FlyerTalk Forums - View Single Post - Best antivirus protection to go for
Thread: Best antivirus protection to go for
View Single Post
Old Feb 15, 2016, 11:55 pm
  #158  
javabytes
FlyerTalk Evangelist
 
Join Date: Apr 2009
Location: Bye Delta
Programs: AA EXP, HH Diamond, IHG Plat, Hyatt Plat, Marriott Plat, Nat'l Exec Elite, Avis Presidents Club
Posts: 16,276
Originally Posted by gqZJzU4vusf0Z2,$d7
At best, anti-virus products are ~20% solutions. Some of them are deceitful. I consider others unnecessarily risky.

Anti-virus from the ... file: Trend Micro Anti-virus - UNinstall it now

Includes an unsecured back-door that permits anyone esle with network access to remotely run commands on your system. The integral password vault will also reveal your passwords. The architecture is so fundamentally flawed that this will not be an easy fix. Again: Uninstall this product. Really.

Anti-Virus Product as Spyware: AVG (Free edition)

AVG has updated the ToS for their free product. If you clicked "I Accept," they will begin harvesting & selling your internet usage & appl usage: "We collect non-personal data to make money from our free offerings so we can keep them free, including:

Advertising ID associated with your device; Browsing and search history, including meta-data; Internet service provider or mobile network you use to connect to our products; and Information regarding other applications you may have on your device and how they are used. Sometimes browsing history or search history contains terms that might identify you. If we become aware that part of your browsing history might identify you, we will treat that portion of your history as personal data, and will anonymize this information."

Anti-virus products that unnecessarily increase risk: Avast, ESET & Kaspersky Labs

All are capable of cracking HTTPS encryption via MiTM. They screw-up their TLS/SSL connection:decryption:scan:RE-ENCRYPTION ... and that's a VERY bad thing. For me, this architecture lowers the bar too far, considering the increased risk that accompanies it. There are ways to accomplish this task, without the unnecessary risks.

Once out'd, all three issued mea culpas and promised fixes. But did they reform their thinking? What the heck else might they be hiding? Beats me. All three are dead to me.

Avast: By default intercepts all encrypted traffic; except from sites using EV certs.

Kaspersky: By default intercepts traffic to certain important websites (ecommerce, banking, etc); except sites using EV certs.

ESET: By default doesn’t intercept any traffic unless the user enables this
option; except sites using EV certs.

The problems with anti-virus products:

ESET: Does not support TLS 1.2 and therefore uses a less secure encryption
algorithm. Nor do they support OCSP stapling.

Kaspersky: Enables the insecure TLS compression feature that will make a user vulnerable to the "CRIME" exploit. Also accepts nonsensical params for Diffie Hellman key exchanges.

Avast: Bundles the Google Chrome browser (excellent TLS/SSL features) ... then immediately lowers Chrome's default security while display a "Secure" (not!) label.

What anti-virus products can be trusted? Beats me. I have not researched
Microsoft's Windows Defender or MalwareBytes.
You seem to be conflating anti-virus with internet security offerings.
javabytes is offline  
Reply