Ask David Matoušek

[Guest]

[Vettetech]

A buddy of mine found this. Now I have seen it all. OA with an exclusive post just for Matousec. Something is fishy here.

http://support.tallemu.com/vbforum/showthread.php?t=2987

[Goose18]

Fishy activity? No surprise to me. Seems to be alot of it lately 

[panic]

IMHO, no fishier than Comodo backing the www.testmypcsecurity.com website. As long as users are getting access to fair, unbiased information, I don't really care.

Ewen :-)

[Melih]

no problem there at all tbh.

questions users should be asking David is: How many times Matousec will have to apologise for incorrectly marking tests as passed:

Matousec guys had to "apologize" TWICE for publishing Online Armor on the top of the leak tests. If you remember:

1st

Enthusiasm ebbed away (2007/08/01 16:49)
We have revealed that Online Armor passed some of leak-tests only because of user mode hooks that were not unhooked by FPR. In the most of cases, FPR would identify and remove the hooks but in case of Online Armor, FPR faced a code that protected these hooks against unhooking in very unusual way. Although the vendor of Online Armor assured us that the protection was not implemented with an intention to pass FPR tests, the protection has no real effect on the security of Online Armor and can be bypassed easily. We have removed the latests results of Online Armor from our tables and we will modify FPR such that it will be able to bypass the protection of user mode hooks of Online Armor. We will retest Online Armor and publish its real leak-testing results as soon as possible. We apologize to all our visitors and to all competitive vendors for publishing incorrect results of Online Armor.

2nd

2008-03-25: We have received an email from ailef and MaratR with information about a security weakness in Online Armor Personal Firewall 2.1.0.112 Free that was tested in our challenge recently. We have successfully verified the information that the tested version of Online Armor automatically allows various privileged actions if it receives no response from the user in a few minutes after the alert is shown. We would like to thank ailef and MaratR for their findings, we would like to apologize to our visitors and other vendors for possibly wrong results in case of Online Armor. 

Is this the end of it? Or do they have to apologise yet again?

BTW: I want to re-iterate that David is a young security professional who does bring value to testing "good software", its a shame that he has been forced into this position of having to apologize over and over!

Melih

[sded]

I think it is a good idea and can help users understand what some of the Leak Testing and other things they have heard of is all about.  Perhaps Melih would be willing to approach him also to do the same thing on behalf of Comodo users.  Otherwise everyone will be reading the OA forum to see what happened.   

[Blas]

IMHO there is nothing fishy about this...btw as goose said there are fishy things recently...and not related to tall emu or OA...

[Leolas]

again! Melih, that's misinformation too! Why don't you tell the the same thing you told me?

 

[Melih]

again! Melih, that's misinformation too! Why don't you tell the the same thing you told me?

 

Leolas: pls tell me what aspect of my post is mis-information?

thanks
Melih

[Leolas]

Leolas: pls tell me what aspect of my post is mis-information?

thanks
Melih

not your post... but, anyway, I don't care anymore:

Anyway, I don't know why I'm wasting time in these threads... This (it isn't a real discussion, after all) won't change our life... It makes it worse, maybe...  Wink

Live, and let live, as we say in italy   

[Melih]

not your post... but, anyway, I don't care anymore:

So, once again your post was misinformation claiming that my post was misinformation

Also do you not agree with what Matousec has posted? For the 2 occassion where OA was listed as passing those tests was found not to be the case.

Are you saying Matousec is providing misinformation with those corrections he has done?

Melih

[Leolas]

So, once again your post was misinformation claiming that my post was misinformation

Also do you not agree with what Matousec has posted? For the 2 occassion where OA was listed as passing those tests was found not to be the case.

Are you saying Matousec is providing misinformation with those corrections he has done?

Melih

The problem is not your post...

nevermind.........

[Rednose]

again! Melih, that's misinformation too! Why don't you tell the the same thing you told me?

 

You are refering to Melihs post here. So what is the problem ?

Greetz, Red.

[Rednose]

The real problem is : OA Fanboys comming here to bash Commodo That's realy sad

Greetz, Red.

[Melih]

Just wondering:

Did anyone ask David (Matousec) the following questions:

1) Has OA ever been able to pass the tests 100%? (not that it means much to pass them 100% but lets go with the hype for the sake of the question). This is an important question because OA has it on their main site for some time the following:

***********
LATEST NEWS!
Online Armor: The only FREE firewall with 100% leak protection out of the box.
******************

Leolas: As a responsible human being (and an OA fanboy BTW: we welcome you with open arm, and I do mean it. ) why are you not asking them to take down this claim?

2) Do all these people who were convinced by the result of these tests :Do they know the truth that actually the product they are using/bought is NOT actually passing all these tests? Is anyone informing them about potential false sense of security they might be having? If not why not? isn't this whole thing about them - end users!

3)Will Matousec re-publish corrected results for previous versions in the interest of all the users who are still using those versions?

I hope these questions can be asked and answered in the interest of End users! If these questions don't get the attention they deserve then one has to wonder if parties involved really care about end users!

Melih

[Josh123]

The problem is not your post...

nevermind.........

Then what is your problem?

Josh.

[Tags:]