Discover and read the best of Twitter Threads about #Antivirus

Most recents (20)

@taco_x86 As a matter of fact I do! You're an "OG" CVMhp / Vmyths reader; you'll probably remember the column where I explained my Bacon Number to Roger Ebert is exactly 1:
@taco_x86 I continued conversing w/ Roger Ebert on CompuServe in the '80s & '90s. After his tirade re: "Highlander 2," I emailed him to explain how it broke the timeline for the sword Ramírez wielded. "Another reason to hate the movie," he replied! [paraphrased]
en.wikipedia.org/wiki/Highlande…
@taco_x86 The original "CVMhp" website followed a ... loose interpretation of what it means to be a critic.

Things changed in 1999 when Denise's career took her to Iowa. "As a consolation, why don't you take CVMhp to a new level? Make it profitable."

As if I needed a consolation prize 😃
Read 10 tweets
1/22
Let's talk about how the 2,000pp "House 2.0 antivirus experiment" was in fact an intelligence report (aka "INTSUM") on the global #antivirus industry.

It began in 1999 after I'd revealed the existence of "EIS," later renamed "ADVEIS." It was an #antivirus rootkit...
2/22
ADVEIS stood for "Antivirus-Dependent Vulnerabilities in Email Infrastructure Security." I developed it in the late 1990s while working at A.G. Edwards & Sons building the U.S. brokerage industry's first SOC.

I gave a public lecture on ADVEIS, then dusted my hands of it.
3/22
But ADVEIS had rankled the #antivirus industry.

This led IBM bigwig David Chess to call my office.

I admit it: Chess is the one man I never beat in a philosophical match.

"So, Rob: you got root access from every AV company's products. What are you going to do *next*?"
Read 23 tweets
This thread brings together all my #infographics until today (2years of work).

These are all infographics about #infosec 🔐

Feel free to share this tweet if you think it may be useful for your #community 📚

Follow me ➡ @SecurityGuill fore more about #security #hacking #news ImageImageImageImage
How does an #Antivirus works? Image
Quick presentation of the different #Bluetooth Hacking Techniques Image
Read 44 tweets
BREAKING 🔥

New evidence suggests #SolarWinds hackers likely compromised the software build infrastructure of Orion platform & added malicious code, which was then eventually delivered within new updates that the company compiled, signed, and delivered.

thehackernews.com/2020/12/new-ev…
SolarWinds attackers mimic the software developers' coding style and naming standards to blend in their malicious code with the rest of the code.
Although first version containing the backdoor was traced to 2019.4.5200.9083, new report says version 2019.4.5200.8890, from October 2019, included an empty .NET class that attackers added to verify if their modifications to the codebase were being delivered into new updates.
Read 6 tweets
Let's talk cybersecurity.

1/7
News of COVID19 vaccines' side effects are so wild that rumors are spreading of how many #SickDays you'll burn to get both (repeat: "both") shots.

So let's compare it to the history of #computer antivirus vaccine use...
2/7
Historically, users gleefully installed #computer vaccines when they were released (typically a few days) after a deadly global virus outbreak "that cost millions of computers' lives and billions of dollars in damages."

But then users came to a rumored realization...
3/7
They said "you'll pay a severe penalty for #antivirus vaccines."

Users rumored it made their computers sluggish; that it constantly wasted their time to install vaccine updates every {month | week | day}; that it interfered with important company processes; blah blah blah
Read 7 tweets
1/17
What with the U.S. election approaching, it's time I told you about a BILLIONAIRE FINANCIER PRESIDENTIAL CANDIDATE who once pondered if he should buy an #antivirus company

I'm talking, of course, about ROSS PEROT

Strap in kiddies, we're going on a ride!
2/17
It's late February or early March of 2004. I'm in uniform, temporarily assigned to USAF's Senior NCO Academy as a reward for having pitched a tent on a captured Iraqi air base. Vmyths[.]com has all but collapsed by this point due to my Reserve military commitments.
3/17
My late wife Denise is at home in my computer lab where she's drafting a résumé. She got cut in the third round of a quadruple-layoff sweep when the U.S. gov't terminated a contract that her firm, um … did reeeeeally bad things on.

So anyway, she's sitting there…
Read 17 tweets
Let's talk cybersecurity.

1/3
Everyone in our industry worries that less #antivirus testing will lead to the discovery of fewer infected files.

That's why they urge you to check every file.

Every email & attachment.

Every byte of RAM.

On every computer.

Religiously.
2/3
But don't get me wrong!

If your "#antivirus solution" only checks for viruses *after* the fact, then you're doing it wrong.

Today's products can detect viruses that DON'T YET EXIST.

When used properly, they can stop as-yet-unknown viruses from invading your computer.
3/3
Now before you rant how #antivirus software "doesn't work," let me remind you:

Antivirus firms DON'T get infected by the viruses that rampage their customers' networks.

If their products FAIL you, it's because YOU'RE DOING IT WRONG
Read 3 tweets
In its halcyon days, "Vmyths" provided resources the #antivirus industry couldn't muster

In this thread each Thursday, we shall peruse the Wayback Machine to study PUBLICITY STUNT VIRUS ALERTS that plagued us from the 1990s through 2005...
PUBLICITY STUNT:

"Daisy Chain virus"
web.archive.org/web/2005021422…
PUBLICITY STUNT:

"Irina virus" (with key reporting from @gcluley)
web.archive.org/web/2004111000…
Read 3 tweets
In its halcyon days, "Vmyths" provided resources the #antivirus industry couldn't muster

In this thread each Wednesday, we shall peruse the Wayback Machine to enjoy #JOKE virus alerts (NOT hoaxes) that amused us from the 1990s through 2005...
JOKE VIRUS ALERT (not a hoax)

"NSA printer virus (April Fool story)" (aka "Iraqi printer virus")
web.archive.org/web/2005121005…

And see the follow-up!
web.archive.org/web/2018082215…
JOKE VIRUS ALERT (not a hoax)

"JPEG virus alert" (aka "GIF virus alert" aka "Graphic file virus")
web.archive.org/web/1998120517…
Read 3 tweets
In its halcyon days, "Vmyths" provided resources the #antivirus industry couldn't muster

In this thread each Tuesday, we shall peruse the Wayback Machine to study #HOAX virus alerts that inundated email accounts from the 1990s through 2005...
#HOAX ALERT:

"Good Times virus"
web.archive.org/web/2004121605…
#HOAX ALERT:

"Penpal Greetings virus"
web.archive.org/web/2004042806…
Read 3 tweets
In its halcyon days, "Vmyths" provided resources the #antivirus industry couldn't muster

In this thread each Monday, we shall peruse the Wayback Machine to study the POOR ADVICE non-experts spouted from the 1990s through 2005...
HISTORICAL POOR ADVICE:

"0000 trick" (or "!0000 trick" or "How to stop the spread of viruses")
web.archive.org/web/2004040916…
HISTORICAL POOR ADVICE:

"AOL password-stealing Trojan/virus"
web.archive.org/web/2005032718…
Read 3 tweets
"Cybersecurity Winter Is Coming"

Let's begin with an oversimplified view of the 2008 housing market crash:

Hedge fund manager John Paulson made a fortune betting against Wall Street's insane belief for an INFINITE annual +14% housing climb
Cybersecurity has enjoyed non-stop growth since the #antivirus industry coalesced in 1988. The Internet bubble's burst didn't even slow us down; in fact, the #antivirus industry saw it as a golden opportunity to prop up then-fledgling trade magazines!
Cybersecurity barely flinched when global markets collapsed in 2008. "The only survivors," we told our bosses, "will be the ones who keep up their cyber guard during their recovery." And they bought it! Hook, line, and sinker!
Read 12 tweets
In its halcyon days, "Vmyths" provided resources the #antivirus industry couldn't muster

In this thread each Sunday, we shall peruse the Wayback Machine to study the URBAN LEGENDS about viruses that plagued us from the 1990s through 2005...
URBAN LEGEND:

"Aureate DLLs Trojan"
web.archive.org/web/2005020815…
URBAN LEGEND:

"Blue Mountain greeting card Trojan/virus"
web.archive.org/web/2005020819…
Read 3 tweets
In its halcyon days, "Vmyths" provided resources the #antivirus industry couldn't muster

In this thread each Saturday, we shall peruse the Wayback Machine to study what Vmyths' #FAQs looked like from the 1990s through 2005...
HISTORICAL #FAQ:

"How can the [name] virus be a hoax? It physically destroyed my computer and I've got the receipts to prove it"
web.archive.org/web/2004042709…
HISTORICAL #FAQ:

"Would you send me some viruses for [insert reason here]?"
web.archive.org/web/2004042710…
Read 3 tweets
In its halcyon days, "Vmyths" provided resources the #antivirus industry couldn't muster

In this thread each Friday, we shall peruse the Wayback Machine to study the MEDIA FLOPS & FIASCOES about computer viruses from 1986 (!) through 2005...
MEDIA FLOP / FIASCO:

"1986 USPA&IRA virus/Trojan"
web.archive.org/web/2004041711…
MEDIA FLOP / FIASCO:

"1988 Morris Internet worm"
web.archive.org/web/2005021521…
Read 4 tweets
1/4
Popping shells from #antivirus via SMTP proved extraordinarily tedious in 1997-1999. I put eyeballs on Eric Issacson's "D86" debugger to determine how many NOPs to pad -- often different values because AV firms secretly slipped software patches inside "signature updates"
2/4
Then, of course, you've got to build an "unanticipated attachment" so the #antivirus will puke when it scans email

Things like a ZIP file w/ zero files in it ... or a file larger than their own hard limit (while hoping it didn't exceed the disk drive's limit) ... and so on
3/4
And people would ask "why did some #antivirus have hard limits on file size?"

Well, at least one AV product needed hard limits so they didn't CRIPPLE mail delivery.

A hard-coded limit meant you'd get *past* it to the mail server that used a different vendor's product...
Read 5 tweets
A senior member of SANS acting *on his own* raised a concern over the tweet below.

1/9
I'm the computer security industry's first full-time salaried #critic and I've >20yrs experience dealing with concerns like this.

I assembled a panel of three to judge the tweet...
2/9
One is a computer security #critic in their own right who long ago judged Vmyths' works at my request.

Another is a respected member of the #cybersecurity community who has not before judged my works.

The third is a longtime reader.

Each judged the tweet independently.
3/9
I told the complainant the panel's majority would "guide my action... I offered them no defense; the tweet must live or die on its own merits."

The complaint was that my tweet tied SANS to #racist police when in truth they've run a mature "LE" program for over a decade.
Read 15 tweets
1/3 Many people feel a cord of "civic duty" tugging them to the White House to shape U.S. cyber policies from the very top.

Yet I've documented time & again, from Clinton to Obama...

...that a Chief Executive's political agenda will #coopt whatever it touches: Image
2/3 I know you want to change everything instantly from the top. But that WON'T lead to fundamental change.

Fundamental change begins slowly.

It begins with newly hired civilians, newly minted soldiers, newly commissioned lieutenants.

The lower ranks proceed up a ladder...
3/3 ...and then one day a colonel shakes your hand gushing "I was at <air force base> in 1998 when you spoke to our comm squadron about #antivirus firms. You may not remember me but I was the first to raise my hand during Q&A!"

Change comes from the grassroots, folks. Join me!
Read 3 tweets
1/4
This morning a man who last spoke to me ~16yrs ago texted me to see if I was still at my old phone#.

He's now a senior broker in NYC with a VP title.

He read some wild story about the president shutting down CDC's "virus hype machine" (?) and it triggered an old memory.
2/4 Brokers like him called me from 1997 to 2003 to discuss ways to make money from #antivirus stocks. Everything about the industry confused them; I gave them insight to short-sell @McAfee & @symantec & @TrendMicro.
3/4 His phone call proved simple and straightforward: he wanted renewed insight in order to PROFIT FROM FEAR.

Contrary to some people's beliefs, I see NO ethical problem in his desire to profit.

If you *didn't* create the fear and you *don't* sell snake oil, then be my guest!
Read 5 tweets
Hear me out: this has everything to do with cyber.

1/5 Three decades of #computer virus panic leads me to predict #COVID19 will lead to a major reduction in U.S. food poisonings -- but only over the short term.

I've long hypothesized that many so-called "food poisonings"...
2/5 ...actually stem from unsanitary conditions AT HOME.

Somebody plops a greasy taco bag or a leftover container on the kitchen counter / table. That residue spoils.

Then it transfers to Timmy's Big Mac. He pukes & poops and his parents auto-blame it on McDonald's.
3/5 I believe the U.S. has grown so "fast-foody" that we've collectively lost our discipline for kitchen & dining room cleanliness.

Now, suddenly, panic has swept the U.S. Everybody hoards @Clorox wipes and, wow, actually uses them!

These wipes are closely related to...
Read 5 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!