http://arstechnica.com/n...post/20061111-8199.html

I'm a big fan of the statement 'some authors are spinning this as Allchin "backing off" his claims'. I wonder who tney could be referring to...

...Microsoft will get pwned again... Well, they always think of something. But I don't see why people attack MS and not Mac...

pay no attention to the executive behind the curtain.

Um..................... WHO CARES !!!!

Why are you people arguing over such idiotic crap?!?!

Please go to:

www.getalife.com

See you there !!

I went to that site and I must say, the domain name is quite deceptive.

I could see if I worked on cars all day long and I posted here, I might need to get a life indeed. Fortunately, my life is computers, I'm right where I belong."

While you're at it, why don't you stroll on over to securingamerica.com and tell those people to stop arguing over politics.

You my friend are a computer illiterate jackass. Please learn the history behind the MS operating systems and call me.

Wow.....I really didn't mean to mislead you. That is immensely frightening that you actually went to that site.

I feel the need to let you in on a few secrets to get you ready for real life...just incase you ever move out of your parent's house.

1) Mulder and Sculley are NOT really FBI agents.
2) In most states, human/computer marriages are banned.
3) Trix ARE for kids.

Good luck !!!

PS- Took your advice on the securingamerica.com thing. Thanks for the tip.

Bravo, my friend. Whew, 3 big words in a row! Somebody needs to take off the Darth Vader cape, adjust the glasses, put on their prescription pants, go outside and get some sunlight on what MUST be, I'm sure, an enormous cranium.

The statement Allchin made was just that...a statement. Not an advertisement. Time to move on.

I don't really know what to make of that post. I think it may have been an insult so maybe i'll take offense to it. On the other hand, that's a lot of typing that didn't make any sense.

Wow what a title! Rather then realizing your own fault blame it on Allchin. I've gone through his whole interview, and not sure how anyone can misinterpret his simple example!!
Only 2 thing I can see can have gone wrong
- First of all either BetaNews copied 'dont need antivirus' from some other blog/forum (seems like high chances here)
- 2nd, someone actually read his article and came to this conclusion that 'every user of Vista will work under high parental control.'

Rather then saying 'Allchin backs off' BetaNews should realize their responsibilities.

I've written an operating system and made a boot loader I placed on the master boot record. I do not run anti-virus because it probably would interfere. I'm concerned that others using my operating system will encounter hostility from anti-virus software.

http://www.losethos.com

This reminds me of Firefox when it was first getting popular.

What's firefox?

Use Google.com

joke. (terrible one at that)

What's google?

A hell of a lot more entertaining than your comment.

People are dumb, thats a fact. I just don't get it how the hell they manage to execute every damn thing they get in the mailbox even if it's as obvious as Mr. Obvious (once i even got they guy disabling AV just because it was screaming that file he downloaded is a virus! Geez, have never seen that one!). Seriously. Such people shouldn't use PCs. Or there should be a PC usage school like we have one for cars (driving school).
I mean at least learn the basics before you swim into hostile waters. Coz there are only hostile waters out there at this time...

If everybody were as good at using computers as they are at dying, I'd be out of work.

Yeah, well since the majority of people are not computer techs and computers are no sold as "ready to use out of the box, no experience necessary" the majority of new users are not as experienced as you claim to be. Seriously, smart asses like you shouldn't be allowed to post on forums sites.

I have to agree with you, Rej. An OS can only provide security to a point, because there is another user who can still do dumb things. A friend of mine where I used to work (with many who had work email accounts) said that there are people here who, if they received an email with an attachment that said "This is a virus, please click it" actually would do it! Plus, I can understand Symantec and McAfee being upset, since their bloatware AV and security applications earn them a lot of money.

Did anyone even LISTEN to the WHOLE interview?!?!?! My word... he specifically said later on--addressing this very comment he made earlier--that he was NOT recommending that you run without anti-virus.

All you folks (roj) that say this is "laughable"--do this, please. Go to the anti-virus vendors' databases, and find the number of viruses that operate on the premise that they have unrestricted access to HKLM, Windows system irectories, Program Files directories, install privileges, etc. ****ALL**** of those viruses are rendered ineffective on Windows when running as a standard user account--and that's true not only of Vista, but of W2K and XP as well.

Restricted user does NOT necessarily protect you if the code base has a hole such that it allows the attacker to gain Admin privilages.

It can mitigate most common issues, but that is not to say, it should be the only thing you do or rely on.

ASLR capability can be added to Win2k/XP/2k3 by installing WehnTrust (free version).

If you need to run something you don't trust, then do it with an app called Sandboxie.

Security is multi-faceted. You can't rely on one component. It must be backed up with something else, in case if something really hits the fan. You have to assume nothing is bullet proof, and everything can be broken.

Allchin is doing nothing more than advertising for Vista. (Its Microsoft remember, they need to make money).

If you can add features or do things that rival a default Vista installation, its one less excuse to upgrade to Vista.

(Then, it just boils down to pointless eye-candy and DirectX 10.0)

Yes, it does not prevent a privilege-escalation attack. But that's why I challenge folks to look through the virus databases and see just how many work exploiting that type of flaw. As far as sandboxing goes, you also can do that manually using methods described in detail on the Sysinternals site.

Again, I suggest people actually LISTEN to the call (you can hear it at 800-677-2488). BetaNews is ridiculous in suggesting "Allchin **Backs Off** Antivirus Remarks"--he never recommended that in the first place... and in fact, he specifically said later that he was NOT endorsing that practice. As far as security being multilayered, he says the exact same thing (in their parlance, "Defense in Depth"). He also says in no way have they created a "perfect system," as none are.

As far as not upgrading goes... of course that's always an option, and as always, Microsoft is their own biggest competition. The same comment is made about nearly every new version of Windows. But does anyone prefer 95 over 98? Or 98 over XP? There's nothing wrong with sticking with XP for awhile, but there is plenty to like in Vista--and not just eye-candy.

ok lets see here.. i tried rc2 for a few weeks with NO anti-virus software or anti-spyware. I went to all the naughty rotten sites that used to crash XP with viruses.. then i purposely downloaded viruses and ran them. after 3 week i ran several virus scanners. avg and avast!. they detect no viruses what so ever. no spyware, nothing..

you know what these morons are forgetting with al ltheir bickering? the fact that every program is ran in USER mode. i installed a huge school and library networks with all XP SP2 with no other updates. I made it so the users can only use the user account. in the past the other tech left it on administrator and the systems were trashed every week! when on user account its been a year now and not one system got a virus. IT IS IMPOSSIBLE TO GET VIRUSES WHEN PROGRAMS ARE RAN IN USER MODE FROM MY EXTENSVE EXPERIENCE - **** OFF YOU CORRUPT a******S THAT ARE IN CAHOOTS WITH SPYWARE FIRMS (SYMANTEC, MCAFEE, EVEN AVG NEVER STOPPED SPYWARE FROM CRASHING A SYSTEM) every single virus scanner failed to help a system in any sort of macro scalure environment in the last several years I have been batteling viruses. It wasnt until maybe 6 months ago that symantec and mcafee actually helped a little. yet the FREE ad-aware personal is 100x better than either, and 1000x better than avg. whats the deal with AVG everyone uses it and it DOESN'T WORK roflmfao!

Well, you did have anti-spyware. Windows Defender is on by default.

Really? That's your experience.
(A rather limited one at that).

So if I dropped in Joanna Rutkowska's Blue Pill exploit, is it gonna help when you have an AMD SVM or Intel VT enabled system?

No.

At best, you're just like every other clueless Windows admin.

Setting up restricted user doesn't necessarily mean you're 100% secure. If the code itself sucks, there is always a way to get to the admin or root account. And hence, take the system.

You ain't no hacker or cracker of any sort. Until the day you make a presentation at the annual Black Hat conference or prove yourself to the world that you are worthy of listening to, at best, we can accept your post as limited user experience.

Few guys who're making the NAV-corp edition should really like leave symantec and make their own AV software and sell it.

Some Eyecandy on the OS or word is okay, but why do you need so much eyecandy for Anti-virus?

Sucky Anti-virus softwares..

You're wrong on the Blue Pill exploit in a number of ways. First, the user account she was using was NOT a standard user account--it was the limited admin account in Vista, gaining admin privileges via UAC. Secondly, it required *ignoring* the UAC prompt. Thirdly, they blocked that attack vector in the code base before she even spoke on it.

I'm not saying there aren't exploits waiting to be found in Vista (as there are with every other OS), but Blue Pill is not one of them. *Nothing* is 100% secure. And since there is a way to get to admin/root--privilege escalation exploits--in Linux, OS X, etc., by your logic, that means their "code itself" sucks as well.

On the somewhat unfortunate side, this all means that hackers will turn their efforts to privilege escalation attacks and other methods, rather than simply getting the user (with full access) to screw up their own machine. But there's no question that running as a standard user is orders of magnitude more secure than running as admin.

AVG is not antispyware--and by the way, it has some of the best virus DETECTION, but I agree it like other anti-viruses has recently been less than adequate for virus removal/cleaning. Fact is, I use it so I can know if I have a virus or not. If I do, I use the app to remove it, then I manually remove the 'remnants' that AVG left behind.

You are correct that there is not a one antivirus app I have tested that has ever removed all traces of malware from the systems when I've tested them. Based on my huge test last week, using 3 test PCs all infected with malware (one having it all, second having mostly system file infections and worms, third having trojans, their downloaded baddies and "traces" of other malware). They all forget something, in every single case. It is most unfortunate.

Norton forgets all the trojan downloader files, hence it is next to useless (and the worst AV of all I've tested this past week). For the first time ever, Avast! was severley lacking in antivirus detection regarding some dozen or so of those 1,900 SD-BOT variants, EZ Trust (first time test) was pretty good overall, but was lacking in essential detections for variations of some very common spyware. McAfee, OneCare (also first time to test), AVG PRO+Firewall, PC-Cillin (first time disappointment here), Panda 2006 Titanium (didnt have 2007 for test yet), NOD32, F-Secure (first timer, tested it just for fun), Kaspersky, and Sophos detected all malware I threw at them, but were unable to clean it all.

No surprise that Panda came the closest and in fact was near-perfect removal, removing all but one of JAVA.BYTEVER trojan varient's .zip files (and registry entries). Second place--and nearly giving me a heart attack--was McaFee Security Center(???), removing every virus and trojan but leaving in some nasty BHO's curtosey of "Winfixer" scamware. Third place is not as easy to distinguish, but I'd have to call it for Windows One-Care: although it left many malware registry entries on the "gigavirus" computer (the one with tens of thousands of everything infecting it), it removed nearly all of the files that were malicious, thus "fixing" the PC better arguably than any other contender. However, it misread lsass.exe as a virus and therefore tried to REMOVE it rather than clean it (oops!), and for something Microsoft made, that's just stupid if not downright hilarious. Hopefully that has been fixed by now in a new detection scheme.

The rest were about the same, detecting every variant and claiming to fix all of them but missing some key files in the detection. Of them all, NOD32 seemed arguably the 4th best, followed by Kaspersky, Sophos, AVG PRO+Firewall, F-secure.

Also surprising me was that ZoneAlarm Security, touted by many independant studies and organisations as the best protection currently available, had major difficulties removing viruses and trojans alike. Since so many studies claim they are by far the best, I can only assume I may have neglected certain scanning options or perhaps tested it on an "off week" that they just neglected to update on time. It is still somewhat of an enigma, as I suspected from reports that it would best even Panda, and came very far from it.

All in all, the biggest resource hog of them all had the best protection, but it took almost an hour longer for the scan to finish running (Panda). Biggest surprise was McAfees relative success and Symantec's failure, reversing the position of those two AV vendors from the results just a year ago. I'm guessing it's just a matter of timing and chance with those two since one seems to really do it one week then really fail the next, so I can't recommend either.

AVG for the first time was quite short of removing all the malware traces compared to last years testing. I can't recommend them this year, especially their free version as it is incredibly lacking (note the free version still detects most baddies out there, especially the new 7.5 version).

Now why did I paste this excerpt from my new test? Hmm...not sure, except that nobody reads my reports anyway, so why not post them here on betanews, where there are some that are just dumb enough (er--bored enough) to read them?

why not post them here on betanews, where there are some that are just dumb enough (er--bored enough) to read them?

Thanks a lot.

Jerk.

/ :p

Let the PR spin begin.

His original comment has to be one of the all-time stupidest comments I've heard in a technical context. Apart from the fact that his statement was utterly laughable, it's also an open invitation to the hacker community to prove him wrong.

The boy should be sterilized to protect the gene pool.

-10 for lack of content.

Never a dull moment with Microsoft. That article explains why Allchin is stepping down I guess.

Clarification of clarifications of clarifications...

"So then a smart guy here came up with a solution, so we put it in Windows Vista."

Wow. That's all I can say... still.

They should just give the smart guy his job.

LOL

I still cannot get over this remark he stated from the last article.

Talk about "letting the cat out of the bag" huh?