Comments on: It Doesn’t Hurt to Ask http://www.eset.com/blog/2008/08/28/it-doesn%e2%80%99t-hurt-to-ask Fri, 12 Mar 2010 16:00:59 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: David http://www.eset.com/blog/2008/08/28/it-doesn%e2%80%99t-hurt-to-ask/comment-page-1#comment-31984 David Tue, 23 Sep 2008 14:01:36 +0000 http://www.eset.com/threat-center/blog/?p=148#comment-31984 ESET does use "in-the-cloud" technology, though not in the exact same, limited sense that AV companies tend to use the term right now. Our product range is continuously reviewed and updated. I can't tell you exactly what changes are in the pipeline (I don't know all of them), but we won't be standing still. David Harley Malware Intelligence Team ESET does use “in-the-cloud” technology, though not in the exact same, limited sense that AV companies tend to use the term right now. Our product range is continuously reviewed and updated. I can’t tell you exactly what changes are in the pipeline (I don’t know all of them), but we won’t be standing still.

David Harley
Malware Intelligence Team

]]> By: Kresirys http://www.eset.com/blog/2008/08/28/it-doesn%e2%80%99t-hurt-to-ask/comment-page-1#comment-31901 Kresirys Sun, 21 Sep 2008 10:43:28 +0000 http://www.eset.com/threat-center/blog/?p=148#comment-31901 Hi,David Harley: Did you hear about "In-the-cloud" technology? For example: Panda's called "Collective Intelligence",McAfee's called "Artemis" and Symantec's called "Norton Community Watch". In the latest AV-Test result,all of above with 2009 products had the better detection rate and faster respond time than 2008s. Will ESET develop similar technology? Or just keep using your positive technology for hundred of years? Hi,David Harley:
Did you hear about “In-the-cloud” technology?

For example:
Panda’s called “Collective Intelligence”,McAfee’s called “Artemis” and Symantec’s called “Norton Community Watch”.

In the latest AV-Test result,all of above with 2009 products had the better detection rate and faster respond time than 2008s.

Will ESET develop similar technology?

Or just keep using your positive technology for hundred of years?

]]> By: David http://www.eset.com/blog/2008/08/28/it-doesn%e2%80%99t-hurt-to-ask/comment-page-1#comment-31814 David Fri, 19 Sep 2008 12:03:00 +0000 http://www.eset.com/threat-center/blog/?p=148#comment-31814 Hello, Fred. I don't have a number for an ESET office in Norway. I think you need one of the contact points/numbers/email addresses at www.esetscandinavia.com/company/contact/. David Harley Malware Intelligence Team Hello, Fred.

I don’t have a number for an ESET office in Norway. I think you need one of the contact points/numbers/email addresses at http://www.esetscandinavia.com/company/contact/.

David Harley
Malware Intelligence Team

]]> By: Randy Abrams http://www.eset.com/blog/2008/08/28/it-doesn%e2%80%99t-hurt-to-ask/comment-page-1#comment-31513 Randy Abrams Fri, 12 Sep 2008 10:35:49 +0000 http://www.eset.com/threat-center/blog/?p=148#comment-31513 If I relied exclusively upon the response in the IM environment, then the scenarios you present could be effective. There is no silver bullet. Trying to validate transfers in IM or email is just one layer of defense. It can be a highly effective layer, but obviously cannot be assumed to protect 100% of the time. Still, that a solution is not perfect does not render it useless. In my case, if a link that didn't make sense in the context of the conversation was sent, in addition to asking if the sender meant to send the link, I would ask why. I would try to understand the context. Then I would also have anti-virus software in place, and if I decided to click the link it would be sand boxed to limit damage. Randy Abrams Director of Technical Education If I relied exclusively upon the response in the IM environment, then the scenarios you present could be effective. There is no silver bullet. Trying to validate transfers in IM or email is just one layer of defense. It can be a highly effective layer, but obviously cannot be assumed to protect 100% of the time. Still, that a solution is not perfect does not render it useless.

In my case, if a link that didn’t make sense in the context of the conversation was sent, in addition to asking if the sender meant to send the link, I would ask why. I would try to understand the context. Then I would also have anti-virus software in place, and if I decided to click the link it would be sand boxed to limit damage.

Randy Abrams
Director of Technical Education

]]> By: AJ http://www.eset.com/blog/2008/08/28/it-doesn%e2%80%99t-hurt-to-ask/comment-page-1#comment-31512 AJ Fri, 12 Sep 2008 10:17:03 +0000 http://www.eset.com/threat-center/blog/?p=148#comment-31512 I wonder whether even then you would escape, if the IM bot is clever enough. You're making two assumptions. One is that your friend isn't the victim of social engineering and is actually sending you the link to a maliciously compromised site - this would be rather like the typical email borne worms, where the user must download the attachment and run it. In this case the link would come through IM, take the user to a site that they enjoyed the content of, and then asked them if they wanted to send the link to all their online friends. The second is that that the sending bot could be 'smart' enough to reply to your query and say yes. Of course, there's also the possibility that your friend is malicious, but just because I'm paranoid doesn't mean they're not out to get you ;-) A I wonder whether even then you would escape, if the IM bot is clever enough. You’re making two assumptions. One is that your friend isn’t the victim of social engineering and is actually sending you the link to a maliciously compromised site – this would be rather like the typical email borne worms, where the user must download the attachment and run it. In this case the link would come through IM, take the user to a site that they enjoyed the content of, and then asked them if they wanted to send the link to all their online friends.
The second is that that the sending bot could be ’smart’ enough to reply to your query and say yes.
Of course, there’s also the possibility that your friend is malicious, but just because I’m paranoid doesn’t mean they’re not out to get you ;-)

A

]]> By: Fred Edstrøm http://www.eset.com/blog/2008/08/28/it-doesn%e2%80%99t-hurt-to-ask/comment-page-1#comment-31340 Fred Edstrøm Mon, 08 Sep 2008 13:23:48 +0000 http://www.eset.com/threat-center/blog/?p=148#comment-31340 Hello! Have you heard about a keylogger with name Goldeneye. Have some experians with this or maybe Nod32 take care of it? Try to reach the Norwegian Nod32 office, but the phone number they had dont work anymore +47 23 17 26 00 Best Regards from Fred Edstrøm Norway Hello! Have you heard about a keylogger with name Goldeneye. Have some experians with this or maybe Nod32 take care of it?

Try to reach the Norwegian Nod32 office, but the phone number they had dont work anymore +47 23 17 26 00

Best Regards from

Fred Edstrøm
Norway

]]>