|
Re: I agree to some degree
In reply to Richard,
6 months ago
|
Richard wrote:
Andreja wrote:
A lot of noise gets made over the supposed relative merits of one AV product versus another, but few (real) authorities cover the performance degradation and outright brokenness of most AV "solutions". Their kernel-mode drivers often cause mysterious resource leaks, miscellaneous delays in odd places, bizarre crashes... Oh, and they might sometimes actually find some malware.
I honestly think the time of AV is over. It's an anachronism. The future lies down the path of strict adherence to LUA principles with installation and execution of code limited to digitally signed binaries from trusted vendors.
Real-time AV filter drivers are a cure that's worse than the disease.
I agree realtime AF filter drivers are a cure worse thant the disease. I disagree on using LUA principals, not on the principal itself, but the problems it would cause. This would cause software prices to skyrocket, programs would have way more "bugs" because they may try to access the wrong resources beyond their privilege.
I don't want a computer that is locked down, limited only to digitally signed binaries. How often do I install the latest video card driver to get the error driver not digitally signed, and what do I do bypass it because I want the update.
Don't confuse "digitally signed" with "Microsoft WHQL certified". All drivers are signed, always. On some platforms (servers) the OS won't even load unsigned drivers at all, unless explicitely allowed by group policies.
If it is enforced, and I cannot bypass, then I am stuck with driver and software fixes that are slow to appear. If it is not enforced, unsuspecting users can install malware. Say good bye to shareware or freeware.
I ship signed shareware and freeware. All software should be required to be signed with, at least, a Class 1 certificate (suitable for individuals, cost about $20/year, which is chearper than the developer fee required to ship freeware through Apple or MS stores).
Anything running in the kernel requires a Class 3 digital signature ("for servers and software signing, for which independent verification and checking of identity and authority is done by the issuing certificate authority").
| Post (hide subjects) | Posted by | When | |
|---|---|---|---|
| 6 months ago | |||
| 6 months ago | |||
| 6 months ago | |||
| 6 months ago | |||
| 6 months ago | |||
| 6 months ago | |||
| 6 months ago | |||
| 6 months ago | |||
| 6 months ago | |||
| 6 months ago | 1 | ||
| 6 months ago | |||
| 6 months ago | |||
| 6 months ago | |||
| 6 months ago | |||
| 6 months ago | |||
| 6 months ago | |||
| 6 months ago | |||
| 6 months ago | 1 | ||
| 6 months ago | |||
| 6 months ago | |||
| 6 months ago | |||
| 6 months ago | |||
| 6 months ago |
   |
|
Connect with dpreview
|
