Inquisitor772 x Penny Arcade Fight Club ChampionA fixed point in space and timeRegistered Userregular
I, too, have moved away from MSE. I've had a paid subscription to Kaspersky for the past year+ on my computer and my mother's laptop, and it's worked very well. They seem to really embrace having a simple, easy-to-understand UI for the layperson, which is great for someone like her. I can still access some of the more advanced functionality, but honestly it works just fine right out of the box.
If you're going to use one, consistency and aggressiveness is important in an AV, in the sense that a lot of these companies seem to jump up and down on the rankings depending upon how invested they are in maintaining their technology or just how good their teams are in general. FWIW, I've noticed over the years that Kaspersky always tends to stay at the top of the various ranking sites, and also always seems up to date with the latest developments (as in, "We were the ones who found this vulnerability and it was already protected against in our software" vs. "Oh crap here's something that is the big news this week you have to download this completely secondary application to fix it because our existing software can't even detect the problem in the first place").
I'd put ESET and BitDefender in the second tier, and everyone else as "meh". MSE was crap, then became really, really great for a while, and then went back to crap. AVG was fantastic when it first came out but then somehow actively turned into bloat/malware itself, and they are now trying to re-establish the brand. Avast was similarly well-received when it first came out, and then it seemed like they just stopped caring altogether. Sophos somehow has a great security brand in the IT/corporate world but in the real world I have yet to actually see them protect against much of anything (granted this was about a decade ago, but the experience really turned me off given it was the mandatory AV to gain access to the UCLA network and it turned out to be completely worthless in preventing constant virus attacks on people).
Agreed about the new malwarebytes. I did a double-take after it upgraded.
I was looking at kaspersky for my home stuff, and I also can say good things about it from a professional perspective however the positivity surrounding bitdefender has me curious as well
@inquisitor77 on what grounds would you say eset/bitdefender is tier 2? not doubting you, just curious. i am not all that familiar with it so i don't really know it's history.
Agreed about the new malwarebytes. I did a double-take after it upgraded.
I was looking at kaspersky for my home stuff, and I also can say good things about it from a professional perspective however the positivity surrounding bitdefender has me curious as well
@inquisitor77 on what grounds would you say eset/bitdefender is tier 2? not doubting you, just curious. i am not all that familiar with it so i don't really know it's history.
Nothing scientific - just an intuitive assessment from looking at the various rankings once in a while. They are usually in the top of the lists, but sometimes they drop down to the middle of the pack for whatever reasons.
The short version is that it's possible to exploit the way firmware and drivers work on usb devices to run unsigned code on a machine the device is connected to.
The nature of the vulnerability makes it difficult to scan a device for issues, as the device would typically be mounted first and by that point all sorts of fun things could have happened, and that the device could in essence lie to a simple scan.
0
Options
OrcaAlso known as EspressosaurusWrexRegistered Userregular
Well shit.
0
Options
TetraNitroCubaneThe DjinneratorAt the bottom of a bottleRegistered Userregular
edited August 2014
That is, indeed, a very oh shit revelation.
I remember reading an article a while back about someone who heavily modified a USB mouse to infect a target machine. Essentially it sounds exactly like this. Really dangerous, because, you know - No one thinks twice about plugging in a mouse.
I am a little confused by the article and subsequently the comments. The article makes it seems as though connecting a known clean device to a possibly infected machine could compromise the USB device.
the comments seem to indicate that it would have to be a purpose built USB device that would then push the malicious payload once connected.
TetraNitroCubaneThe DjinneratorAt the bottom of a bottleRegistered Userregular
It is unclear to me at present, as well. From what I'm seeing, if it were possible to rewrite the firmware on a known clean device, or spoof that firmware somehow from within the device, then it would be possible to compromise said "clean" device. However I'm not sure if a PoC exists for such an operation.
Honestly, though, I wonder how long this will be an issue. Firmware for a USB device is currently not examined by most security software. If including such a check can be implemented, then I'd anticipate this wouldn't be a terribly large issue for long. If that's a difficult prospect, then it might be a more serious concern.
I would really love if we could get more of a consensus on what the best or top 5 best AV solutions are at the moment, now that MSE has become... not the best. Right now I'm running MSE, Malwarebites premium, and Advanced System Care.
I would really love if we could get more of a consensus on what the best or top 5 best AV solutions are at the moment, now that MSE has become... not the best. Right now I'm running MSE, Malwarebites premium, and Advanced System Care.
It's pretty easy to google AV testing sites that can give you a run down of the latest detection rates, but I think the idea of the best AV suite has kind of gone by the wayside. What I mean is that no single AV suite is enough to entirely secure your system. So once you start using them as just 1 part of a larger scheme it stops mattering so much if it has a 90% versus 95% detection rate.
"The world is a mess, and I just need to rule it" - Dr Horrible
+1
Options
TetraNitroCubaneThe DjinneratorAt the bottom of a bottleRegistered Userregular
I would really love if we could get more of a consensus on what the best or top 5 best AV solutions are at the moment, now that MSE has become... not the best. Right now I'm running MSE, Malwarebites premium, and Advanced System Care.
It's pretty easy to google AV testing sites that can give you a run down of the latest detection rates, but I think the idea of the best AV suite has kind of gone by the wayside. What I mean is that no single AV suite is enough to entirely secure your system. So once you start using them as just 1 part of a larger scheme it stops mattering so much if it has a 90% versus 95% detection rate.
Couldn't agree more on this. Building a layered protection scheme will pay off way more than ensuring you're using the arbitrarily ranked #1 AV software. And that doesn't necessarily mean adding more programs to the mix, either. Solid security starts with your OS settings,and these days even adding a few critical plugins to your browser will go quite a long way.
It's worth noting that the "rankings" themselves are frequently a contested point, and while many of them are based on good evidence, there are still flaws in their assessments. Beyond that, it's very difficult to determine what AV software will work best for a given person at an individual level. For instance, I particularly like ESET, but that's personal preference. It isn't the top dog when it comes to detection rates, but I appreciate the degree to which I can tweak it, I find it runs light, and I don't have to interact with it much if I don't want to.
If you want a list of places to start, some of the names that frequently get passed around include: Panda, BitDefender, AVIRA, Kaspersky, and ESET. To a lesser extent, some still talk up McAfee, Avast!, and AVG.
I would really love if we could get more of a consensus on what the best or top 5 best AV solutions are at the moment, now that MSE has become... not the best. Right now I'm running MSE, Malwarebites premium, and Advanced System Care.
It's pretty easy to google AV testing sites that can give you a run down of the latest detection rates, but I think the idea of the best AV suite has kind of gone by the wayside. What I mean is that no single AV suite is enough to entirely secure your system. So once you start using them as just 1 part of a larger scheme it stops mattering so much if it has a 90% versus 95% detection rate.
If one isn't enough, how many is and what are they?
I would really love if we could get more of a consensus on what the best or top 5 best AV solutions are at the moment, now that MSE has become... not the best. Right now I'm running MSE, Malwarebites premium, and Advanced System Care.
It's pretty easy to google AV testing sites that can give you a run down of the latest detection rates, but I think the idea of the best AV suite has kind of gone by the wayside. What I mean is that no single AV suite is enough to entirely secure your system. So once you start using them as just 1 part of a larger scheme it stops mattering so much if it has a 90% versus 95% detection rate.
If one isn't enough, how many is and what are they?
I think the idea is that you need more than just AV software. I personally have an online AV software (one that is always scanning), an offline AV software which I run manual scans with every week or so, a script blocking plugin for chrome, a sandboxing program for ie and sketchy programs, frequent offline backups of full system images so I can format and reinstall fairly quickly.
With that type of a setup I usually don't really sweat which particular AV suites I'm using. Currently I have Avast! and malwarebytes, but I've used several others and I basically pick for the interface and options rather than detection rates at this point.
Jebus314 on
"The world is a mess, and I just need to rule it" - Dr Horrible
Which scriptblocker are you running for chrome, HTTP switchboard?
edit: @Jebus314
Carpy on
0
Options
TetraNitroCubaneThe DjinneratorAt the bottom of a bottleRegistered Userregular
edited September 2014
Heads up: Rumblings around Reddit's Netsec and Technology communities indicate that nearly five million GMail accounts may be compromised.
It's difficult to separate the wheat from the chaff at this point, and there's a lot of debate about the validity of these claims, so I'm not sure how seriously to take this. Many claim that no passwords were leaked, but many others have indicated that the passwords are already available on various torrent sites. Regardless of what's going on, I strongly discourage any reliance on "Am I Compromised?" sites (as some invariably are there to hose you), but apparently a 100+ MB text file is circulating with a list of the compromised account names.
Suggestions are to change passwords for all GMail accounts, even if 2-factor authentication is being used. And if you're not using 2-factor authentication, now's the time to turn it on.
I checked if mine was compromised. It was, but it wasn't my current password and I'm pretty sure it wasn't my previous password, either. IIRC I haven't used that password in years.
I still turned on two-factor authentication because why they fuck haven't I done it before?
0
Options
TetraNitroCubaneThe DjinneratorAt the bottom of a bottleRegistered Userregular
edited September 2014
Yeah, a cursory check revealed that an old account of mine was on the list with a old password, too. Not a current or functioning password by any means, and I'm pretty sure not a password that I ever associated with an email account. Indications seem to suggest that this is all data harvested from other compromised sites, where they're just matching the compromised site's password to registration email account. If you've changed your password in the last few years or so, and don't share passwords between email and other accounts, there's a good chance you're probably okay.
Not going to use that as an excuse to reduce vigilance, but I will use it as an example to reduce FUD.
Didn't check to see if I'm compromised but changing mine because I'm probably due, but I have a question. If I'm using two step verification, do I need to do anything to keep my mobile apps up to date when I change my password? They are already using an app specific password designated by the two step verification?
0
Options
TetraNitroCubaneThe DjinneratorAt the bottom of a bottleRegistered Userregular
Sorry for the delay - somehow wasn't notified of this thread getting updated. I admit I don't know the answer for sure, but usually the app specific passwords are preserved.
Remember Heartbleed? If you believe the hype today, Shellshock is in that league and with an equally awesome name albeit bereft of a cool logo (someone in the marketing department of these vulns needs to get on that). But in all seriousness, it does have the potential to be a biggie...
Shellshock has been confirmed as wormable, and exploits are currently in the wild.
Anyone have any good recommendations for corporate AV? I need something I can manage from a server or my machine and run scans remotely. I'd like to not have norton/symantec, though.
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
@bowen I have used Kaspersky before and it was pretty solid. However that was a few years ago so I am not sure what the current iteration looks like. As was mentioned in this thread it still scores highly, but I can't speak to the feature set.
Is it good in a business setting? Most AV's I've had were all sort of kind of like their own thing and didn't really let me do anything without going to a machine.
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
I've been using ESET for the past six months or so, and it's not bad. The installer is a bit odd, and their admin interface could use some streamlining, but it catches bad stuff and can be centrally configured.
TetraNitroCubaneThe DjinneratorAt the bottom of a bottleRegistered Userregular
I've certainly seen people talk about ESET for enterprise purposes, but I admit I can't speak to it directly. I do appreciate their detection rate and update frequency, though, if nothing else.
Also, in other news, an OS X botnet has been discovered, labeled Mac.BackDoor.iWorm by Dr. Web. It's unclear if their naming convention is accurate or not, but if it is, this implies that as a worm the malware can propagate of its own volition without user interaction.
An interesting twist to this piece of malware is that it seems to employ Reddit as the Command&Control server.
I previously had ESET but it didn't have any Malware detection, I think that has changed now though. It did have a central admin console that I could install anywhere on the network.
I switched to GFI Vipre and on computers that I thought were completely clean running ESET and Malwarebytes it found anywhere from 10-30 instances of malware and viruses. It works great on newer systems, has an admin console with templates for different device types(workstations, servers, laptops, even phones), the only thing I don't like about it is that it forces startup scans that cannot be disabled, also, on older systems it can be a bit of a resource hog, but after the initial startup scan it is fine. The best feature though was that it was able to uninstall ESET remotely, restart the computer, then install the new AV without be having to do anything besides adding it to the install template.
Because if you're going to attempt to squeeze that big black monster into your slot you will need to be able to take at least 12 inches or else you're going to have a bad time...
You can turn off the startup scan in scanning -> settings in the individual policy settings. Under missed scan options. Note I'm using version 7.0.2 might not be there if you are on an older version.
So, just out of curiosity... It seems like chrome received an update of some sort recently, and now i have my name up in the top right corner of the windows, since im logged into my google account in chrome. I had something kinda odd come up lately, which i did entirely in a virtual environment, but when things like this mesh up, i get a bit paranoid.
I assume everyone else's chrome is doing this? and i dont have some strange bit of something that i should worry about?
I really hate when things updated like that and there is next to no documentation on the changes. Working around computers I see malicious extentions do similar things to browsers. I think I'm just more paranoid on this kind of thing ever since my debit card number was stolen and used.
I was actually able to turn off all Avast popups after screwing with the options for a bit. IIRC, putting it in permanent gaming mode shut them down. I'm just not sure if there's a better free option in terms of detection and removal.
Posts
If you're going to use one, consistency and aggressiveness is important in an AV, in the sense that a lot of these companies seem to jump up and down on the rankings depending upon how invested they are in maintaining their technology or just how good their teams are in general. FWIW, I've noticed over the years that Kaspersky always tends to stay at the top of the various ranking sites, and also always seems up to date with the latest developments (as in, "We were the ones who found this vulnerability and it was already protected against in our software" vs. "Oh crap here's something that is the big news this week you have to download this completely secondary application to fix it because our existing software can't even detect the problem in the first place").
I'd put ESET and BitDefender in the second tier, and everyone else as "meh". MSE was crap, then became really, really great for a while, and then went back to crap. AVG was fantastic when it first came out but then somehow actively turned into bloat/malware itself, and they are now trying to re-establish the brand. Avast was similarly well-received when it first came out, and then it seemed like they just stopped caring altogether. Sophos somehow has a great security brand in the IT/corporate world but in the real world I have yet to actually see them protect against much of anything (granted this was about a decade ago, but the experience really turned me off given it was the mandatory AV to gain access to the UCLA network and it turned out to be completely worthless in preventing constant virus attacks on people).
I was looking at kaspersky for my home stuff, and I also can say good things about it from a professional perspective however the positivity surrounding bitdefender has me curious as well
@inquisitor77 on what grounds would you say eset/bitdefender is tier 2? not doubting you, just curious. i am not all that familiar with it so i don't really know it's history.
WoWtcg and general gaming podcast
WoWtcg and gaming website
Nothing scientific - just an intuitive assessment from looking at the various rankings once in a while. They are usually in the top of the lists, but sometimes they drop down to the middle of the pack for whatever reasons.
WoWtcg and general gaming podcast
WoWtcg and gaming website
about that USB thing
how the hell are we supposed to know which of the gazillions of USB peripherals are infected?
Registered just for the Mass Effect threads | Steam: click ^^^ | Origin: curlyhairedboy
I'm really looking forward to the inevitable hot gluing of every damn usb port in the company.
Do I need to burn all of my USB sticks and stop plugging my phone into my computer?
The short version is that it's possible to exploit the way firmware and drivers work on usb devices to run unsigned code on a machine the device is connected to.
The nature of the vulnerability makes it difficult to scan a device for issues, as the device would typically be mounted first and by that point all sorts of fun things could have happened, and that the device could in essence lie to a simple scan.
I remember reading an article a while back about someone who heavily modified a USB mouse to infect a target machine. Essentially it sounds exactly like this. Really dangerous, because, you know - No one thinks twice about plugging in a mouse.
the comments seem to indicate that it would have to be a purpose built USB device that would then push the malicious payload once connected.
both? Neither?
WoWtcg and general gaming podcast
WoWtcg and gaming website
Honestly, though, I wonder how long this will be an issue. Firmware for a USB device is currently not examined by most security software. If including such a check can be implemented, then I'd anticipate this wouldn't be a terribly large issue for long. If that's a difficult prospect, then it might be a more serious concern.
It's pretty easy to google AV testing sites that can give you a run down of the latest detection rates, but I think the idea of the best AV suite has kind of gone by the wayside. What I mean is that no single AV suite is enough to entirely secure your system. So once you start using them as just 1 part of a larger scheme it stops mattering so much if it has a 90% versus 95% detection rate.
Couldn't agree more on this. Building a layered protection scheme will pay off way more than ensuring you're using the arbitrarily ranked #1 AV software. And that doesn't necessarily mean adding more programs to the mix, either. Solid security starts with your OS settings,and these days even adding a few critical plugins to your browser will go quite a long way.
It's worth noting that the "rankings" themselves are frequently a contested point, and while many of them are based on good evidence, there are still flaws in their assessments. Beyond that, it's very difficult to determine what AV software will work best for a given person at an individual level. For instance, I particularly like ESET, but that's personal preference. It isn't the top dog when it comes to detection rates, but I appreciate the degree to which I can tweak it, I find it runs light, and I don't have to interact with it much if I don't want to.
If you want a list of places to start, some of the names that frequently get passed around include: Panda, BitDefender, AVIRA, Kaspersky, and ESET. To a lesser extent, some still talk up McAfee, Avast!, and AVG.
If one isn't enough, how many is and what are they?
I think the idea is that you need more than just AV software. I personally have an online AV software (one that is always scanning), an offline AV software which I run manual scans with every week or so, a script blocking plugin for chrome, a sandboxing program for ie and sketchy programs, frequent offline backups of full system images so I can format and reinstall fairly quickly.
With that type of a setup I usually don't really sweat which particular AV suites I'm using. Currently I have Avast! and malwarebytes, but I've used several others and I basically pick for the interface and options rather than detection rates at this point.
edit: @Jebus314
It's difficult to separate the wheat from the chaff at this point, and there's a lot of debate about the validity of these claims, so I'm not sure how seriously to take this. Many claim that no passwords were leaked, but many others have indicated that the passwords are already available on various torrent sites. Regardless of what's going on, I strongly discourage any reliance on "Am I Compromised?" sites (as some invariably are there to hose you), but apparently a 100+ MB text file is circulating with a list of the compromised account names.
Suggestions are to change passwords for all GMail accounts, even if 2-factor authentication is being used. And if you're not using 2-factor authentication, now's the time to turn it on.
I still turned on two-factor authentication because why they fuck haven't I done it before?
Not going to use that as an excuse to reduce vigilance, but I will use it as an example to reduce FUD.
In other news: Shellshock.
Shellshock has been confirmed as wormable, and exploits are currently in the wild.
WoWtcg and general gaming podcast
WoWtcg and gaming website
WoWtcg and general gaming podcast
WoWtcg and gaming website
Also, in other news, an OS X botnet has been discovered, labeled Mac.BackDoor.iWorm by Dr. Web. It's unclear if their naming convention is accurate or not, but if it is, this implies that as a worm the malware can propagate of its own volition without user interaction.
An interesting twist to this piece of malware is that it seems to employ Reddit as the Command&Control server.
I switched to GFI Vipre and on computers that I thought were completely clean running ESET and Malwarebytes it found anywhere from 10-30 instances of malware and viruses. It works great on newer systems, has an admin console with templates for different device types(workstations, servers, laptops, even phones), the only thing I don't like about it is that it forces startup scans that cannot be disabled, also, on older systems it can be a bit of a resource hog, but after the initial startup scan it is fine. The best feature though was that it was able to uninstall ESET remotely, restart the computer, then install the new AV without be having to do anything besides adding it to the install template.
For some reason I can't see the spoilers inside of the main post.
I assume everyone else's chrome is doing this? and i dont have some strange bit of something that i should worry about?