Not anymore! Now free does not mean crippleware/trialware!

http://www.washingtonpost.com/wp-dyn/content/article/2006/09/17/AR2006091700328.html

someone needs to inform washingtonpost about their article and introducing comodo.

thanks
Melih

What no PR person on your payroll? :wink:

Do not pay atention to it, it is the article made by people, who do not use PC too often.

Recommending freeware like weak AV (AVG), medium AS (Spybot), AOL package? No comment.

:slight_smile:

They are busy working on the products we make money from :slight_smile: Without that we can’t put money into CPF :wink:

Also, and more importantly, its always better to hear it from the actual users and has more credibility when it comes from the users.

thanks
Melih

Another Yada-Yada article…

…CPF’s moves like once Google did. You should be happy about it, Melih.
Don’t worry about the details…

The free Zone Alarm, meanwhile, will generate a pop-up warning when newly installed software attempts to connect to the outside world. The $40 Zone Alarm Pro will have a continually updated database of programs that researchers know as good or bad, so pop-up prompts only come up in rare cases.

All should give a pop-up of newly installed programs, ZAP would forget settings and i would get the SAME pop-up’s every restart. I got around that.

ZAP and ZAP free should ask about this, this depends on the implementation of the rules, if you can edit and see the pre-defined rules fine, if you can’t this is very bad. I believe ZAP would allow you to edit/view the rules.

Encryption/databases can be hacked, Kaspersky had a great implementation, where you could see the rules that were auto-created, i went through these rules, confirmed myself they were fine and continued about my day feeling confident. This meant that if the database was hacked, you could still see the changes.

COMODO, i am looking at you here too (can someone confirm that you cannot edit the rules of pre-trusted programs)

"I absolutely don't argue that the highly tech-savvy consumer will and can search the Web for freeware and knock out 90, maybe 95 percent of the risk,"

pfft, 95% i can easiily achieve 98%, if i really try, 99.9% (Virtual machine alone will achieve 99.9%).

The six-month Symantec software bundled with Google, for instance, will block known viruses but won't detect unknown ones, based on behavioral patterns, in the hours before a software update can be developed and distributed for new threats.

Ummm, symantec have Generic/Heuristic detections, dunno what they are smoking.

Having One product on all defences is NOT smart anyways, easy, not secure.

A standalone version of AOL's anti-virus software, from Kaspersky Lab, comes with terms that permit AOL to send e-mail marketing messages

It’s called a Spam Magnet account, Create a not-commonly-used account use a free one (Yahoo, google, hotmal etc)

Bari Abdul, McAfee's vice president for consumer marketing, said Internet users often configure their browsers to bypass home pages that high-speed service providers use to promote free software.

And so they should have the right To!!!

AOL subscriber Gail Taylor, a teaching assistant at the University of Illinois at Urbana-Champaign, said she never knew AOL gave away security software.

Are half the employees at AOL aware of this fact?, Who is this women, i can find incredably technically incompetent people too. (Not that it is their fault).

But even after checking a number of free products at the request of The Associated Press, she said she still couldn't decide which of the free or fee offerings work best for her. She said she'd need to find time for more research, leaving her computer largely unguarded for now.

If she stays to known sites then she is fine. Chances are minimal, i really do hate the fear campaigns,

(Not relevent ot this quote)

oh yes and Windows SP2 firewall is a FIREWALL, Most Linux firewalls don’t control outbound but IMO are they good.

"Some of those limitations aren't always obvious to the end users until they run into a problem they thought might be addressed," he said. "They think they have something that's fully protecting them, when in reality they don't protect in a way they might need."

These guys are really asking for it, their are many studies of techs that have showed that these products are Weak by themselves, even though they are a “Suite” they are easily killed. (This article never mentions running as a restricted user, which stops basic tricks like unregistering services, etc, ).

LOL, changing the code of Hacker Defender even just by one bytes, will stop alot of Av’s from detecting it, i don’t think it would take much to make it so that these Antivirus companies don’t detect the rootkit.

Alot of firewalls can be disabled, and on next reboot it will not kick in. (These are PAYED firewalls/Security Suites)

COMODO and Kaspersky Firewall/AV are ones i am aware of that defend themselves.(Their may be more of course…)

AVG is fine, it is a personal decision, some computers/setup’s hate certain AV’s, that’s life.
Spybot S&D is a clean, non-process consuming scanner that is great to have in your toolbox, i don’t know what “TheTOM_SK” is smoking, but i want some. LOL (:TNG)

cheers, rotty

Rotty

Good review. However (there’s always one of those eh?), I don’t think the idea of this topic was to review their article here, I think it was to tell Anick Jesdanun/The Washington Post what you thought of the article.

Yes, i guess.

Although it was a long article, saying what i think… I don’t like that article. Is meaningless and unsubstantiated, i made an attempt at substantiating my opinion.

But that is my review on their review, then someone can review my review.

I was bored. If you want me to delete it, i will. Otherwise a mod can delete it and save me the trouble.

Cheers, rotty

Delete it? No, that is not what I meant at all. What I meant was… tidy it up a bit & send it to The Washington Post. You never know, they might even publish it.

Hey rotty,

Just as a side note - if YOU can see the database of approved applications, can’t a trojan likewise see it. Even worse - modify it and add themselves to it?

IMHO, the internal DBs of a security app need to be non-user editable, if only for the sake of integrity preservation.

If an app can’t trust it’s own DBs, what can it trust?

cheers,
ewen :slight_smile:

That is a good point Panic, look at it this way:

Firefox is a trusted program, when the program is first installed it scans the computer for firefox

  1. it finds firefox matching the MD5 hash or some other hash technology
  2. It automatically generates the rules into the applicaton monitor list as if the user had added it.
  3. The user can see what is generated.
  4. The database of hashes and programs and rules it sets does not need to be open/ accessable as the relevent rules for the programs settings have been written to the standard list of apps that the user has control over (Which resides in the protected registry space for COMODO).

So in conclusions:

(a) Databases of hash and other stuff is applied during install.
(b) Database writes appropriate rules to the OPEN list in the Application Rules section.’
(C) both the encrypted database and the rules keep what security they already had.

This means that firefox is not continually hash matched, and the rules are accessable to the user, ensuring security.

When the database is updated it can be compared to what rules are already their and what programs are installed that the database recognises, and asks the user if they want to add any of the following. If they do, the rules for the selected program are written to the registry/application list.

This is actually what Kaspersky does in their implementation, but it is very good.

cheers, rotty

True enough. It’s like the Application Mionitor rules we can see are actually the log file of what has been approved or blocked, but the DB of the approved/blocked signatures remains non user-editable.

ewen :slight_smile:

Yes, comodo compares lock db with existing apps, and creates the rules in the application monitor, but the locked db is locked to anyother user and process.

cheers, rotty