# # With security software, the cure can be worse than the disease
APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

With security software, the cure can be worse than the disease

I've removed advertising from most of this site and will eventually clean up the few pages where it remains.

While not terribly expensive to maintain, this does cost me something. If I don't get enough donations to cover that expense, I will be shutting the site down in early 2020.

If you found something useful today, please consider a small donation.



Some material is very old and may be incorrect today

© September 2015 Anthony Lawrence

So a recent Google blog post talked about some really bad things they found in Kaspersky Antivirus. Apparently having that software on your machine actually makes you vulnerable to drive by exploits - that is, your system can be p0wned just be visiting a website or getting an email - and not even reading it!

What's truly amazing about this is that some of the attack vectors are simple buffer overflow attacks. There's nothing new about buffer overflows; they are caused by sloppy code and the software industry has a long, tragic history of repeating that particular sloppiness again and again. It's beyond astonishing that a respected A/V vendor like Kaspersky would repeat these mistakes in their own code!

Not that other A/V vendors are any better: Google has also found problems with Sophos and ESET.

Ars Technica says that you and I don't need to worry much as this type of exploit is more likely to be launched against a bank or high value company. I'm not sure that makes me any happier.

Kaspersky: Mo Unpackers, Mo Problems.

Buffer Overflow Attacks

Security wares like Kaspersky AV can make you more vulnerable to attacks

Sophail: Applied attacks against Sophos Antivirus

Analysis and Exploitation of an ESET Vulnerability


If you found something useful today, please consider a small donation.



Got something to add? Send me email.





(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

->
-> With security software, the cure can be worse than the disease


Inexpensive and informative Apple related e-books:

Take control of Apple TV, Second Edition

Take Control of iCloud

Take Control of High Sierra

Sierra: A Take Control Crash Course

Photos: A Take Control Crash Course





More Articles by © Anthony Lawrence





Printer Friendly Version

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us


Printer Friendly Version





Computers have been taught to distrust each other and will reject attempted connections most of the time. Nowadays, most computers and firewalls are utterly rude about it: it would be like asking someone to dance and having them ignore you as though you were invisible and inaudible. (Tony Lawrence)




Linux posts

Troubleshooting posts


This post tagged:

Malware

Security



Unix/Linux Consultants

Skills Tests

Unix/Linux Book Reviews

My Unix/Linux Troubleshooting Book

This site runs on Linode