Go Back  FlyerTalk Forums > Travel&Dining > Travel Technology
Reload this Page >

Best antivirus protection to go for

Best antivirus protection to go for

Old Feb 12, 2016, 7:13 am
  #151  
FlyerTalk Evangelist
 
Join Date: Nov 2002
Location: ORD
Posts: 14,196
Are there any antivirus programs that don't suck?
gfunkdave is offline  
Old Feb 12, 2016, 8:10 am
  #152  
 
Join Date: May 2004
Location: Exclusively OMNI/PR, for Reasons
Posts: 4,188
Originally Posted by gqZJzU4vusf0Z2,$d7
At best, anti-virus products are ~20% solutions. Some of them are deceitful. I consider others unnecessarily risky.

Anti-virus from the ... file: Trend Micro Anti-virus - UNinstall it now

Includes an unsecured back-door that permits anyone esle with network access to remotely run commands on your system. The integral password vault will also reveal your passwords. The architecture is so fundamentally flawed that this will not be an easy fix. Again: Uninstall this product. Really.

Anti-Virus Product as Spyware: AVG (Free edition)

AVG has updated the ToS for their free product. If you clicked "I Accept," they will begin harvesting & selling your internet usage & appl usage: "We collect non-personal data to make money from our free offerings so we can keep them free, including:

Advertising ID associated with your device; Browsing and search history, including meta-data; Internet service provider or mobile network you use to connect to our products; and Information regarding other applications you may have on your device and how they are used. Sometimes browsing history or search history contains terms that might identify you. If we become aware that part of your browsing history might identify you, we will treat that portion of your history as personal data, and will anonymize this information."

Anti-virus products that unnecessarily increase risk: Avast, ESET & Kaspersky Labs

All are capable of cracking HTTPS encryption via MiTM. They screw-up their TLS/SSL connection:decryption:scan:RE-ENCRYPTION ... and that's a VERY bad thing. For me, this architecture lowers the bar too far, considering the increased risk that accompanies it. There are ways to accomplish this task, without the unnecessary risks.

Once out'd, all three issued mea culpas and promised fixes. But did they reform their thinking? What the heck else might they be hiding? Beats me. All three are dead to me.

Avast: By default intercepts all encrypted traffic; except from sites using EV certs.

Kaspersky: By default intercepts traffic to certain important websites (ecommerce, banking, etc); except sites using EV certs.

ESET: By default doesnt intercept any traffic unless the user enables this
option; except sites using EV certs.

The problems with anti-virus products:

ESET: Does not support TLS 1.2 and therefore uses a less secure encryption
algorithm. Nor do they support OCSP stapling.

Kaspersky: Enables the insecure TLS compression feature that will make a user vulnerable to the "CRIME" exploit. Also accepts nonsensical params for Diffie Hellman key exchanges.

Avast: Bundles the Google Chrome browser (excellent TLS/SSL features) ... then immediately lowers Chrome's default security while display a "Secure" (not!) label.

What anti-virus products can be trusted? Beats me. I have not researched
Microsoft's Windows Defender or MalwareBytes.
Much of your content above appears to have been extracted from Hanno Bck's blog, posted in April of last year. Do you know for a fact that these vulnerabilities remain un-addressed?
Dodge DeBoulet is offline  
Old Feb 12, 2016, 7:40 pm
  #153  
 
Join Date: Feb 2013
Location: Somewhere In The Five Eyes
Posts: 228
> Do you know for a fact that these vulnerabilities remain un-addressed?

The answer to your question, is in my original post ...
gqZJzU4vusf0Z2,$d7 is offline  
Old Feb 13, 2016, 6:21 am
  #154  
 
Join Date: Apr 2010
Location: ORD
Programs: AA, UA, GE
Posts: 5,115
Spybot S&D has recently moved into the antivirus space.

I haven't seen any reviews on their product. But from past experience their anti malware scans have been pretty good.
cheltzel is offline  
Old Feb 13, 2016, 6:40 am
  #155  
 
Join Date: May 2004
Location: Exclusively OMNI/PR, for Reasons
Posts: 4,188
Originally Posted by gqZJzU4vusf0Z2,$d7
> Do you know for a fact that these vulnerabilities remain un-addressed?

The answer to your question, is in my original post ...
Not seeing it.
Dodge DeBoulet is offline  
Old Feb 15, 2016, 3:17 pm
  #156  
 
Join Date: Feb 2013
Location: Somewhere In The Five Eyes
Posts: 228
Originally Posted by Dodge DeBoulet
Not seeing it.
> Once out'd, all three issued mea culpas and promised fixes. But did
> they reform their thinking? What the heck else might they be hiding?
> Beats me. All three are dead to me.

... and it is four if we include Trend Micro (we should).

What these firms chose to-do was not an error nor an omission. It was deliberate. I simply do not trust them to speak the truth. They lied. They got caught. Some doubled-down on the lie(s) before mumbling a mea culpa. Some did not even grasp the nature of their broken engineering.

Last edited by gqZJzU4vusf0Z2,$d7; Feb 15, 2016 at 3:24 pm
gqZJzU4vusf0Z2,$d7 is offline  
Old Feb 15, 2016, 4:18 pm
  #157  
DH
 
Join Date: Jan 2000
Location: Ashburn, VA (IAD/DCA/BWI)
Posts: 2,748
Originally Posted by gqZJzU4vusf0Z2,$d7
> Once out'd, all three issued mea culpas and promised fixes. But did
> they reform their thinking? What the heck else might they be hiding?
> Beats me. All three are dead to me.

... and it is four if we include Trend Micro (we should).

What these firms chose to-do was not an error nor an omission. It was deliberate. I simply do not trust them to speak the truth. They lied. They got caught. Some doubled-down on the lie(s) before mumbling a mea culpa. Some did not even grasp the nature of their broken engineering.
What's your AV choice?
DH is offline  
Old Feb 15, 2016, 11:55 pm
  #158  
FlyerTalk Evangelist
 
Join Date: Apr 2009
Location: Bye Delta
Programs: AA EXP, HH Diamond, IHG Plat, Hyatt Plat, Marriott Plat, Nat'l Exec Elite, Avis Presidents Club
Posts: 16,247
Originally Posted by gqZJzU4vusf0Z2,$d7
At best, anti-virus products are ~20% solutions. Some of them are deceitful. I consider others unnecessarily risky.

Anti-virus from the ... file: Trend Micro Anti-virus - UNinstall it now

Includes an unsecured back-door that permits anyone esle with network access to remotely run commands on your system. The integral password vault will also reveal your passwords. The architecture is so fundamentally flawed that this will not be an easy fix. Again: Uninstall this product. Really.

Anti-Virus Product as Spyware: AVG (Free edition)

AVG has updated the ToS for their free product. If you clicked "I Accept," they will begin harvesting & selling your internet usage & appl usage: "We collect non-personal data to make money from our free offerings so we can keep them free, including:

Advertising ID associated with your device; Browsing and search history, including meta-data; Internet service provider or mobile network you use to connect to our products; and Information regarding other applications you may have on your device and how they are used. Sometimes browsing history or search history contains terms that might identify you. If we become aware that part of your browsing history might identify you, we will treat that portion of your history as personal data, and will anonymize this information."

Anti-virus products that unnecessarily increase risk: Avast, ESET & Kaspersky Labs

All are capable of cracking HTTPS encryption via MiTM. They screw-up their TLS/SSL connection:decryption:scan:RE-ENCRYPTION ... and that's a VERY bad thing. For me, this architecture lowers the bar too far, considering the increased risk that accompanies it. There are ways to accomplish this task, without the unnecessary risks.

Once out'd, all three issued mea culpas and promised fixes. But did they reform their thinking? What the heck else might they be hiding? Beats me. All three are dead to me.

Avast: By default intercepts all encrypted traffic; except from sites using EV certs.

Kaspersky: By default intercepts traffic to certain important websites (ecommerce, banking, etc); except sites using EV certs.

ESET: By default doesnt intercept any traffic unless the user enables this
option; except sites using EV certs.

The problems with anti-virus products:

ESET: Does not support TLS 1.2 and therefore uses a less secure encryption
algorithm. Nor do they support OCSP stapling.

Kaspersky: Enables the insecure TLS compression feature that will make a user vulnerable to the "CRIME" exploit. Also accepts nonsensical params for Diffie Hellman key exchanges.

Avast: Bundles the Google Chrome browser (excellent TLS/SSL features) ... then immediately lowers Chrome's default security while display a "Secure" (not!) label.

What anti-virus products can be trusted? Beats me. I have not researched
Microsoft's Windows Defender or MalwareBytes.
You seem to be conflating anti-virus with internet security offerings.
javabytes is offline  
Old Feb 16, 2016, 3:20 pm
  #159  
 
Join Date: Feb 2013
Location: Somewhere In The Five Eyes
Posts: 228
> You seem to be conflating anti-virus with internet security offerings.

Incorrect.

All four (4) examples I provided are ANTI-VIRUS products ... that have nefarious, undocumented feechurs that deliberately weaken security in a substantive manner. And the best AV is maybe 20% effective.

Last edited by gqZJzU4vusf0Z2,$d7; Feb 16, 2016 at 3:39 pm
gqZJzU4vusf0Z2,$d7 is offline  
Old Feb 16, 2016, 3:30 pm
  #160  
 
Join Date: Feb 2013
Location: Somewhere In The Five Eyes
Posts: 228
> What's your AV choice?

I do not use any anti-virus software.

The "best" anti-virus software is maybe 20% effective ... and too many of them have been caught deliberately doing things that actually decrease security.

What I do & use:

- I almost never login to my admin/root accounts
- Ad blocker - uBlock Origin (because the ad networks are significant distributors of malware:ads)
- Tracker blocker - uBlock Origin
- NoScript (I block everything by default and whitelist only a few things that I trust)
- I don't open attachments, unless I specifically requested that someone send me a specific item.
- I click very few links
- I do use bookmarks that I have manually created (typed-in)
- I uninstalled Java, before it was fashionable to uninstall Java
- I uninstalled Flash, ditto
- I uninstalled Silverlight, ditto
- I use HTTPS everywhere possible
- I prefer to use Firefox
- I uninstalled Adobe (PDF) Reader
- Sometimes use Chrome (primarily to view PDFs)
- Will never trust:use Internet Explorer or Edge
- I *try* to always run my browser in a separate VM/partition
- I strongly prefer LTE/4G/3G over public WiFi
- I use Netalyzer to determine if an internet connection is reasonably trustworthy

Last edited by gqZJzU4vusf0Z2,$d7; Feb 17, 2016 at 8:34 am
gqZJzU4vusf0Z2,$d7 is offline  
Old Feb 16, 2016, 4:43 pm
  #161  
FlyerTalk Evangelist
 
Join Date: Nov 2002
Location: ORD
Posts: 14,196
Originally Posted by gqZJzU4vusf0Z2,$d7
- I click very few links
So you don't use the web?
gfunkdave is offline  
Old Feb 17, 2016, 5:10 am
  #162  
 
Join Date: Feb 2013
Location: Somewhere In The Five Eyes
Posts: 228
Originally Posted by gfunkdave
So you don't use the web?
Incorrect

I am very deliberate and disciplined when it comes to web usage. Think twice. Click once.
gqZJzU4vusf0Z2,$d7 is offline  
Old Feb 17, 2016, 6:54 am
  #163  
 
Join Date: Apr 2010
Location: ORD
Programs: AA, UA, GE
Posts: 5,115
Originally Posted by gqZJzU4vusf0Z2,$d7
> What's your AV choice?

I do not use any anti-virus software.

The "best" anti-virus software is maybe 20% effective ... and too many of them have been caught deliberately doing things they should not have ever done.

I do use:

- Ad blocker - uBlock Origin (because the ad networks are significant distributors of malware:ads)
- Tracker blocker - uBlock Origin
- NoScript (I block everything by default and whitelist only a few things that I trust)
- I don't open attachments, unless I specifically requested that someone send me a specific item.
- I click very few links
- I do use bookmarks that I have manually created (typed-in)
- I uninstalled Java, before it was fashionable to uninstall Java
- I uninstalled Flash, ditto
- I uninstalled Silverlight, ditto
- I use HTTPS everywhere possible
- I prefer to use Firefox
- I uninstalled Adobe (PDF) Reader
- Sometimes use Chrome (primarily to view PDFs)
- Will never trust:use Internet Explorer or Edge
- I *try* to always run my browser in a separate VM/partition
- I strongly prefer LTE/4G/3G over public WiFi
- I use Netalyzer to determine if an internet connection is reasonably trustworthy
Do you have a specific preference of uBlock over Privacy Badger?
cheltzel is offline  
Old Feb 17, 2016, 8:00 am
  #164  
 
Join Date: Feb 2013
Location: Somewhere In The Five Eyes
Posts: 228
> Do you have a specific preference of uBlock over Privacy Badger?

No. (Not yet. <g>) I trust EFF (Privacy Badger & HTTPS Everywhere)

Another advantage of using ad blockers and tracker blockers ... web pages load a lot faster.

The disadvantage is that some web sites refuse service to customers running ad & tracker blocking technology. (Conde Nast, Forbes, etc.)
gqZJzU4vusf0Z2,$d7 is offline  
Old Feb 17, 2016, 8:26 am
  #165  
 
Join Date: Apr 2010
Location: ORD
Programs: AA, UA, GE
Posts: 5,115
Originally Posted by gqZJzU4vusf0Z2,$d7
> Do you have a specific preference of uBlock over Privacy Badger?

No. (Not yet. <g>) I trust EFF (Privacy Badger & HTTPS Everywhere)

Another advantage of using ad blockers and tracker blockers ... web pages load a lot faster.

The disadvantage is that some web sites refuse service to customers running ad & tracker blocking technology. (Conde Nast, Forbes, etc.)
You can usually find a way around that kind of block (meaning an alternate site for the same information).

I run VMs as well so I can access a suspect site from a throw away VM instance if I absolutely have to.
cheltzel is offline  

Thread Tools
Search this Thread

Contact Us - Manage Preferences - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service -

This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.