CrAKeN Posted May 4, 2017 Share Posted May 4, 2017 DEP and ASLR adoption in consumer products German antivirus research institute AV-TEST has performed a new series of tests to determine how antivirus vendors manage to protect their own security solutions, analyzing the use of ASLR and DEP, signed files, and HTTPS for delivering updates. The results aren’t at all surprising, as some of the developing companies are yet to make their products fully hackerproof using these technologies, instead leaving gaps that can be used by attackers to eventually hijack a system. When it comes to ASLR (Address Space Layout Randomization) and DEP (Data Execution Prevention), AV-TEST says the top security products on the market, including here the ones from Avira, Bitdefender, Kaspersky, and Symantec, use these security technologies “without exception,” while AVG and BullGuard are pretty close with an almost perfect score. “Additional manufacturers such as Comodo, Emsisoft, Avast, McAfee, ThreatTrack, Quick Heal and K7 do not use the technology consistently enough. Their rates range between 92.2 and 58.5 percent. Ahnlab, which achieved the lowest percentage, deploys ASLR & DEP even as low as 36.3 percent,” AV-TEST says. Signed files and HTTPS As far as signed files are concerned, not everyone seems to be embracing this method. Signed files allow security products to identify the developer of a specific application and check the integrity, determining whether any malicious changes have been made to a specific file. Again, the top security suites out there come with signed files, including Bitdefender and Kaspersky, while in the case of Avira and AVG, 1 to 5 files are not signed or use an invalid certificate. And last but not least, it appears that only 13 out of the 19 security products are using HTTPS for software and update distribution, with Avira, Bitdefender, ESET, and Kaspersky passing these tests with flying colors. What’s worse is that some of the antivirus vendors whose solutions were tested say that technologies like ASLR and DEP cannot be implemented into their products. “Some suppliers informed the lab experts after the last tests that their product files in the test would never reach 100 percent. Because they used protection technologies that were not compatible with ASLR and DEP. Yet the manufacturers do not wish to disclose which technologies are involved,” AV-TEST revealed. DEP and ASLR adoption has improved, but it's still not perfect Source Link to comment Share on other sites More sharing options...
Agent 86 Posted May 5, 2017 Share Posted May 5, 2017 IMHO consumer AV solutions are a waste of money (if you actually do buy one), or at least a waste of time and resources. We (nsane forums) use to have an active member named @mike.mt who could (if he was here) say it much better than myself. Edit: Lets milk the Sheeples of their hard earned cash, give them peace of mind, and send them to sleep happy. Ignorance is in fact very very bliss! Link to comment Share on other sites More sharing options...
Holmes Posted May 5, 2017 Share Posted May 5, 2017 The antivirus ESET is the only one that has one hundred percent on everything. Link to comment Share on other sites More sharing options...
Sylence Posted May 5, 2017 Share Posted May 5, 2017 You're better off using a kernel based Antivirus like Windows Defender instead of using third party Antivirus software and add more attack points to your system. Link to comment Share on other sites More sharing options...
steven36 Posted May 5, 2017 Share Posted May 5, 2017 2 hours ago, saeed_dc said: You're better off using a kernel based Antivirus like Windows Defender instead of using third party Antivirus software and add more attack points to your system. Windows 10 this Windows 10 that you need to use everything by Microsoft because its mortal sin if Microsoft is not you're lord and savior . Link to comment Share on other sites More sharing options...
Recruit Posted May 5, 2017 Share Posted May 5, 2017 Hope there is no need to tell you again that the antivirus is dead ! Link to comment Share on other sites More sharing options...
steven36 Posted May 5, 2017 Share Posted May 5, 2017 11 minutes ago, Recruit said: Hope there is no need to tell you again that the antivirus is dead ! That saying came over on my dinosaur Every year they post it's dead and people still buy them ,whats still alive and baked in windows now can't technically be dead Signature-based antivirus is dead: Get over it April 29, 2008 http://www.zdnet.com/article/signature-based-antivirus-is-dead-get-over-it/ Link to comment Share on other sites More sharing options...
pc71520 Posted May 5, 2017 Share Posted May 5, 2017 1 hour ago, Recruit said: Hope there is no need to tell you again that the antivirus is dead ! Especially against 0-day Threats... Link to comment Share on other sites More sharing options...
Sylence Posted May 5, 2017 Share Posted May 5, 2017 2 hours ago, steven36 said: Windows 10 this Windows 10 that you need to use everything by Microsoft because its mortal sin if Microsoft is not you're lord and savior . u mad bro? cus i was being honest Link to comment Share on other sites More sharing options...
UnknownOne Posted May 5, 2017 Share Posted May 5, 2017 antivirus / firewalls are backdoors, keep saying it but nobody listens.. just close all your ports.. be smart where you browse and what you run / open.. Link to comment Share on other sites More sharing options...
steven36 Posted May 5, 2017 Share Posted May 5, 2017 2 hours ago, saeed_dc said: u mad bro? cus i was being honest Nah not mad at fanboyiism and being brainwashed I just laugh at that , you know what's more lworse than laggy Windows 10 creators update It's windows 10 creators update with windows defender enabled . Before you installed Windows 10 you used Kaspersky am I right the same company who was suing M$ ? Kaspersky Lab's Complaint Against Microsoft Continues Despite Windows 10 Improvements https://redmondmag.com/articles/2017/05/03/kaspersk--complaint-against-microsoft-continues.aspx When Microsoft told people not too install Windows 10 creators update after Millions installed it Don't install the Windows 10 Creators Update on your own, Microsoft advises http://www.pcworld.com/article/3192588/windows/dont-install-the-windows-10-creators-update-on-your-own-microsoft-advises.html This was the straw that broke the camels back for me, They push out unstable releases too the consumer every time and every Windows 10 update causes loads of regression . I got tried of buggy windows 10 so I put good old Windows 8.1 back in so Windows 10 is not my problem no more . My PC is compatible with all 3rd party AV again even though the 3rd party one I used always worked OK on Windows 10. But after beta testing Windows 10 since the summer of 2015 it was a sigh of relief to have a stable OS once again and Windows 10 and Windows Defender is you're problem and not mine anymore. Even tough Windows 10 creators update gave Microsoft a much needed push upward in the Market share Microsoft advises against doing clean installs and just wait on Windows updates for it too show up one day. Quote Windows 10 started April on 25.36 percent, and ended it on 26.28 percent, a gain of 0.92 percentage points. In contrast, over the same period, Windows 7 went from 49.42 percent to 48.50 percent, a drop of… 0.92 percentage points. Windows 8.1 gained a little -- going from 6.66 percent to 6.96 percent, a growth of 0.3 percentage points, while Windows 8 grew from 1.57 percent to 1.59 percent, an increase of 0.02 percentage points. Link to comment Share on other sites More sharing options...
tao Posted May 5, 2017 Share Posted May 5, 2017 2 hours ago, saeed_dc said: u mad bro? cus i was being honest Honesty burns (like fire)! Link to comment Share on other sites More sharing options...
tao Posted May 5, 2017 Share Posted May 5, 2017 An opinion: Windows 10 is as stable as any other Windows! (Opinion is just that -- an opinion. And an opinion is not a fact . ). Thanks! Regards!! Love!!! Link to comment Share on other sites More sharing options...
Atasas Posted May 5, 2017 Share Posted May 5, 2017 biggest virus threats are the government agencies and big tech companies in having back-doors... which are exploited by even smarter virus makers... Still, as hard as it is for 3'rd party AV makers to detect all of them, they are under pressure to NOT close such back-doors. M$ defender is at the forefront of lies as AV to be trusted, but ... Link to comment Share on other sites More sharing options...
tao Posted May 5, 2017 Share Posted May 5, 2017 6 minutes ago, Atasas said: biggest virus threats are the government agencies and big tech companies... true. also the self, please. Link to comment Share on other sites More sharing options...
Atasas Posted May 5, 2017 Share Posted May 5, 2017 Just now, adi said: true. also the self, please. no! long past naughty days I'll be honest, that it is such fluid area of the works, that unless is very, very much in to it daily- whatever made month ago will not get past Routers or firewalls of today... unless coded with full certification to the perfection.... Link to comment Share on other sites More sharing options...
tao Posted May 5, 2017 Share Posted May 5, 2017 2 minutes ago, Atasas said: no! long past naughty days Not only virii: What is wrong in "examine yourself" first and if the result is clean, all right and might to you to blame others. (naughty or clean: isn't it in the eye of the beholder? ) Regards! Link to comment Share on other sites More sharing options...
46&2 Posted May 5, 2017 Share Posted May 5, 2017 The antivirus ESET is the only one that has one hundred percent on everything.. Link to comment Share on other sites More sharing options...
steven36 Posted May 5, 2017 Share Posted May 5, 2017 28 minutes ago, Atasas said: biggest virus threats are the government agencies and big tech companies in having back-doors... which are exploited by even smarter virus makers... Still, as hard as it is for 3'rd party AV makers to detect all of them, they are under pressure to NOT close such back-doors. The last time I caught a virus was in the early 2000s and far as any known malware I not had a problem since 2008 i think at all. For years I just ran Avast and default windows Firewall as long as you use common sense there is nothing to fear really. As far as being hacked this researcher didn't tell us nothing we don't know . Anything that connects too internet it can be hacked known fact . 80% of malware come from browsers and people don't stop using them because you have too have them . I only use a Antivirus in Windows because what I been doing has been working fine for me for many years .. So I see no need too change it regardless of what the Media says or what Joe Bob or Annie Sue uses . I got me a nice sandbox app on Linux called Fire Jail to ward of what little Malware that is on that platform a Antivirus would be overkill. Link to comment Share on other sites More sharing options...
tao Posted May 5, 2017 Share Posted May 5, 2017 4 minutes ago, steven36 said: ... people don't stop using them because you have too have them ... Well said. Everyone knows life ends in death. But this fact never stopped anyone from living (and all the games we play in life)! Link to comment Share on other sites More sharing options...
Atasas Posted May 5, 2017 Share Posted May 5, 2017 2 minutes ago, steven36 said: The last time I caught a virus was in the early 2000s and far as any known malware I not had a problem since 2008 i think at all. For years I just ran Avast and default windows Firewall as long as you use common sense there is nothing to fear really. As far as being hacked this researcher didn't tell us nothing we don't know . Anything that connects too internet it can be hacked known fact . 80% of malware come from browsers and people don't stop using them because you have too have them . I only use a Antivirus in Windows because what I been doing has been has been working fine for me for many years ..So I see no need too change it regardless of what the Media says or what Joe Bob or Annie Sue uses . I got me a nice sandbox app on Linux called Fire Jail to ward of what little Malware that is on that platform a Antivirus would be overkill. herm... I wouldn't like to discredit your skills, but... I'll say, as per my example: I had a job in restoring-cleaning friends computer only like last year, when it was obvious of virus- open door presence, even in safe mode in process manager there was "spare" and busy svhost process running... everything was checking out as clean, but would restart etc... After nearly a days of work, I manged to locate malware manually within windows/System32, deleted would regenerate own-self... Long story-short, I found whole complex of codes and got rid of them, when on-line submitted AV's where not identifying as intrusions... Verdict- it has been ISP's infected monitoring software, with all of the certification passing every single test etc I personally, only think, my PC is clean, but wouldn't be surprised if would have something from M$ or other agencies infection. Link to comment Share on other sites More sharing options...
steven36 Posted May 5, 2017 Share Posted May 5, 2017 3 minutes ago, Atasas said: I had a job in restoring-cleaning friends computer only like last year, when it was obvious of virus- open door presence, even in safe mode in process manager there was "spare" and busy svhost process running... everything was checking out as clean, but would restart etc... After nearly a days of work, I manged to locate malware manually within windows/System32, deleted would regenerate own-self... Long story-short, I found whole complex of codes and got rid of them, when on-line submitted AV's where not identifying as intrusions... Verdict- it has been ISP's infected monitoring software, with all of the certification passing every single test etc That is noob problem really though ,I been cleaning up peoples PCs since the days when there was nothing really you could do but reformat in most cases . The PCs in my Network I warn the users of the dangers out there and I dont never have clean there PCs anymore ether from malware .Education is the key and It's free open knowledge on the internet . That is why I enjoy topics like this about security we may learn something . I'm always willing to learn new things as long as it don't require me too have install 4 or 5 things at once witch is over kill . A antivirus and one 2nd opinion on demand scanner is all i ever install . Link to comment Share on other sites More sharing options...
Atasas Posted May 5, 2017 Share Posted May 5, 2017 9 minutes ago, steven36 said: That is noob problem really though ,I been cleaning up peoples PCs since the days when there was nothing really you could do but reformat in most cases . The PCs in my Network I warn the users of the dangers out there and I dont never have clean there PCs anymore ether from malware .Education is the key and It's free open knowledge on the internet . That is why I enjoy topics like this about security we may learn something . I'm always willing to learn new things as long as it don't require me too have install 4 or 5 things at once witch is over kill . A antivirus and one 2nd opinion on demand scanner is all i ever install . "for a laugh": try full UnhackMe version? Fairly quick, but almost guarantee to surprise you in identifying something on your "clean" network Link to comment Share on other sites More sharing options...
steven36 Posted May 5, 2017 Share Posted May 5, 2017 23 minutes ago, Atasas said: "for a laugh": try full UnhackMe version? Fairly quick, but almost guarantee to surprise you in identifying something on your "clean" network Monitoring software? This means a noob was dumb enough to install it I Monitor my computers all the time with a IP sniffer besides I have a good 3rd party Firewall and any program gets installed on my PC I have allow it access too the internet . Windows 10 and Windows 8.1 do the same thing it has stuff that calls back too Microsoft and I never give it internet, See as time went on I grew wiser I said before I just used a AV and default Windows Firewall I'm not talking about what I use now lol. Link to comment Share on other sites More sharing options...
tao Posted May 5, 2017 Share Posted May 5, 2017 14 minutes ago, Atasas said: "for a laugh": try full UnhackMe version? Fairly quick, but almost guarantee to surprise you in identifying something on your "clean" network Out of curiosity, did that. And it found nothing -- except a clean PC. Am I missing the joke (or some thing)? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.