From what I understand, AVs usually check a file’s hash in their database. This seems logical for viruses that spread from computer to computer, as multiple people having the same file would report the same effect.
But how about legitimate software used maliciously? Like a backup program that regularly uploads your file? Keyloggers? Or a virus that changes its own hash? Now that I think about it, I’ve written several codes that could’ve easily turned into a virus and weren’t detected.
Do AVs actually do a good job at keeping your computers safe or do they just stop the commonly found viruses?
In: 2
There’s a technical word called a sandbox. Imagine you are worried a kid is gonna shit on the beach. So you make a sandbox on the beach, the “kid” (virus) sees the “sand” (fake computer) And violently shits. You notixe the shit, quarantine the kid, and wipe the sandbox clean. No shit on the beach.
Latest Answers