From dace4ba89c3041f772ea394d708088fc4333e063 Mon Sep 17 00:00:00 2001 From: Tommy Date: Wed, 27 Jul 2022 09:46:05 -0400 Subject: [PATCH] FIxed Research link --- content/knowledge/Badness Enumeration.md | 2 +- ...ing-in-Malware-Detectors-for-Fun-and-Profit.pdf} | Bin 2 files changed, 1 insertion(+), 1 deletion(-) rename static/researches/{Abusing File Processing in Malware Detectors for Fun and Profit.pdf => Abusing-File-Processing-in-Malware-Detectors-for-Fun-and-Profit.pdf} (100%) diff --git a/content/knowledge/Badness Enumeration.md b/content/knowledge/Badness Enumeration.md index 315ab52..6761f0e 100644 --- a/content/knowledge/Badness Enumeration.md +++ b/content/knowledge/Badness Enumeration.md @@ -23,7 +23,7 @@ Overall, adblockers weaken your security for dubios privacy benefits. You are be ## Antiviruses -Antiviruses are highly privileged processes with access to virtually all of your files and data, parsing through them trying to find something that matches a known bad signature. Beyond the fact that you need to trust the Antivirus company and that the signature list will never have all of the malware in existence, a vulnerable parser could lead to a system compromise. The [Abusing File Processing in Malware Detectors for Fun and Profit](/researches/Suman-Jana-and-Vitaly-Shmatikov.pdf) research paper by Suman Jana and Vitaly Shmatikov discusses this in detail. +Antiviruses are highly privileged processes with access to virtually all of your files and data, parsing through them trying to find something that matches a known bad signature. Beyond the fact that you need to trust the Antivirus company and that the signature list will never have all of the malware in existence, a vulnerable parser could lead to a system compromise. The [Abusing File Processing in Malware Detectors for Fun and Profit](/researches/Abusing-File-Processing-in-Malware-Detectors-for-Fun-and-Profit.pdf) research paper by Suman Jana and Vitaly Shmatikov discusses this in detail. The proper way to deal with untrusted applications is not to scan them with an Antivirus, but to confine them in such a way that even if they were maicious, they cannot do much damage at all. This has already been achieved on secure mobile operating systems like Android and iOS. Typically, attacks against these systems require an operating system level exploit chain, or for the user to actually mess up and grant an app access to sensitive data. On desktop operating systems, you should utilize virtualization to contain untrusted applications in their own virtual machine. This can be done with a system like Qubes OS, the [Windows Sandbox](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview), or just general KVM / HyperV Virtual Machines. diff --git a/static/researches/Abusing File Processing in Malware Detectors for Fun and Profit.pdf b/static/researches/Abusing-File-Processing-in-Malware-Detectors-for-Fun-and-Profit.pdf similarity index 100% rename from static/researches/Abusing File Processing in Malware Detectors for Fun and Profit.pdf rename to static/researches/Abusing-File-Processing-in-Malware-Detectors-for-Fun-and-Profit.pdf