@All:
This will be my last statement in this thread, however more ad-hominem and insulting mikey's statements will become!I'm sorry but I'm laughing so hard I can hardly type. There's just a whole bunch of folks I need to fwd this thread too.
Yap, I am sure of that. Ignorance gives a lot of "fun" to those having this problem.
I've had lots of debates over the merits of one ware over another buit I've never spoken to a so called pro that was so whatever this is.
So I guess that ProcessGuard from Diamond (the anti-malware company I mentioned who retooled) has signatures in their tool.
Oh, seems this is a cultural difference then, since I have a
completely different concept of
superset and
subset - which is not too far from the mathematical definition either (or maybe my dictionary, my teachers and all English native-speakers until now have lied to me about the meaning of these words?!), but I guess you don't really give a sh*t about math and logic since you are the new Messiah revealing the one and only truth about a 100% protection of computer to the users. Oh, and infidels be damned to everlasting uncertainty about the protection state of their computer. Amen.
BTW: This is my own view on the terms HIPS, AV and so on. So sorry if they are different from the mainstream. Maybe my view of HIPS is a bit too narrow and instead of a superset/subset-releationship one should maybe call it intersection?! But your way of discussing is indeed more
preaching than
teaching ...
And you talk about being clueless.
Logic has never been a good weapon against faith and ignorance. So probably indeed I must be the clueless here since HIPS are seemingly godly or god-devised software programs (or hardware devices with software, for the completeness) and hence
perfect. Since they are
perfect they can obviously monitor all (i.e. infinitely many) attack vectors inside the finite amount of memory available to them. Also they will never need to be updated in any way, since they are perfect and since the infidels could argue that updating is a
reaction to new threats or newly found (and
published) attack vectors. The really evil infidels could even argue that HIPS are anyway just following the reactive approach because they will help only against malware using known attack vectors covered by the HIPS.
A very few AVs now are including HIPS in their suites...a very recent development. And only because they have to.
Sure, if you say so.
NONE of the tools mentioned on my page have signature dbs nor do any of the sandboxes.
I wonder which part of my previous response stated the opposite. Darn, I can't find it - but well on the other hand I am not a native-speaker, so probably my reading-skills of English are even worse than my writing-skills and that is the reason I cannot find it in the way you try to put it here.
You are supposed to be a professional and you don't even know the difference between casual heuristics and a process firewall.
Now you got me of course. Although again I can't find it in any of my posts above (probably the hidden manipulation of an admin or so?!). But you must be correct here, since I am not able to compare apples and oranges. So, since you have that amazing capability I will not contest your claims.
go back to school
I'd love to. But probably this time is gone forever more. But to keep my brain working I am learning new things everyday and challenging it. That is of course not as advanced a believing in the one and only truth, but well, I'll keep teaching myself instead of letting others preach to me.
I'll even dig up some more refs for you in the morning. I really would not want you to go around so completely without any understanding of your surroundings.
Thanks for caring.
Start talking in this reality. As most know I have no prob relating in any REAL debate. When you talk nonsense, I just talk around you.
Well, what I understood from the "debates" (and I do not just refer to
this one) with you up to know that you are following the rules of talkshow-"debates". This has nothing to do with a classical debate whatsoever. A classical debate is an exchange of arguments with a conslusion in the form of a consensus or dissent.
But still I don't get your point. You are trying to be picky about my words although my initial statement was
just that
there is no 100% protection and more importantly no 100% detection in case of rootkits. This is due to the nature of software and might be mitigated with .NET/CLI or virtualization or whatever else. But currently this is a
huge problem and a general solution is not in sight. Possibly you love to live in a world of black and white (or 0 and 100% if you will), I have just a problem with the 100%-statements you make. Whether you are aware or not, you are misleading users to think they are forever safe just by using one or another recipe - and of course the recipe that
you recommend.
This is nonsense, but since we have come to the point where it is about faith instead of about facts, I cannot help it anymore. Even if you have multiple different anti-malware solutions - including your favorites - installed does not mean you are 100% safe. It just means that it is close to 100%. And why? Because the line of defense is implemented in software, which again is subject to the issues it tries to prevent ...
