mirror of
https://github.com/PrivSec-dev/privsec.dev
synced 2024-12-22 04:41:33 -05:00
FIxed Research link
This commit is contained in:
parent
cafb20949e
commit
dace4ba89c
@ -23,7 +23,7 @@ Overall, adblockers weaken your security for dubios privacy benefits. You are be
|
|||||||
|
|
||||||
## Antiviruses
|
## Antiviruses
|
||||||
|
|
||||||
Antiviruses are highly privileged processes with access to virtually all of your files and data, parsing through them trying to find something that matches a known bad signature. Beyond the fact that you need to trust the Antivirus company and that the signature list will never have all of the malware in existence, a vulnerable parser could lead to a system compromise. The [Abusing File Processing in Malware Detectors for Fun and Profit](/researches/Suman-Jana-and-Vitaly-Shmatikov.pdf) research paper by Suman Jana and Vitaly Shmatikov discusses this in detail.
|
Antiviruses are highly privileged processes with access to virtually all of your files and data, parsing through them trying to find something that matches a known bad signature. Beyond the fact that you need to trust the Antivirus company and that the signature list will never have all of the malware in existence, a vulnerable parser could lead to a system compromise. The [Abusing File Processing in Malware Detectors for Fun and Profit](/researches/Abusing-File-Processing-in-Malware-Detectors-for-Fun-and-Profit.pdf) research paper by Suman Jana and Vitaly Shmatikov discusses this in detail.
|
||||||
|
|
||||||
The proper way to deal with untrusted applications is not to scan them with an Antivirus, but to confine them in such a way that even if they were maicious, they cannot do much damage at all. This has already been achieved on secure mobile operating systems like Android and iOS. Typically, attacks against these systems require an operating system level exploit chain, or for the user to actually mess up and grant an app access to sensitive data. On desktop operating systems, you should utilize virtualization to contain untrusted applications in their own virtual machine. This can be done with a system like Qubes OS, the [Windows Sandbox](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview), or just general KVM / HyperV Virtual Machines.
|
The proper way to deal with untrusted applications is not to scan them with an Antivirus, but to confine them in such a way that even if they were maicious, they cannot do much damage at all. This has already been achieved on secure mobile operating systems like Android and iOS. Typically, attacks against these systems require an operating system level exploit chain, or for the user to actually mess up and grant an app access to sensitive data. On desktop operating systems, you should utilize virtualization to contain untrusted applications in their own virtual machine. This can be done with a system like Qubes OS, the [Windows Sandbox](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview), or just general KVM / HyperV Virtual Machines.
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user