Do we really need anti-virus software??

@B8

I am not using / talking about m (mobile)-TAN (ID) authentication, I am talking about an optical INTERFACE / unique chip-card to receive data. This is safe and hasn't been 'cracked' so far.
There is NO BIOS virus / malware, but I see a problem with UEFI though. If you think you are right, just point to one!!!

To monitor incoming and outgoing IP data / ports is the best you can do. You need a firewall and a router.

Most of the PC users either are paranoid (like you, lol) and point to articles about malware / risks but never have related the potential risk to REAL conditions / situations, .......or they feel safe (have installed AV / firewall) and don't know anything about malware / how to configure a FW properly (psychological induced pseudo-safety, lol).

Don't spread 'panic' when there is no reason for....have you ever encountered damage?? I guess not.
There is no absolute safety you can install what you want, you never will be safe. But the chance to encounter a damage is very low, though.

 

Oh yes I can understand that, too.

2 months ago a friend has called me in the night. He rebooted his PC and a window appeared:

Your copy of windows is not genuine, ident. number such as 45848DSE35535.

Then some ‘impressing data’ read from the registry / ipconfig.
ISP, OS version and install date…..

It came with a ‘possibility’ to pay for a license key by money transfer.
Also they threatened to transmit the IP to the prosecution. And they posted the corresponding laws.

The page looked very professional, just like made by M$.

I told him to stay cool, this is not M$ this is malware.
Next day I analyzed his PC.
He must have visited a site that has modified HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Shell pointed to the malware not to Explorer.exe.

He wasn’t able to log-in. At the page shown by the malware was written that he must pay the key within 48 hours to unlock his PC.

He of course was shocked. I laughed about, lol.
I repaired his PC then…..

This is a M$ / windows problem. Windows is the most insecure OS. You need to patch it in time.
If you want to avoid issues (banking) use Linux, it’s far more secure.

But what’s important to me I want to add.

You cannot gain security and safety by installing something. You gain security by knowledge / thinking about the potential risk.
I want people to evaluate!
Knowledge and awareness kill fear.

Let’s start:

What is stored on your PC?
What happens to you if anything becomes deleted?
Have you made backups?
Do you use it for banking? Do you use a secure banking system?

What is the worst case scenario? Could you live with it if it should become true?

You should be aware of the worst case scenario. (Loss of access / all data)
A worst case scenario regarding malware is basically not different to a HDD crash. (Except banking issues).

Far more important than to install AV is your PC behaviour.
Do not store passwords locally, use safe passwords.
Delete anything cached after banking.
Make backups of your data.
Make an image of your clean PC right after install.
Use windows update frequently.

Use a free AV and a free FW at least (I recommend AVG and the Comodo firewall). Comodo isn’t just a firewall, it monitors the registry also.
You may use them with default settings.
‘Sit’ behind a router.


If you take these points serious then you don’t have to be paranoid or afraid.
You know that even if the worst case scenario should happen, you in fact have lost nothing.
Only thing is that you have to make some effort to restore the original condition of the PC.

You don’t have to be an expert at this. Just think about what might happen BEFORE it really happens, that’s all.
If you are more interested I suggest to read about ports / IP addresses / firewall configuration.

Regarding banking, if you want to be absolutely secure. Boot your PC with a Linux CD that can access the internet with firefox browser.
After you are finished, remove the CD and reboot the PC to your insecure windows.


Most of my friends are not cool regarding PC security. One of them never dared to pay with credit card on his own PC, lol.

I do anything, (banking, credit card payment, paypal, money transactions, even stockjobbing ….) I take care of the points I have posted here.

I never had issues. I am not afraid, I don’t watch my IP traffic frequently. But it's quiet when I do nothing.
Another windows problem is that there are services and apps which access the internet even though they don't need it.

But I am sure I am no bot: My ports are closed, lol.
Paranoid people are people with lack of awareness.

 

Read your linked 3 years old article (heise) closely and you'll notice that it is a proof of concept only. (There is no space left on the chip to write the root kit's code and every BIOS is different).

The described scenario (an artificial one with a particular chip and a particular BIOS): They were able to make a root kit to write 'its code' onto the chip.

No word about:
Was the chip empty?
What is its code? How big? Malware??


The other 'case' mentioned there was malware which has erased the BIOS. This is NO BIOS virus and it's old stuff from 1986!!!

So you are exactly behaving like I have posted:
Most of the PC users either are paranoid (like you, lol) and point to articles about malware / risks but never have related the potential risk to REAL conditions / situations....

I modify BIOSes since 2007. I know it better. The article is full of useless statements. It's sad people cannot recognize what's good journalism and what's not.
It's clearly sensational journalism and you've fallen into the trap. Heise is known to be yellow journalism, you need far more to 'convince' me!

I have deleted all the posts which are against the rules (not in English language).

 

I have to disagree a bit . 'Stupid' is to believe that with an AV installed you are safe. A firewall is far more important.
You need your ports closed (firewall) that's all.

The AV might prevent that malware such as a keylogger /trojan can install.
But a firewall prevents the keylogger / trojan to do their jobs, to send data through the net.
The AV might fail if the signature updates are too old. A firewall always keeps the related ports closed and detects if an app wants to send.

An AV is only as good as its signature database. Better know how malware works and prevent its actions! Dangerous malware is malware that phones to somebody. (To transmit personal data). To lose local data should be no real damage.

To harm it needs open ports.

AVs are by far overestimated, but should be used as additional protection (freeware) only.

 

@B8
You need to argue with facts to keep up with me. Do not try to figure what I know since you are not able to.
I explicitly excluded UEFI since I do not know what will be possible yet.

To summarize my post #27 I can give this advice to everybody:

-sit behind a router, UPnP must be disabled (UPnP can be used by programs to change security related settings)
-backup your local data frequently
-run windows update any time (automatic)
-install a good firewall (even though most routers have one already included). I highly recommend Comodo free firewall. It protects very well with default settings already.
-install an AV such as Avast or AVG. Run signature updates every time when you switch on your PC.
-check your surf behavior, avoid bogus sites, enter every time the original url when banking into the browsers address bar, no redirections
-clear history of the browser, do not store any passwords
-use FF or google chrome, avoid IE
-Install an original, unmodified copy of windows only.

This should be no problem for a 'ordinary' PC user.
Anyway do not forget an AV is an additional protection and not THE protection.

If you are interested in more read about IP addresses and protocol / ports / port forwarding /common ports /port release / UPnP


I have repaired a lot of infected PCs of some friends. I have installed a firewall and a AV and I exactly have advised what I have posted here.
I am using the internet since 1993 and never had issues concerning malware. I never used paid software to protect.
Norton Internet security for instance is a huge package and slows down anything, it's useless.
Some companies make money with the fear of others, furthermore they feed the fear to justify their products.

Recent days we cannot make our jobs without a PC. At companies we have admins who are responsible for the security of the net. At home the user is. If you know nothing about security then make the effort to gain knowledge.
Ask friends about.
When you learn how to work with a PC, then security related things are a must. It is not different with other things, some things just belong together.