InfoTeddy
6mo ago
It makes me wonder why so much focus and attention is given to alleged abuses of police power in the United States, to the point that certain incidents in the US also garner protests in Europe, along with various comments from international citizens criticizing America. I could understand if they believe in the ideals of freedom, life, etc. that is shared by American culture, but do they never take the time to look at their own countries and see how much worse they have it?
InfoTeddy
9mo ago
Reminds me of similar "Vision Zero" initiatives for traffic deaths to be reduced to exactly zero. Those weren't successful, either.
InfoTeddy
9mo ago
Yes, you need to detect and monitor threats. But no, an antivirus is not the sole solution for doing so and I have doubts that an antivirus alone is an adequate solution for this task. I am not arguing against the need for detection and monitoring, and there are better ways to do detection and monitoring that don't come with the added attack surface of an antivirus.
InfoTeddy
9mo ago
Would antivirus have actually detected this infection? Ignoring the fact that phones don't usually run antivirus (because they employ sandboxing security measures), in the case of FORCEDENTRY, the exploit was discovered because Citizen Lab specifically examined the phone of an anonymous Saudi activist. They don't say what exactly led to the phone being examined by them, but I'm willing to bet that it exhibited signs of infection that any general-purpose antivirus like McAfee wouldn't have detected.
Yes, sandboxing technology can still be vulnerable, but antiviruses are not a better security practice than sandboxing. Moreover - since you brought up a targeted spyware attack - if you're being specifically targeted by nation-state actors aided by NSO Group, you need to up your security anyways. So your comment that
You really can't expect every boomer pecking at a computer to know the ins and outs of security.
immediately after discussion of FORCEDENTRY confused me, because if your threat model includes zero-day attacks like FORCEDENTRY (for example, you're a political activist, journalist, or whistleblower), then yes, I do expect such a person to know the ins and outs of security. They should stay on top of their game, because their life literally depends on it. At that level of threat modeling, if you're genuinely worried about attacks from well-funded nation-states, then security is not something you can just ignore and expect to have taken care of for you.
Bad example? If you're targeted with zero-days like Pegasus, an antivirus software is not going to stop it. In fact the standard defense for this sort of thing is what I've advocated - isolation of system components via sandboxing/virtualization. I'm not sure what your argument is.
InfoTeddy
9mo ago
I have the opinion that the more data you give out, the more likely it will just get breached. Especially personal data meant to authenticate your identity. The best thing to do would be to not give data out at all - data that doesn't exist, can't be stolen - but most of the rest of the world doesn't think the same way, and are extremely unlikely to question why we have normalized people giving away their data without a second thought.
InfoTeddy
9mo ago
I have always been of the opinion that antivirus is a poor idea, and at best, a half-baked solution preventing you from adopting better solutions, such as sandboxing/virtualization and general human security hygiene. I haven't run an antivirus (besides Windows's built-in Defender) in years on any of my computers or phones, and I've never gotten malware on my systems simply because I don't open any sketchy apps or files, and if I do, it's in a virtual machine isolated from the rest of my system.
That an entire industry (the antivirus industry) exists based on the premise of a bad idea that is not only ineffective but adds massive attack surface simply because attackers can exploit what is essentially a privileged system component with deep access to all parts of the system - a cure worse than the disease - should be a lesson in how easy it is for someone to get the basics of a skill (such as security) wrong.
InfoTeddy
9mo ago
Media sources are identifying the deceased gunman as 20-year-old Thomas Matthew Crooks. Seems to not have had an internet presence. Strange. +1 for nominative determinism though.
Sure, deaths from police interaction make headlines but there are a lot of other things European cops can do that American cops would be extremely less likely to get away with. For example, an American cop wouldn't be able to legally arrest someone on the sole reason of them making a "homophobic remark" (or at least they would have to find another reason) due to the First Amendment.
More options
Context Copy link