Interesting discussion with a hacker on Reddit. Microsoft Security Essentials is the most preferred and easiest to bypass (according to this guy).
Some screens: http://i.imgur.com/yxMDx.jpg
(R - Reddit / H - Hacker)
R: What anti virus software free/paid for presents to you the biggest obstacles?
H: Kaspersky was the most challenging at first, Kaspersky is paranoid as f...k! But it has an exploit in KIS, KAV and PURE, allowing to start malicious code in the memory context of a trusted system process unnoticed. Kaspersky won't interfere if it thinks it's the system process doing changes to the system.
R: What advice can you give to us "average" folk on how to stay secure online?
H: If the attachment is ending in .exe and pretending to be something else, it's malware for sure. If it's a .pdf it can only infect you if you haven't patched your Adobe Reader (Is now done automaticly). Cybercriminals use 0day exploits only on valueable targets like Iranian power plants or companies with intellectual properties and ****ing lot of cash.
- Facebook friends don't share funny cat pictures on randomly generated domain names.
- If your AV says it's clean or even if Virustotal gives you 0/43 it can still be malware, been there, seen that. Srsly, don't trust your AV.
- Use HBCI or similiar for online banking, it costs 30$ and is military grade cryptography (private key signing), only open source cryptography on signed hardware is 100% secure.
- Windows updates, yes, do them. If you have a pirated copy, just buy that **** or use linux.
- If you are super paranoid, buy a netbook and use a LiveCD or similiar on it whenever you put your CC information in.
- Banking on mobile phone, it's stupid, but atm 'not that dangerous as it seems', because 99% of cybercriminals can't code and there is no (serious) android or iOS malware yet on the market.
R: Does this mean Linux or MAC OSx are impermeable to malware? If so, why? If not, what's the best way Linux or MAC users see if they've been infected?
H: No, but Linux is not targeted, because it is not economical.
R: What do you use to spread?
H: Automatically backdooring warez and uploading it to one click hoster and Usenet. It's funny that even governmental agencies use warez, I found FAA.gov credentials. My momma always said, "A botnet is like a box of chocolates. You never know what you're gonna get."
H: It first started as a challenge to circumvent AntiVirus systems, but then I realised all AV suck at detection and it's easy to make money with it.
R: how about making a better AV detection system and profiting off that?
H: AV is a completely wrong approach to security. If you need AV to feel secure you already failed.
R: First, thanks for the AMA, really interesting. Could you write some "perfect protection" AV software yourself? I bet you could make a ****ton of cash even if it is a one time sale per person. Is there hacker-folk interest in putting AV companies out of business by giving away or selling cheap, far superior, protection? Would it be more fun to screw over big companies who sell snake oil?
H: Most "hacker-folk" kinda work at AV companies already. There is already a company going the "elimate it at the root" approach: http://www.triumfant.com
. But it's not that easy, the big companies have the moneys, Symantec has the colorful commercials, McAfee has the governmental contracts for voting machines AV (Mr. McAfee has btw the same lifestyle as your average Russian Spam King: 66 years old, huge house in a tropical country, 17 year old girlfriend, lots of unregistered weapons lol). It's not about the product itself, it's about power and influence. Read about the "HBGary federal accident" or watch the Defcon 19 video with "Aaron Van Barr (totally not Aaron Barr, because he wasn't allowed to be there
)". Changing the security industry is like changing the copyright system.
R: you're the reason we can't have nice things.
H: People who can just about start Facebook and put in their credit cards are the reason such things exist. Antivirus companies selling snakeoil and lull consumers into absolute security are another one.