The following warnings occurred:
Warning [2] Undefined array key "lockoutexpiry" - Line: 94 - File: global.php PHP 8.0.30 (Linux)
File Line Function
/global.php 94 errorHandler->error
/showthread.php 28 require_once
Warning [2] Undefined array key "lockoutexpiry" - Line: 550 - File: global.php PHP 8.0.30 (Linux)
File Line Function
/global.php 550 errorHandler->error
/showthread.php 28 require_once
Warning [2] Undefined array key "avatartype" - Line: 811 - File: global.php PHP 8.0.30 (Linux)
File Line Function
/global.php 811 errorHandler->error
/showthread.php 28 require_once
Warning [2] Undefined array key "avatartype" - Line: 811 - File: global.php PHP 8.0.30 (Linux)
File Line Function
/global.php 811 errorHandler->error
/showthread.php 28 require_once
Warning [2] Undefined variable $awaitingusers - Line: 34 - File: global.php(872) : eval()'d code PHP 8.0.30 (Linux)
File Line Function
/global.php(872) : eval()'d code 34 errorHandler->error
/global.php 872 eval
/showthread.php 28 require_once
Warning [2] Undefined array key "style" - Line: 937 - File: global.php PHP 8.0.30 (Linux)
File Line Function
/global.php 937 errorHandler->error
/showthread.php 28 require_once
Warning [2] Undefined property: MyLanguage::$lang_select_default - Line: 5196 - File: inc/functions.php PHP 8.0.30 (Linux)
File Line Function
/inc/functions.php 5196 errorHandler->error
/global.php 937 build_theme_select
/showthread.php 28 require_once
Warning [2] Undefined array key "additionalgroups" - Line: 7360 - File: inc/functions.php PHP 8.0.30 (Linux)
File Line Function
/inc/functions.php 7360 errorHandler->error
/inc/functions.php 5216 is_member
/global.php 937 build_theme_select
/showthread.php 28 require_once
Warning [2] Undefined array key "mybb" - Line: 1997 - File: inc/functions.php PHP 8.0.30 (Linux)
File Line Function
/inc/functions.php 1997 errorHandler->error
/inc/functions_indicators.php 41 my_set_array_cookie
/showthread.php 665 mark_thread_read
Warning [2] Undefined array key "additionalgroups" - Line: 7360 - File: inc/functions.php PHP 8.0.30 (Linux)
File Line Function
/inc/functions.php 7360 errorHandler->error
/inc/functions_user.php 813 is_member
/inc/functions_post.php 416 purgespammer_show
/showthread.php 1114 build_postbit
Warning [2] Undefined array key "profilefield" - Line: 6 - File: inc/functions_post.php(484) : eval()'d code PHP 8.0.30 (Linux)
File Line Function
/inc/functions_post.php(484) : eval()'d code 6 errorHandler->error
/inc/functions_post.php 484 eval
/showthread.php 1114 build_postbit
Warning [2] Undefined array key "canonlyreplyownthreads" - Line: 672 - File: inc/functions_post.php PHP 8.0.30 (Linux)
File Line Function
/inc/functions_post.php 672 errorHandler->error
/showthread.php 1114 build_postbit
Warning [2] Undefined array key "showimages" - Line: 757 - File: inc/functions_post.php PHP 8.0.30 (Linux)
File Line Function
/inc/functions_post.php 757 errorHandler->error
/showthread.php 1114 build_postbit
Warning [2] Undefined array key "showvideos" - Line: 762 - File: inc/functions_post.php PHP 8.0.30 (Linux)
File Line Function
/inc/functions_post.php 762 errorHandler->error
/showthread.php 1114 build_postbit
Warning [2] Undefined array key "posttime" - Line: 9 - File: inc/functions_post.php(887) : eval()'d code PHP 8.0.30 (Linux)
File Line Function
/inc/functions_post.php(887) : eval()'d code 9 errorHandler->error
/inc/functions_post.php 887 eval
/showthread.php 1114 build_postbit
Warning [2] Undefined array key "avatar_padding" - Line: 19 - File: inc/functions_post.php(887) : eval()'d code PHP 8.0.30 (Linux)
File Line Function
/inc/functions_post.php(887) : eval()'d code 19 errorHandler->error
/inc/functions_post.php 887 eval
/showthread.php 1114 build_postbit
Warning [2] Undefined array key "invisible" - Line: 1555 - File: showthread.php PHP 8.0.30 (Linux)
File Line Function
/showthread.php 1555 errorHandler->error
Warning [2] Undefined variable $threadnotesbox - Line: 33 - File: showthread.php(1587) : eval()'d code PHP 8.0.30 (Linux)
File Line Function
/showthread.php(1587) : eval()'d code 33 errorHandler->error
/showthread.php 1587 eval
Warning [2] Undefined variable $ratethread - Line: 41 - File: showthread.php(1587) : eval()'d code PHP 8.0.30 (Linux)
File Line Function
/showthread.php(1587) : eval()'d code 41 errorHandler->error
/showthread.php 1587 eval
Warning [2] Undefined variable $addremovesubscription - Line: 82 - File: showthread.php(1587) : eval()'d code PHP 8.0.30 (Linux)
File Line Function
/showthread.php(1587) : eval()'d code 82 errorHandler->error
/showthread.php 1587 eval
Warning [2] Undefined variable $thread_deleted - Line: 107 - File: showthread.php(1587) : eval()'d code PHP 8.0.30 (Linux)
File Line Function
/showthread.php(1587) : eval()'d code 107 errorHandler->error
/showthread.php 1587 eval




Antivirus Makers Struggle to Adapt
12-31-2012, 05:57 PM,
#1
Antivirus Makers Struggle to Adapt
Quote:The antivirus industry has a dirty little secret: its products are often not very good at stopping viruses.

Consumers and businesses spend billions of dollars every year on antivirus software. But these programs rarely, if ever, block freshly minted computer viruses, experts say, because the virus creators move too quickly. That is prompting start-ups and other companies to get creative about new approaches to computer security.

“The bad guys are always trying to be a step ahead,” said Matthew D. Howard, a venture capitalist at Norwest Venture Partners who previously set up the security strategy at Cisco Systems. “And it doesn’t take a lot to be a step ahead.”

Computer viruses used to be the domain of digital mischief makers. But in the mid-2000s, when criminals discovered that malicious software could be profitable, the number of new viruses began to grow exponentially.

In 2000, there were fewer than a million new strains of malware, most of them the work of amateurs. By 2010, there were 49 million new strains, according to AV-Test, a German research institute that tests antivirus products.

The antivirus industry has grown as well, but experts say it is falling behind. By the time its products are able to block new viruses, it is often too late. The bad guys have already had their fun, siphoning out a company’s trade secrets, erasing data or emptying a consumer’s bank account.

A new study by Imperva, a data security firm in Redwood City, Calif., and students from the Technion-Israel Institute of Technology is the latest confirmation of this. Researchers collected and analyzed 82 new computer viruses and put them up against more than 40 antivirus products, made by top companies like Microsoft, Symantec, McAfee and Kaspersky Lab. They found that the initial detection rate was less than 5 percent.

On average, it took almost a month for antivirus products to update their detection mechanisms and spot the new viruses. And two of the products with the best detection rates — Avast and Emsisoft — are available free; users are encouraged to pay for additional features. This despite the fact that consumers and businesses spent a combined $7.4 billion on antivirus software last year — nearly half of the $17.7 billion spent on security software in 2011, according to Gartner.

“Existing methodologies we’ve been protecting ourselves with have lost their efficacy,” said Ted Schlein, a security-focused investment partner at Kleiner Perkins Caufield & Byers. “This study is just another indicator of that. But the whole concept of detecting what is bad is a broken concept.”

Part of the problem is that antivirus products are inherently reactive. Just as medical researchers have to study a virus before they can create a vaccine, antivirus makers must capture a computer virus, take it apart and identify its “signature” — unique signs in its code — before they can write a program that removes it.

That process can take as little as a few hours or as long as several years. In May, researchers at Kaspersky Lab discovered Flame, a complex piece of malware that had been stealing data from computers for an estimated five years.

Mikko H. Hypponen, chief researcher at F-Secure, called Flame “a spectacular failure” for the antivirus industry. “We really should have been able to do better,” he wrote in an essay for Wired.com after Flame’s discovery. “But we didn’t. We were out of our league in our own game.”

Symantec and McAfee, which built their businesses on antivirus products, have begun to acknowledge their limitations and to try new approaches. The word “antivirus” does not appear once on their home pages. Symantec rebranded its popular antivirus packages: its consumer product is now called Norton Internet Security, and its corporate offering is now Symantec Endpoint Protection.

“Nobody is saying antivirus is enough,” said Kevin Haley, Symantec’s director of security response. Mr. Haley said Symantec’s antivirus products included a handful of new technologies, like behavior-based blocking, which looks at some 30 characteristics of a file, including when it was created and where else it has been installed, before allowing it to run. “In over two-thirds of cases, malware is detected by one of these other technologies,” he said.

Imperva, which sponsored the antivirus study, has a horse in this race. Its Web application and data security software are part of a wave of products that look at security in a new way. Instead of simply blocking what is bad, as antivirus programs and perimeter firewalls are designed to do, Imperva monitors access to servers, databases and files for suspicious activity.

The day companies unplug their antivirus software is still far off, but entrepreneurs and investors are betting that the old tools will become relics.

“The game has changed from the attacker’s standpoint,” said Phil Hochmuth, a Web security analyst at the research firm International Data Corporation. “The traditional signature-based method of detecting malware is not keeping up.”

Investors are backing a new crop of start-ups that turn the whole notion of security on its head. If it is no longer possible to block everything that is bad, the thinking goes, then the security companies of the future will be the ones whose software can spot unusual behavior and clean up systems once they have been breached.

... As the number of prominent online attacks rises, analysts and venture capitalists are betting that corporate spending patterns will change.

“Technologies that once were only used by very sensitive industries like finance are moving into the mainstream,” Mr. Hochmuth said. “Very soon, if you are not running these technologies and you’re a security professional, your colleagues and counterparts will start to look at you funny.”

...If and when antivirus makers are able to fortify desktop computers, chances are the criminals will have already moved on to smartphones. In October, the F.B.I. warned that a number of malicious apps were compromising Android devices. And in July, Kaspersky Lab discovered the first malicious app in Apple’s app store. The Defense Department has called for companies and universities to find ways to protect mobile devices from malware.

http://www.nytimes.com/2013/01/01/techno...ly.html?hp
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)