Antivirus Solutions Aren’t All Hackerproof, Research Finds

[CrAKeN]

 

DEP and ASLR adoption in consumer products

 

German antivirus research institute AV-TEST has performed a new series of tests to determine how antivirus vendors manage to protect their own security solutions, analyzing the use of ASLR and DEP, signed files, and HTTPS for delivering updates.

 

The results aren’t at all surprising, as some of the developing companies are yet to make their products fully hackerproof using these technologies, instead leaving gaps that can be used by attackers to eventually hijack a system.

 

When it comes to ASLR (Address Space Layout Randomization) and DEP (Data Execution Prevention), AV-TEST says the top security products on the market, including here the ones from Avira, Bitdefender, Kaspersky, and Symantec, use these security technologies “without exception,” while AVG and BullGuard are pretty close with an almost perfect score.

 

“Additional manufacturers such as Comodo, Emsisoft, Avast, McAfee, ThreatTrack, Quick Heal and K7 do not use the technology consistently enough. Their rates range between 92.2 and 58.5 percent. Ahnlab, which achieved the lowest percentage, deploys ASLR & DEP even as low as 36.3 percent,” AV-TEST says.

 

Signed files and HTTPS

 

As far as signed files are concerned, not everyone seems to be embracing this method. Signed files allow security products to identify the developer of a specific application and check the integrity, determining whether any malicious changes have been made to a specific file.

 

Again, the top security suites out there come with signed files, including Bitdefender and Kaspersky, while in the case of Avira and AVG, 1 to 5 files are not signed or use an invalid certificate.

 

And last but not least, it appears that only 13 out of the 19 security products are using HTTPS for software and update distribution, with Avira, Bitdefender, ESET, and Kaspersky passing these tests with flying colors.

 

What’s worse is that some of the antivirus vendors whose solutions were tested say that technologies like ASLR and DEP cannot be implemented into their products.

 

“Some suppliers informed the lab experts after the last tests that their product files in the test would never reach 100 percent. Because they used protection technologies that were not compatible with ASLR and DEP. Yet the manufacturers do not wish to disclose which technologies are involved,” AV-TEST revealed.

 

 

DEP and ASLR adoption has improved, but it's still not perfect

 

Source

[Agent 86]

IMHO consumer AV solutions are a waste of money (if you actually do buy one), or at least a waste of time and resources. We (nsane forums) use to have an active member named @mike.mt who could (if he was here) say it much better than myself. 

 

Edit: Lets milk the Sheeples of their hard earned cash, give them peace of mind, and send them to sleep happy. Ignorance is in fact very very bliss!

[Holmes]

The antivirus ESET is the only one that has one hundred percent on everything.

[Sylence]

You're better off using a kernel based Antivirus like Windows Defender instead of using third party Antivirus software and add more attack points to your system.

[steven36]

2 hours ago, saeed_dc said:

You're better off using a kernel based Antivirus like Windows Defender instead of using third party Antivirus software and add more attack points to your system.

Windows 10 this  Windows 10 that you need to use everything by Microsoft  because  its mortal sin if Microsoft  is not you're lord and savior .

[Recruit]

Hope there is no need to tell you again that the antivirus is dead !

[steven36]

11 minutes ago, Recruit said:

Hope there is no need to tell you again that the antivirus is dead !

That saying came over on my dinosaur  Every year they post it's dead and people still  buy them ,whats still alive and baked in windows now can't technically be dead 

 

Signature-based antivirus is dead: Get over it April 29, 2008

http://www.zdnet.com/article/signature-based-antivirus-is-dead-get-over-it/

 

 

[pc71520]

1 hour ago, Recruit said:

Hope there is no need to tell you again that the antivirus is dead !

Especially against 0-day Threats...

[Sylence]

2 hours ago, steven36 said:

Windows 10 this  Windows 10 that you need to use everything by Microsoft  because  its mortal sin if Microsoft  is not you're lord and savior .

 

u mad bro? cus i was being honest 

[UnknownOne]

antivirus / firewalls are backdoors, keep saying it but nobody listens.. just close all your ports.. be smart where you browse and what you run / open..

[steven36]

2 hours ago, saeed_dc said:

 

u mad bro? cus i was being honest 

Nah not mad at fanboyiism and being brainwashed  I just laugh at that ,   you know what's more lworse  than laggy Windows 10  creators update  It's windows 10 creators update  with windows defender enabled . Before you installed Windows 10 you used Kaspersky am  I right the same company who was suing M$ ?

 

Kaspersky Lab's Complaint Against Microsoft Continues Despite Windows 10 Improvements

https://redmondmag.com/articles/2017/05/03/kaspersk--complaint-against-microsoft-continues.aspx

When Microsoft told people not too install  Windows 10  creators update after Millions  installed it

 

Don't install the Windows 10 Creators Update on your own, Microsoft advises

http://www.pcworld.com/article/3192588/windows/dont-install-the-windows-10-creators-update-on-your-own-microsoft-advises.html

This was the straw that broke the camels back  for me, They push out unstable releases too the consumer every time and every Windows 10 update causes loads of regression .  I got tried of buggy windows 10  so I put good old Windows 8.1 back in so Windows 10 is not my problem no more . My PC is compatible with all 3rd party AV again even though the 3rd party one I used always worked OK on Windows 10.  But  after beta testing Windows 10  since the summer of 2015  it was a sigh  of relief to have a stable OS once again and Windows 10 and Windows Defender is you're problem and not mine anymore.

 

Even tough  Windows 10  creators update gave Microsoft  a much needed push upward in the  Market share Microsoft advises against  doing clean installs and just wait on Windows updates for it too show up one day.

Quote

Windows 10 started April on 25.36 percent, and ended it on 26.28 percent, a gain of 0.92 percentage points.

In contrast, over the same period, Windows 7 went from 49.42 percent to 48.50 percent, a drop of… 0.92 percentage points.

Windows 8.1 gained a little -- going from 6.66 percent to 6.96 percent, a growth of 0.3 percentage points, while Windows 8 grew from 1.57 percent to 1.59 percent, an increase of 0.02 percentage points.

 

 

 

[tao]

2 hours ago, saeed_dc said:

 

u mad bro? cus i was being honest 

Honesty burns (like fire)!

 

 

 

[tao]

An opinion: Windows 10 is as stable as any other Windows!

 

(Opinion is just that -- an opinion.  And an opinion is not a fact .  ). 

 

Thanks! Regards!! Love!!!

 

 

 

 

 

[Atasas]

biggest virus threats are the government agencies and big tech companies in having back-doors... which are exploited by even smarter virus makers...

Still, as hard as it is for 3'rd party AV makers to detect all of them, they are under pressure to NOT close such back-doors.

 

M$ defender is at the forefront of lies as AV to be trusted, but ...

[tao]

6 minutes ago, Atasas said:

biggest virus threats are the government agencies and big tech companies...

true. also the self, please.  

[Atasas]

Just now, adi said:

true. also the self, please.  

 no! long past naughty days  

I'll be honest, that it is such fluid area of the works, that unless is very, very much in to it daily- whatever made month ago will not get past Routers or firewalls of today... unless coded with full certification to the perfection.... 

[tao]

2 minutes ago, Atasas said:

 no! long past naughty days

Not only virii:  What is wrong in "examine yourself" first and if the result is clean, all right and might to you to blame others. 

 

(naughty or clean: isn't it in the eye of the beholder?  )

 

Regards!

[46&2]

The antivirus ESET is the only one that has one hundred percent on everything..

[steven36]

28 minutes ago, Atasas said:

biggest virus threats are the government agencies and big tech companies in having back-doors... which are exploited by even smarter virus makers...

Still, as hard as it is for 3'rd party AV makers to detect all of them, they are under pressure to NOT close such back-doors.

The last time I caught a virus was in the early 2000s and far as any known malware I not had a problem since 2008 i think at all. For years I just ran Avast and default windows Firewall   as long as you use common sense there is nothing to fear really.

 

As far as being hacked this researcher didn't tell us nothing we don't know . Anything that connects too internet  it can be hacked  known fact . 80% of malware come from browsers  and  people don't stop using them  because you have too have them . I  only use a Antivirus in Windows because  what I been doing has been working fine for me for many years  ..  So I see no need too change it  regardless of what the Media says or what Joe Bob  or Annie Sue uses .  I got me a nice sandbox app on Linux called Fire Jail to ward of what little Malware that is on that platform a Antivirus would be overkill.

[tao]

4 minutes ago, steven36 said:

... people don't stop using them  because you have too have them ...

Well said.

Everyone knows life ends in death. But this fact never stopped anyone from living (and all the games we play in life)!

 

 

[Atasas]

2 minutes ago, steven36 said:

The last time I caught a virus was in the early 2000s and far as any known malware I not had a problem since 2008 i think at all. For years I just ran Avast and default windows Firewall   as long as you use common sense there is nothing to fear really.

 

As far as being hacked this researcher didn't tell us nothing we don't know . Anything that connects too internet  it can be hacked  known fact . 80% of malware come from browsers  and  people don't stop using them  because you have too have them . I  only use a Antivirus in Windows because  what I been doing has been has been working fine for me for many years  ..So I see no need too change it  regardless of what the Media says or what Joe Bob  or Annie Sue uses .  I got me a nice sandbox app on Linux called Fire Jail to ward of what little Malware that is on that platform a Antivirus would be overkill.

herm... I wouldn't like to discredit your skills, but... I'll say, as per my example:

I had a job in restoring-cleaning friends computer only like last year, when it was obvious of virus- open door presence, even in safe mode in process manager there was "spare" and busy svhost process running... everything was checking out as clean, but would restart etc...

After nearly a days of work, I manged to locate malware manually within windows/System32, deleted would regenerate own-self...

Long story-short, I found whole complex of codes and got rid of them, when on-line submitted AV's where not identifying as intrusions...

Verdict- it has been ISP's infected monitoring software, with all of the certification passing every single test etc

 

I personally, only think, my PC is clean, but wouldn't be surprised if would have something from M$ or other agencies infection. 

 

[steven36]

3 minutes ago, Atasas said:

I had a job in restoring-cleaning friends computer only like last year, when it was obvious of virus- open door presence, even in safe mode in process manager there was "spare" and busy svhost process running... everything was checking out as clean, but would restart etc...

After nearly a days of work, I manged to locate malware manually within windows/System32, deleted would regenerate own-self...

Long story-short, I found whole complex of codes and got rid of them, when on-line submitted AV's where not identifying as intrusions...

Verdict- it has been ISP's infected monitoring software, with all of the certification passing every single test etc

 

That is noob problem really though ,I been cleaning up peoples PCs since the days when there was nothing really you could do but reformat in most  cases .  The PCs in my Network I warn the users of the dangers out there and I dont never have clean there PCs anymore ether from malware .Education is the key and It's free open knowledge on the internet . That is why I enjoy topics like this about security  we may learn something .  I'm always willing to learn new things as long as it don't require me too have install  4 or 5  things at once  witch is over kill . A antivirus  and one 2nd opinion on demand scanner is all i ever install .

[Atasas]

9 minutes ago, steven36 said:

That is noob problem really though ,I been cleaning up peoples PCs since the days when there was nothing really you could do but reformat in most  cases .  The PCs in my Network I warn the users of the dangers out there and I dont never have clean there PCs anymore ether from malware .Education is the key and It's free open knowledge on the internet . That is why I enjoy topics like this about security  we may learn something .  I'm always willing to learn new things as long as it don't require me too have install  4 or 5  things at once  witch is over kill . A antivirus  and one 2nd opinion on demand scanner is all i ever install .

"for a laugh":

try full UnhackMe version?

Fairly quick, but almost guarantee to surprise you in identifying something on your "clean" network

[steven36]

23 minutes ago, Atasas said:

"for a laugh":

try full UnhackMe version?

Fairly quick, but almost guarantee to surprise you in identifying something on your "clean" network

Monitoring software?  This means a noob was dumb enough to install  it  I Monitor  my computers all  the time with a IP sniffer besides I have a good 3rd party Firewall and any program  gets installed on my PC I have allow it access too the internet . Windows 10 and Windows 8.1 do the same thing  it has stuff  that calls back too Microsoft and I never give it internet,   See as time went on I grew wiser I said before I just used a AV and default Windows Firewall  I'm not talking about what I use now lol.

[tao]

14 minutes ago, Atasas said:

"for a laugh":

try full UnhackMe version?

Fairly quick, but almost guarantee to surprise you in identifying something on your "clean" network

Out of curiosity, did that.  And it found nothing -- except a clean PC.

Am I missing the joke (or some thing)?