doc format) and for MS Excel files, accept “tab separated value” files.

How hard is it to open these files? Right-click, open with, choose MS Word or MS Excel. Done. WHEW! That was DIFFICULT wasn’t it?! If it’s a good enough practice used in business for résumé’s and other corporate documents, it should be good enough for friends and family. No exceptions. NONE. Nada. Zilch. Get it?

Why? Because if you then receive a file from a family member or friend that ISN’T in one of those formats, it’s a good chance that a trojan or virus sent the email.

Simply reply to the friend/family member and ask if they sent the file in that forbidden format. If they didn’t, you have not only prevented YOUR system from being infected, you just caught the virus on a friend/family member’s system

4) Have friends and family send you links to .exe files with a description or screenshot of what they do or how they look, instead of the .exe file itself.

If the programs are so good that they felt the need to share, chances are they’re already on www.tucows.com or www.download.com . They scan their files for viruses regularly.

If you receive a file from a friend or family member with no description, screenshot, or message telling you about the program, chances are, they didn’t send it anyway. Most likely, it was a virus or trojan program that sent it.

5) Disable VB and Java Scripting in your browser, or use a browser like Mozilla or Opera.

6) Install a firewall like “ZoneAlarm” or “Tiny Personal Firewall” to prevent hackers from getting into your system, and install spyware detectors to keep the online tracking and popups from driving you to distraction.

Are these suggestions 100% guaranteed to stop any and all virus infections? Trojans too? Malicious scripts also?

No. They aren’t. Then again, if you read the disclaimer on the virus software you just paid $70.00 for THEY don’t guarantee they’ll stop any of these things either!

My methods have stopped a higher percentage (read 100% so far over 14 years) of viruses for $70.00 less. Take that $70.00 and use it to feed your kids, pay bills, or buy computer stuff!

Dribble Snort

Loading new replies...

UnseenMenace

UnseenModerator

5,433 messages 0 likes

** Quick Links **
links featured through this thread and others will be presented in a list here for quick future refrence.. feel free to PM UnseenMenace with a usefull link

a) Spam Cop... http://spamcop.net/
b) Email Security Test... http://www.gfi.com/emailsecuritytest/

Reply Like

XWRed1

Senior Member

4,464 messages 0 likes

Originally posted by UnseenMenace
1) What mail client do you use... do you consider its standard settings to be safe or have you changed them ?

Sylpheed and mutt. I consider the defaults to be safe.

2) Has your email client ever mailed a virus to someone in your address book ? - How did you feel about this

No. And I feel good.

3) Do you use the protections listed in this article ? If not what do you use to protect yourself

Sort of. My main protection is that I don't use Outlook.

4) Do you allow executables such as .exe, .com, .bat, .src, .pif, .js, .vbs to be sent to you via email ?

Yes, why not? I have nothing to fear.

5) Are we the users part of the problem with out attitudes towards virus?

Maybe not us specifically, but it is DEFINATELY a user problem. The whole thing (Sobig.F) is perpetuated by a social engineering trick, not a technical exploit. You have to patch the users, not the system.

6) Can companys producing email software such as Microsoft do more, Should they ?

Not really, and not really.

6) Is the following good advice as suggested by the article? Do you follow it

Good advice for the typical user, I think.

7) Is Anti-Virus software overated and relied on more than common sence?

Most definately. No AV here, no need for it. No infections either.

Reply Like

click to expand...
JigPu

Inactive Pokémon Moderator

6,578 messages 0 likes

1) What mail client do you use... do you consider its standard settings to be safe or have you changed them ?
2) Has your email client ever mailed a virus to someone in your address book ? - How did you feel about this
3) Do you use the protections listed in this article ? If not what do you use to protect yourself
4) Do you allow executables such as .exe, .com, .bat, .src, .pif, .js, .vbs to be sent to you via email ?
5) Are we the users part of the problem with out attitudes towards virus?
6) Can companys producing email software such as Microsoft do more, Should they ?
6) Is the following good advice as suggested by the article? Do you follow it
7) Is Anti-Virus software overated and relied on more than common sence?
8) What is your opinion of the Article ?

1. I've never used an 'on computer' mail client, and never will. If I have to physically download an e-mail to my computer wether or not I want to read it, it's not cool. (Thus, I use webmail clients. Stuff stays on the server unless I click it)

2. Nope, never.

3. Yes. It's common sense on a roll :D

4. I can't stop what users attach to their e-mails, but I don't EVER open anything executable. If they urgently need to give me an executable, they can point me to the web address they got it from.

5. I don't know if we have an additude towards virii, but if we do, then we are most certanly part of the problem. People who are complacent help the problem spread.

6. Not really, no.

7. Anti-virus software is somewhat overrated. By this I mean that in my 5 years of internet access, I have caught 2 virii, with 1 of them debatable as an actual virus. If you use common sense and don't browse 'bad' sites, or haphazardly open e-mails, then your chance of infection is so low, it's not really going to happen.

However, I don't think that AV software should be abandoned altogether. Even though I believe myself to be fairly conservative about my internet activites, I still got 2 virii. Each virus was caught as it was downloaded to my computer and so even if AV is reactionary as Ed says, there's a BIG difference between reacting in time to stop something before anything happens, and reacting once per week after you've infected several others. I'd much rather stop myself from being part of the problem by stopping the 0.001% of virii that slip through my proactive efforts.

8. Good article, but Ed makes it sound like AV has no use in this world. Think about what would happen if there was no AV software and people still behaved on the net and with e-mail the way they do. Virii would be on the rampage, and nobody could do anything. At least the "stoopit" software could stop an infection and protect your computer from a virus' payload as long as you're smart enough to keep the dang definitions up to date!

JigPu

Reply Like

click to expand...
Deathknight

Member

3,652 messages 0 likes

The downside to opening mail in a web browser is IMHO that its in a web browser (pretty much the least secure program on your pc if you are using IE). There are plenty of poor people out there that have activeX controls enabled on their security settings that can have all sorts of nasty stuff emailed to them if they either use a web browser or have the view as html option turned on in their email program. If you want to be as safe as safe can be then I think the better option would be to run a text only email program like pine.

Reply Like

Audioaficionado

Sparkomatic Moderator

12,366 messages 22 likes

1) What mail client do you use... do you consider its standard settings to be safe or have you changed them ?

Pegasus, yes

2) Has your email client ever mailed a virus to someone in your address book ? - How did you feel about this?

Never, slept well

3) Do you use the protections listed in this article ? If not what do you use to protect yourself?

Some of them, it's mostly just uncommon common sense :p

4) Do you allow executables such as .exe, .com, .bat, .src, .pif, .js, .vbs to be sent to you via email ?

Only if it's prearranged with the sender. Then I always send an email prior to the one with the attachmet stating the file type and size. I expect no less from others.

5) Are we the users part of the problem with out attitudes towards virus?

Not the savvy users, only the majority of the average willfully ignorant users.

6) Can companys producing email software such as Microsoft do more, Should they ?

They could have but they didn't, now it's too late as the barn is empty now. I don't want any of their draconian technology forced on me since I'm not causing the problems.

7) Is the following good advice as suggested by the article? Do you follow it?

* Do NOT use programs like Outlook and Outlook Express!
* Do NOT open emails from people you do not know!
* DO NOT OPEN ANY EXECUTABLE ATTACHMENTS (.pif .src, .exe, etc) from ANYONE!!!

Yes, yes, it depends on the circumstances

8) Is Anti-Virus software overated and relied on more than common sence?

Some brands are but some are useful as an additional layer of protection, yes they aren't as reliable as good safe practices.

9) What is your opinion of the Article ?

Overall it was good but I still disagree with never accepting attachments and that AVS is useless.

Reply Like

click to expand...
unreal

Registered

1,842 messages 0 likes

1) What mail client do you use... do you consider its standard settings to be safe or have you changed them ?
2) Has your email client ever mailed a virus to someone in your address book ? - How did you feel about this
3) Do you use the protections listed in this article ? If not what do you use to protect yourself
4) Do you allow executables such as .exe, .com, .bat, .src, .pif, .js, .vbs to be sent to you via email ?
5) Are we the users part of the problem with out attitudes towards virus?
6) Can companys producing email software such as Microsoft do more, Should they ?
6) Is the following good advice as suggested by the article? Do you follow it
7) Is Anti-Virus software overated and relied on more than common sence?
8) What is your opinion of the Article ? ?

1. pmmail2k pro, changed
2. nope
3. yes, norton 2k3 systemworks
4. nope
5. not to sure about this one..
6. not sure if they should....
7. i dont think so always,, id rather be sure when i dload new software or crack
8. for the advance user this would be true, but not always

Reply Like

click to expand...
UnseenMenace

UnseenModerator

5,433 messages 0 likes

Im currently using Kmail which is part of the KDE desktop, the configurations I have kept as standard, however I do believe that its settings are a little over the top as it even does not allow email with HTML tags.
I generally do not use the address book situated in the email client to ensure that I do not contribute to the distribution of virus.
I use all of the precautions listed in the article other than spam cop, I do however use a lot of email forwarding services.
I personally think that the companys producing email software should do more and can do, not in the matter of how they create or market the software but how they configure it... I believe that the default settings of all email clients should not accept executables and scripting and as such anyone who changes these settings must be aware of the implications they have.
I fail to see what use HTML tags and scripting has in a email.. if the point can not be made in text i personally do not think colours, fonts and scripting is going to make much difference...
I do think that users are part of the problem we have the attitudes in general that its not my problem if it does not effect my system... this is wrong, I myself though must admit to being guilty of this.
I do think antivirus software is by large overated.. I do not give my personal email address out on many websites and have an account specific for this purpose, I recieve minimal spam and have never had a virus.. this is in contrast to my daughter whom gets viruses on a regular basis, this suggests that a lot of the problems are related to how we behave and what services we use in general

Reply Like

click to expand...
Stedeman

The Half Asleep Member

2,408 messages 0 likes

I "ONLY" use web based email (I have my eBay mail on yahoo and only get about 3 spams a week if that) I live by the KISS rule. And the only viruses I have gotten have been handed to me via USB drives

Reply Like

M
Malpine Walis

Disabled

2,521 messages 0 likes

1) What mail client do you use... do you consider its standard settings to be safe or have you changed them ?

Netscape 4.7. I don’t think it has much in the way of settings to change. Even if it does, I haven’t bothered to go looking for them.

2) Has your email client ever mailed a virus to someone in your address book ? - How did you feel about this

I don’t maintain an address book so it is not likely that a virus could get out of my system, if I ever had one to get out.

3) Do you use the protections listed in this article ? If not what do you use to protect yourself

Yes, yes and I would not know as I have never received an executable attachment from anyone I would trust that much. Most of my email is from spammers and hits the trash unviewed.

4) Do you allow executables such as .exe, .com, .bat, .src, .pif, .js, .vbs to be sent to you via email ?

See above.

5) Are we the users part of the problem with out attitudes towards virus?

Most people are part of the problem because most people just want stuff to work and they don’t take the time to understand what is going on inside their computers. In fact, the number of corporations that got hit despite having IT people who are supposed to prevent this type of stuff shows how easy it is to get complacent.

6) Can companys producing email software such as Microsoft do more, Should they ?

Can they? Yes. Should they? That depends on what we expect of them. If the more they are going to do involves amending a EULA so that our privacy continues to erode then no. If the more they are going to do is fix the problems they have created in the first place, that would be nice. Like that is ever going to happen.

6) Is the following good advice as suggested by the article? Do you follow it

Yes but not because someone ever told me to. In fact the only virus I have ever received was from a download from AOL (they claim that stuff is supposed to be scanned by the latest and greatest software – in a pigs ear it is).

7) Is Anti-Virus software overated and relied on more than common sence?

Well, I scan everything I download just on principal. However, I think the question is not is it overrated but do some people assume that it is something it is not. A fair number of people think of AV software they way they think of condoms. If they have it, they are protected. Of course this is just not the case. If you don’t update it periodically, then you are not protected the way you think you are.

Of course common sense provides a measure of protection in itself and does not need to be updated weekly. However, if common sense was so common we would not see widespread virus outbreaks every month or so.

8) What is your opinion of the Article ?

It points out the fact that it is possible to run virus free without AV software. As long as one is reasonably cautious with one’s computer that is. However, there is still a place for AV software for most people.

Reply Like

click to expand...
B
BaldHeadedDork

Member

1,490 messages 0 likes

I'm going to jump to the last question.

8) What is your opinion of the Article ?

No personal offense to the author, but this piece left a bad taste in my mouth.

The advise is 100% correct. And for the great majority of people who will post here, it is a case of preaching to the choir. Will everyone here who didn't know not to open an executable attachment please raise your hand? Thank you.

Maybe I'm wrong, but I presume articles like this are written for people who don't already know how to protect themselves from virii. From that perspective, the tone of this article was really obnoxious. Like too many tech articles, it reads like the writer was trying to demonstrate how smart he was instead of concentrating on helping the reader understand.

And the "stippers and beer" line in the lead only belongs in a general circulation article if you are trying to amuse fourteen year-old boys.

BHD

Reply Like

click to expand...