Discover and read the best of Twitter Threads about #antivirus
Most recents (24)
1/🧵
So, I'm quietly asked my opinion of @mikko's somewhat ... grandiose claims for artificial general intelligence (AGI) going forward. I invite my questioner to jump in with their own thoughts, but here's mine as cybersecurity's eldest #critic:
So, I'm quietly asked my opinion of @mikko's somewhat ... grandiose claims for artificial general intelligence (AGI) going forward. I invite my questioner to jump in with their own thoughts, but here's mine as cybersecurity's eldest #critic:
2/🧵
My short answer is "I'm okay with anyone making bold claims like this." There's simply no #fearmongering here. @mikko states the obvious and paints a future.
My longer answer centers on the fact @mikko wields a strong character in our industry...
My short answer is "I'm okay with anyone making bold claims like this." There's simply no #fearmongering here. @mikko states the obvious and paints a future.
My longer answer centers on the fact @mikko wields a strong character in our industry...
3/🧵/🧵
...and it's the type of character I would wish on everyone.
I admit @mikko has a style few can muster. But his character? Every one of us can muster that if we wish!
Imagine a world where we all invite software makers to see their work from...
twitter.com/i/events/93951…
...and it's the type of character I would wish on everyone.
I admit @mikko has a style few can muster. But his character? Every one of us can muster that if we wish!
Imagine a world where we all invite software makers to see their work from...
twitter.com/i/events/93951…
I agree 💯 with @mikko here.
BUT--
--he might be missing the Pentagon's perspective. So, let me fill y'all in.
Tanks, missiles, etc. are #classic: they deploy everywhere to strike anything. Need to put a hole in something? Tank. Obliterate? Missile. Crater? Bomb…
BUT--
--he might be missing the Pentagon's perspective. So, let me fill y'all in.
Tanks, missiles, etc. are #classic: they deploy everywhere to strike anything. Need to put a hole in something? Tank. Obliterate? Missile. Crater? Bomb…
…but a cyber weapon is #unique as @mikko said. It deploys against a particular version(s) of Windows, or Linux, or even #antivirus software.
At this point you'd be totally correct to say "Rob, you can't drop a 30lb incendiary bomb to take out an underground bunker!" But the…
At this point you'd be totally correct to say "Rob, you can't drop a 30lb incendiary bomb to take out an underground bunker!" But the…
…issue here is "classic."
In WWII, we dropped 30lb incendiary bombs across Germany to demoralize and kill their civilian populations.
Now, in #cyber, you can issue an update, change a setting, even retreat from the Internet. In the real world, though…
In WWII, we dropped 30lb incendiary bombs across Germany to demoralize and kill their civilian populations.
Now, in #cyber, you can issue an update, change a setting, even retreat from the Internet. In the real world, though…
🧵
"#Antivirus software is a future Trojan horse."
There. I said it.
"But Rob! You were defending Kaspersky just a few days ago!"
NO.
I've fought a crude #UrbanLegend in our industry that's simmered since the FBI threw a shit-fit over something they've never proven.
"#Antivirus software is a future Trojan horse."
There. I said it.
"But Rob! You were defending Kaspersky just a few days ago!"
NO.
I've fought a crude #UrbanLegend in our industry that's simmered since the FBI threw a shit-fit over something they've never proven.
Worse, our own global community has never proved it -- and we've got every good reason to prove it if true.
But hey, our industry turned the tables on Kaspersky the day his dictator launched a genocide campaign.
Because we're just like that. We've always been like that.
But hey, our industry turned the tables on Kaspersky the day his dictator launched a genocide campaign.
Because we're just like that. We've always been like that.
That's why our industry's #ThoughtLeaders can dance on a pinhead: because IT'S EASY!
The logic in the back of their minds is simple: "Kaspersky is a Russian billionaire who craves genocide in Ukraine and does anything Putin asks. I must destroy Kaspersky with all my willpower."
The logic in the back of their minds is simple: "Kaspersky is a Russian billionaire who craves genocide in Ukraine and does anything Putin asks. I must destroy Kaspersky with all my willpower."
🧵
Today marks the first anniversary of the Russia-Ukraine #cyberwar that killed <checks Microsoft's & Mandiant's reports> no one.
Let's go over last year's mass cyberwar #panic. We'll begin with one of the earliest calls to #boycott @Kaspersky:
Today marks the first anniversary of the Russia-Ukraine #cyberwar that killed <checks Microsoft's & Mandiant's reports> no one.
Let's go over last year's mass cyberwar #panic. We'll begin with one of the earliest calls to #boycott @Kaspersky:
There was an immediate feeling that everyone must cancel all Kaspersky subscriptions, as if customers -- especially corporate clients -- had a competitor's product waiting in the wings to replace it in some trivial fashion:
Likewise, there was an immediate plea to [translated] "remove Kaspersky from your PC. Now. Immediately." Again, as if customers -- especially corporate clients -- could do it trivially and without serious consequences:
Yes: John McAfee.
What we call "the cybersecurity industry" [d]evolved from the #antivirus industry that formed in 1988 when John proposed "NCSA" as a media con game. It later split in two (think "Good/Evil Kirk"), and the good stuff became what we know today as ICSA Labs.
What we call "the cybersecurity industry" [d]evolved from the #antivirus industry that formed in 1988 when John proposed "NCSA" as a media con game. It later split in two (think "Good/Evil Kirk"), and the good stuff became what we know today as ICSA Labs.
John's antics appealed to reporters infatuated with the newfangled idea of a computer virus. Some vendors (e.g. Solomon's) shunned it but others (e.g. Panda) couldn't help but play along.
Still, the allure of media exposure tainted nearly everything it touched. There was no…
Still, the allure of media exposure tainted nearly everything it touched. There was no…
…ethical foundation in these early days. SANS formed to fill this hole but it struggled at first to make inroads. The late @howardas formed an ethics team inside the White House that ultimately vetted SANS, and he pushed it with every fiber of his being.
Let's talk cybersecurity #jokes while we still can.
You probably don't take on a company like @McAfee or a person like @CybersecuritySF like *I* do. But most of you DO enjoy a joke that uses #sarcasm, #burlesque, #irony, and/or #satire to make its point…
thehill.com/opinion/judici…
You probably don't take on a company like @McAfee or a person like @CybersecuritySF like *I* do. But most of you DO enjoy a joke that uses #sarcasm, #burlesque, #irony, and/or #satire to make its point…
thehill.com/opinion/judici…
…and that's something I've done in our industry for three decades. PC Magazine columnist @THErealDVORAK labeled me "a comic provocateur" for using the comedian's tools of the trade. My "#antivirus industry persona" predates The Colbert Report. I was…
…blogging about the #antivirus industry before Google's formation. My 120+ "audio rants" predate YouTube. My website visitors routinely crippled what you know as Mae West. I got snapped up at *the* apex of the Internet bubble and I laughed all the…
Monthly reminder that I study today's global medical PANdemIC through the lens of many past computer virus panics. Click the "panic button" to read more!
twitter.com/i/events/12437…
twitter.com/i/events/12437…
1/18
Yesterday was #NickoSilar's birthday. Our industry spouts an #UrbanLegend that she died in a hospital #ransomware attack … yet the truth is a bit complicated for our collective reductionist beliefs.
Let's study the facts surrounding this baby's tragic death, shall we?
Yesterday was #NickoSilar's birthday. Our industry spouts an #UrbanLegend that she died in a hospital #ransomware attack … yet the truth is a bit complicated for our collective reductionist beliefs.
Let's study the facts surrounding this baby's tragic death, shall we?
2/18
First, I need to caveat my role in this sad affair. I offer my expertise pro bono to the law firm representing the attending physician who delivered #NickoSilar on that fateful day. My specific goal is to protect Dr. Parnell from Springhill Medical Center's legal team.
First, I need to caveat my role in this sad affair. I offer my expertise pro bono to the law firm representing the attending physician who delivered #NickoSilar on that fateful day. My specific goal is to protect Dr. Parnell from Springhill Medical Center's legal team.
This thread pays homage to every woman by name in the U.S. who got arrested by state police because she installed a period tracking app on her cell phone:
0.
Remember this when somebody tells you to "delete any period tracking apps you use!" #ASCII46
0.
Remember this when somebody tells you to "delete any period tracking apps you use!" #ASCII46
28K retweets for this hysterical advice to delete period tracker apps because state police can now haul women off to menstrual concentration camps
If you followed #hysterical advice to delete your period tracking app--
--you must also leave your phone in the car when you visit the DMV. It doesn't matter which state b/c they all provide "interloping database access" to other states.
Bored in the DMV? A small price to pay!
--you must also leave your phone in the car when you visit the DMV. It doesn't matter which state b/c they all provide "interloping database access" to other states.
Bored in the DMV? A small price to pay!
@taco_x86 As a matter of fact I do! You're an "OG" CVMhp / Vmyths reader; you'll probably remember the column where I explained my Bacon Number to Roger Ebert is exactly 1:
@taco_x86 I continued conversing w/ Roger Ebert on CompuServe in the '80s & '90s. After his tirade re: "Highlander 2," I emailed him to explain how it broke the timeline for the sword Ramírez wielded. "Another reason to hate the movie," he replied! [paraphrased]
en.wikipedia.org/wiki/Highlande…
en.wikipedia.org/wiki/Highlande…
@taco_x86 The original "CVMhp" website followed a ... loose interpretation of what it means to be a critic.
Things changed in 1999 when Denise's career took her to Iowa. "As a consolation, why don't you take CVMhp to a new level? Make it profitable."
As if I needed a consolation prize 😃
Things changed in 1999 when Denise's career took her to Iowa. "As a consolation, why don't you take CVMhp to a new level? Make it profitable."
As if I needed a consolation prize 😃
1/22
Let's talk about how the 2,000pp "House 2.0 antivirus experiment" was in fact an intelligence report (aka "INTSUM") on the global #antivirus industry.
It began in 1999 after I'd revealed the existence of "EIS," later renamed "ADVEIS." It was an #antivirus rootkit...
Let's talk about how the 2,000pp "House 2.0 antivirus experiment" was in fact an intelligence report (aka "INTSUM") on the global #antivirus industry.
It began in 1999 after I'd revealed the existence of "EIS," later renamed "ADVEIS." It was an #antivirus rootkit...
2/22
ADVEIS stood for "Antivirus-Dependent Vulnerabilities in Email Infrastructure Security." I developed it in the late 1990s while working at A.G. Edwards & Sons building the U.S. brokerage industry's first SOC.
I gave a public lecture on ADVEIS, then dusted my hands of it.
ADVEIS stood for "Antivirus-Dependent Vulnerabilities in Email Infrastructure Security." I developed it in the late 1990s while working at A.G. Edwards & Sons building the U.S. brokerage industry's first SOC.
I gave a public lecture on ADVEIS, then dusted my hands of it.
3/22
But ADVEIS had rankled the #antivirus industry.
This led IBM bigwig David Chess to call my office.
I admit it: Chess is the one man I never beat in a philosophical match.
"So, Rob: you got root access from every AV company's products. What are you going to do *next*?"
But ADVEIS had rankled the #antivirus industry.
This led IBM bigwig David Chess to call my office.
I admit it: Chess is the one man I never beat in a philosophical match.
"So, Rob: you got root access from every AV company's products. What are you going to do *next*?"
This thread brings together all my #infographics until today (2years of work).
These are all infographics about #infosec 🔐
Feel free to share this tweet if you think it may be useful for your #community 📚
Follow me ➡ @SecurityGuill fore more about #security #hacking #news
These are all infographics about #infosec 🔐
Feel free to share this tweet if you think it may be useful for your #community 📚
Follow me ➡ @SecurityGuill fore more about #security #hacking #news
How does an #Antivirus works?
Quick presentation of the different #Bluetooth Hacking Techniques
BREAKING 🔥
New evidence suggests #SolarWinds hackers likely compromised the software build infrastructure of Orion platform & added malicious code, which was then eventually delivered within new updates that the company compiled, signed, and delivered.
thehackernews.com/2020/12/new-ev…
New evidence suggests #SolarWinds hackers likely compromised the software build infrastructure of Orion platform & added malicious code, which was then eventually delivered within new updates that the company compiled, signed, and delivered.
thehackernews.com/2020/12/new-ev…
SolarWinds attackers mimic the software developers' coding style and naming standards to blend in their malicious code with the rest of the code.
Although first version containing the backdoor was traced to 2019.4.5200.9083, new report says version 2019.4.5200.8890, from October 2019, included an empty .NET class that attackers added to verify if their modifications to the codebase were being delivered into new updates.
Let's talk cybersecurity.
1/7
News of COVID19 vaccines' side effects are so wild that rumors are spreading of how many #SickDays you'll burn to get both (repeat: "both") shots.
So let's compare it to the history of #computer antivirus vaccine use...
1/7
News of COVID19 vaccines' side effects are so wild that rumors are spreading of how many #SickDays you'll burn to get both (repeat: "both") shots.
So let's compare it to the history of #computer antivirus vaccine use...
2/7
Historically, users gleefully installed #computer vaccines when they were released (typically a few days) after a deadly global virus outbreak "that cost millions of computers' lives and billions of dollars in damages."
But then users came to a rumored realization...
Historically, users gleefully installed #computer vaccines when they were released (typically a few days) after a deadly global virus outbreak "that cost millions of computers' lives and billions of dollars in damages."
But then users came to a rumored realization...
3/7
They said "you'll pay a severe penalty for #antivirus vaccines."
Users rumored it made their computers sluggish; that it constantly wasted their time to install vaccine updates every {month | week | day}; that it interfered with important company processes; blah blah blah
They said "you'll pay a severe penalty for #antivirus vaccines."
Users rumored it made their computers sluggish; that it constantly wasted their time to install vaccine updates every {month | week | day}; that it interfered with important company processes; blah blah blah
1/17
What with the U.S. election approaching, it's time I told you about a BILLIONAIRE FINANCIER PRESIDENTIAL CANDIDATE who once pondered if he should buy an #antivirus company
I'm talking, of course, about ROSS PEROT
Strap in kiddies, we're going on a ride!
What with the U.S. election approaching, it's time I told you about a BILLIONAIRE FINANCIER PRESIDENTIAL CANDIDATE who once pondered if he should buy an #antivirus company
I'm talking, of course, about ROSS PEROT
Strap in kiddies, we're going on a ride!
2/17
It's late February or early March of 2004. I'm in uniform, temporarily assigned to USAF's Senior NCO Academy as a reward for having pitched a tent on a captured Iraqi air base. Vmyths[.]com has all but collapsed by this point due to my Reserve military commitments.
It's late February or early March of 2004. I'm in uniform, temporarily assigned to USAF's Senior NCO Academy as a reward for having pitched a tent on a captured Iraqi air base. Vmyths[.]com has all but collapsed by this point due to my Reserve military commitments.
3/17
My late wife Denise is at home in my computer lab where she's drafting a résumé. She got cut in the third round of a quadruple-layoff sweep when the U.S. gov't terminated a contract that her firm, um … did reeeeeally bad things on.
So anyway, she's sitting there…
My late wife Denise is at home in my computer lab where she's drafting a résumé. She got cut in the third round of a quadruple-layoff sweep when the U.S. gov't terminated a contract that her firm, um … did reeeeeally bad things on.
So anyway, she's sitting there…
Let's talk cybersecurity.
1/3
Everyone in our industry worries that less #antivirus testing will lead to the discovery of fewer infected files.
That's why they urge you to check every file.
Every email & attachment.
Every byte of RAM.
On every computer.
Religiously.
1/3
Everyone in our industry worries that less #antivirus testing will lead to the discovery of fewer infected files.
That's why they urge you to check every file.
Every email & attachment.
Every byte of RAM.
On every computer.
Religiously.
2/3
But don't get me wrong!
If your "#antivirus solution" only checks for viruses *after* the fact, then you're doing it wrong.
Today's products can detect viruses that DON'T YET EXIST.
When used properly, they can stop as-yet-unknown viruses from invading your computer.
But don't get me wrong!
If your "#antivirus solution" only checks for viruses *after* the fact, then you're doing it wrong.
Today's products can detect viruses that DON'T YET EXIST.
When used properly, they can stop as-yet-unknown viruses from invading your computer.
3/3
Now before you rant how #antivirus software "doesn't work," let me remind you:
Antivirus firms DON'T get infected by the viruses that rampage their customers' networks.
If their products FAIL you, it's because YOU'RE DOING IT WRONG
Now before you rant how #antivirus software "doesn't work," let me remind you:
Antivirus firms DON'T get infected by the viruses that rampage their customers' networks.
If their products FAIL you, it's because YOU'RE DOING IT WRONG
In its halcyon days, "Vmyths" provided resources the #antivirus industry couldn't muster
In this thread each Thursday, we shall peruse the Wayback Machine to study PUBLICITY STUNT VIRUS ALERTS that plagued us from the 1990s through 2005...
In this thread each Thursday, we shall peruse the Wayback Machine to study PUBLICITY STUNT VIRUS ALERTS that plagued us from the 1990s through 2005...
In its halcyon days, "Vmyths" provided resources the #antivirus industry couldn't muster
In this thread each Wednesday, we shall peruse the Wayback Machine to enjoy #JOKE virus alerts (NOT hoaxes) that amused us from the 1990s through 2005...
In this thread each Wednesday, we shall peruse the Wayback Machine to enjoy #JOKE virus alerts (NOT hoaxes) that amused us from the 1990s through 2005...
JOKE VIRUS ALERT (not a hoax)
"NSA printer virus (April Fool story)" (aka "Iraqi printer virus")
web.archive.org/web/2005121005…
And see the follow-up!
web.archive.org/web/2018082215…
"NSA printer virus (April Fool story)" (aka "Iraqi printer virus")
web.archive.org/web/2005121005…
And see the follow-up!
web.archive.org/web/2018082215…
JOKE VIRUS ALERT (not a hoax)
"JPEG virus alert" (aka "GIF virus alert" aka "Graphic file virus")
web.archive.org/web/1998120517…
"JPEG virus alert" (aka "GIF virus alert" aka "Graphic file virus")
web.archive.org/web/1998120517…
In its halcyon days, "Vmyths" provided resources the #antivirus industry couldn't muster
In this thread each Tuesday, we shall peruse the Wayback Machine to study #HOAX virus alerts that inundated email accounts from the 1990s through 2005...
In this thread each Tuesday, we shall peruse the Wayback Machine to study #HOAX virus alerts that inundated email accounts from the 1990s through 2005...
In its halcyon days, "Vmyths" provided resources the #antivirus industry couldn't muster
In this thread each Monday, we shall peruse the Wayback Machine to study the POOR ADVICE non-experts spouted from the 1990s through 2005...
In this thread each Monday, we shall peruse the Wayback Machine to study the POOR ADVICE non-experts spouted from the 1990s through 2005...
HISTORICAL POOR ADVICE:
"0000 trick" (or "!0000 trick" or "How to stop the spread of viruses")
web.archive.org/web/2004040916…
"0000 trick" (or "!0000 trick" or "How to stop the spread of viruses")
web.archive.org/web/2004040916…
"Cybersecurity Winter Is Coming"
Let's begin with an oversimplified view of the 2008 housing market crash:
Hedge fund manager John Paulson made a fortune betting against Wall Street's insane belief for an INFINITE annual +14% housing climb
Let's begin with an oversimplified view of the 2008 housing market crash:
Hedge fund manager John Paulson made a fortune betting against Wall Street's insane belief for an INFINITE annual +14% housing climb
Cybersecurity has enjoyed non-stop growth since the #antivirus industry coalesced in 1988. The Internet bubble's burst didn't even slow us down; in fact, the #antivirus industry saw it as a golden opportunity to prop up then-fledgling trade magazines!
Cybersecurity barely flinched when global markets collapsed in 2008. "The only survivors," we told our bosses, "will be the ones who keep up their cyber guard during their recovery." And they bought it! Hook, line, and sinker!
In its halcyon days, "Vmyths" provided resources the #antivirus industry couldn't muster
In this thread each Sunday, we shall peruse the Wayback Machine to study the URBAN LEGENDS about viruses that plagued us from the 1990s through 2005...
In this thread each Sunday, we shall peruse the Wayback Machine to study the URBAN LEGENDS about viruses that plagued us from the 1990s through 2005...
In its halcyon days, "Vmyths" provided resources the #antivirus industry couldn't muster
In this thread each Saturday, we shall peruse the Wayback Machine to study what Vmyths' #FAQs looked like from the 1990s through 2005...
In this thread each Saturday, we shall peruse the Wayback Machine to study what Vmyths' #FAQs looked like from the 1990s through 2005...
HISTORICAL #FAQ:
"How can the [name] virus be a hoax? It physically destroyed my computer and I've got the receipts to prove it"
web.archive.org/web/2004042709…
"How can the [name] virus be a hoax? It physically destroyed my computer and I've got the receipts to prove it"
web.archive.org/web/2004042709…
HISTORICAL #FAQ:
"Would you send me some viruses for [insert reason here]?"
web.archive.org/web/2004042710…
"Would you send me some viruses for [insert reason here]?"
web.archive.org/web/2004042710…
In its halcyon days, "Vmyths" provided resources the #antivirus industry couldn't muster
In this thread each Friday, we shall peruse the Wayback Machine to study the MEDIA FLOPS & FIASCOES about computer viruses from 1986 (!) through 2005...
In this thread each Friday, we shall peruse the Wayback Machine to study the MEDIA FLOPS & FIASCOES about computer viruses from 1986 (!) through 2005...
1/4
Popping shells from #antivirus via SMTP proved extraordinarily tedious in 1997-1999. I put eyeballs on Eric Issacson's "D86" debugger to determine how many NOPs to pad -- often different values because AV firms secretly slipped software patches inside "signature updates"
Popping shells from #antivirus via SMTP proved extraordinarily tedious in 1997-1999. I put eyeballs on Eric Issacson's "D86" debugger to determine how many NOPs to pad -- often different values because AV firms secretly slipped software patches inside "signature updates"
2/4
Then, of course, you've got to build an "unanticipated attachment" so the #antivirus will puke when it scans email
Things like a ZIP file w/ zero files in it ... or a file larger than their own hard limit (while hoping it didn't exceed the disk drive's limit) ... and so on
Then, of course, you've got to build an "unanticipated attachment" so the #antivirus will puke when it scans email
Things like a ZIP file w/ zero files in it ... or a file larger than their own hard limit (while hoping it didn't exceed the disk drive's limit) ... and so on
3/4
And people would ask "why did some #antivirus have hard limits on file size?"
Well, at least one AV product needed hard limits so they didn't CRIPPLE mail delivery.
A hard-coded limit meant you'd get *past* it to the mail server that used a different vendor's product...
And people would ask "why did some #antivirus have hard limits on file size?"
Well, at least one AV product needed hard limits so they didn't CRIPPLE mail delivery.
A hard-coded limit meant you'd get *past* it to the mail server that used a different vendor's product...
