Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Pages: 1 [2]

Author Topic: what security software for Windows 10?  (Read 9283 times)

chenks

  • Kitizen
  • ****
  • Posts: 1106
Re: what security software for Windows 10?
« Reply #15 on: December 07, 2018, 10:36:45 AM »

first question i would is... how much where the magazine paid to produce the article?
Logged

Ronski

  • Helpful
  • Kitizen
  • *
  • Posts: 4300
Re: what security software for Windows 10?
« Reply #16 on: December 07, 2018, 03:42:21 PM »

Good point that, I suppose all 13 different companies clubbed together  :lol:
Logged
Formerly restrained by ECI and ali,  now surfing along at 390/36  ;D

chenks

  • Kitizen
  • ****
  • Posts: 1106
Re: what security software for Windows 10?
« Reply #17 on: December 07, 2018, 03:45:16 PM »

only has to have been one company to have skewed the whole result.
the fact that they even dare to mention "Norton" is enough to think the tests they ran are poor at best !
Logged

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: what security software for Windows 10?
« Reply #18 on: December 07, 2018, 06:54:28 PM »

My issue with these tests is it involves a person manually running malware exe on their computer with admin rights.  Which is just stupid.  Yes stupid people exist on the internet, but the tests need to be realistic.

The security business on PC's is a huge market its absolutely massive.  I think most of it is based on hype and fear.  We are led to believe things like drive by infections are really common, and that bad common sense is only a small factor.  e.g. People sell anti ransomware software that costs in excess of £40 a year for just one single device, so think about it, over 5 years you spend £200 on something that has a very small "chance" it will save you say £200 on a ransom, its an expensive form of internet insurance.  If you was protecting say 3 family devices that would be £600 over 5 years.

I think its very telling that in the past on security forums I often used to see a person post saying he got infected how to remove etc. and me and others were obviously curious and would ask how he/she got infected in the first place, 9 times out of 10 they would vanish probably too embarrassed to say they downloaded a dodgy exe of the internet and just ran it.  The other 1 time out of 10 usually confirmed that.  I think the most realistic danger is from email attachments, and a lot of modern anti virus no longer even scans emails anymore from programs like outlook as they consider webmail to be the thing now, e.g. emsisoft doesnt do it.  This was what motivated me to do my "free" protection write up for kitz which I hold my hands up is still not published sorry.

We really need to have people using restricted account as a default thing, in linux you dont login as root and do your daily browsing on that account.  Linux also doesnt have executables routinely run from its temp folder, windows is a complete mess right now in terms of file isolation, so many updater's, and installers run from the temp folder which is horrible security practice, its a sane security policy to block all executable's in writable folders, but made difficult by what these app developers are doing, this includes the user profile folder which is meant for user data not program binaries.  I even have started seeing binaries been placed in the ProgramData folder.

Also there is probably at least some links between people involved in security software and malware authors themselves, what better way to sell your software than to make some kind of malware to build up demand for it.
« Last Edit: December 07, 2018, 06:57:50 PM by Chrysalis »
Logged

sevenlayermuddle

  • Helpful
  • Addicted Kitizen
  • *
  • Posts: 5369
Re: what security software for Windows 10?
« Reply #19 on: December 07, 2018, 09:01:00 PM »

An important thing to remember when deciding whether to install any “security” software is that it may, itself, cause problems.   The problems can be minor, such as false positives in virus scans, or more major, such as interfering with proper operation of essential system software.

Of course, it may also save you from viruses, malware and nasties.

The word “may” appears in both scenarios, it might never happen.   But in my own experience, the first “may” is pretty much a dead certainty, whereas the second “may” is quite unusual.  Ie it nearly always causes more problems than it solves.   Just my opinion. :)
Logged

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: what security software for Windows 10?
« Reply #20 on: December 07, 2018, 09:43:49 PM »

I would say problems are far more likely then it actually preventing a infection, I agree with you on that 100%.
Logged

highpriest

  • Reg Member
  • ***
  • Posts: 285
Re: what security software for Windows 10?
« Reply #21 on: December 08, 2018, 10:53:09 AM »

An important thing to remember when deciding whether to install any “security” software is that it may, itself, cause problems. The problems can be minor, such as false positives in virus scans, or more major, such as interfering with proper operation of essential system software.

A lot of commercial AV software does MitM to scan for malware in encrypted connections.

https://news.ycombinator.com/item?id=10727431
https://www.itpro.co.uk/security/29665/does-antivirus-software-do-more-harm-than-good/page/0/1

From that IT Pro article:

Quote
"However, users who were running antivirus software or were behind some corporate/university firewalls observed ERR_CONNECTION_CLOSED errors," he adds. "They were not able to access the site at all. Inspecting packet transmissions with Wireshark revealed that the connection was being downgraded to TLS 1.1. This is highly suspicious since the site supported HTTP/2 which requires TLS 1.2.

"Bizarrely, disabling antivirus or going off-campus made it possible to connect to the site using the exact same computer and browser."
It became clear that the antivirus program – in this instance, Avast, although Holt's previously had issues with AVG, Kaspersky and others – and university firewalls were severing the TLS connection, then creating their own between them and the server so they could decrypt the traffic in between.

"Unfortunately, the TLS stack used by the firewall and the antivirus programs were outdated and did not support modern protocols or cipher suites. This not only broke the connection in this case and many others, but compromised the security of all other HTTPS connections it made, even if the server supported more secure configurations that the browser would have preferred!" he explains.

For me personally, it is unacceptable that a third party software is allowed to weaken my browser's security.

Also from that article:

Quote
But what about the rest of us? We asked resident security guru Davey Winder for his thoughts. "Remember, all software has bugs. Would I suggest you don't use any AV software? No, of course not. Similarly, I wouldn't suggest you reply upon any antivirus software alone to protect your networks and data. A multi-layered security posture is the way forward for most people, most of the time; and antivirus remains a valid layer within that posturing."
Logged
Zen | Zyxel VMG8324-B10A (with RFC4638 patch) | EdgeRouter PoE | UniFi AP AC Pro + Lite

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: what security software for Windows 10?
« Reply #22 on: December 08, 2018, 11:46:31 AM »

Yeah I have tried to warn about it as well, nod32 e.g. does it.  Its a big no no.

The good news is I can see nod32 is preparing a better system, as they have implemented javascript scanning as a separate function in the latest version and I expect that will replace its MITM scanning next year probably if they have any sense.  Luckily the MITM can be disabled.
Logged

Ronski

  • Helpful
  • Kitizen
  • *
  • Posts: 4300
Re: what security software for Windows 10?
« Reply #23 on: December 08, 2018, 04:57:48 PM »

Which AV does not do MITM scanning?

I like Davey Winders articles in PC Pro (he did not write the AV article), they are always interesting.
Logged
Formerly restrained by ECI and ali,  now surfing along at 390/36  ;D

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: what security software for Windows 10?
« Reply #24 on: December 08, 2018, 11:26:59 PM »

emsisoft doesnt, at least not for http/https. instead they filter known malware sites on dns name, rely on traditional file access scanning and detect malware type behaviour from behaviour analysis.  If I have a a/v deployed, I nearly always disable http/https scanning.
Logged

Ronski

  • Helpful
  • Kitizen
  • *
  • Posts: 4300
Re: what security software for Windows 10?
« Reply #25 on: December 10, 2018, 06:44:05 AM »

Thanks Chrysalis.

Just been reading some more of that pcpro article it turns out that they didn't actually test the AV software themselves, they took results from the most recent tests from av-comparitive.org and av-test.org combined them and took the averages. I suppose like everything it's the authors interpretation of the results.

Logged
Formerly restrained by ECI and ali,  now surfing along at 390/36  ;D

neil

  • Reg Member
  • ***
  • Posts: 502
Re: what security software for Windows 10?
« Reply #26 on: November 17, 2019, 08:03:35 PM »

whats the situation now is windows 10 built in defender enough or free avg anti virus software any good?
Logged
VDSL FTTC 35/18

Alex Atkin UK

  • Addicted Kitizen
  • *****
  • Posts: 5260
    • Thinkbroadband Quality Monitors
Re: what security software for Windows 10?
« Reply #27 on: November 17, 2019, 08:58:25 PM »

As I mostly use Linux I have automatically updated IP blocklists on the router, use Firefox, Windows 10 stock when I need it and a monthly automatic scan on my NAS just in case anything dodgy got through.

I'm of the opinion that security software causes more problems than it solves.
Logged
Broadband: Zen Full Fibre 900 + Three 5G Routers: pfSense (Intel N100) + Huawei CPE Pro 2 H122-373 WiFi: Zyxel NWA210AX
Switches: Netgear MS510TXUP, Netgear MS510TXPP, Netgear GS110EMX My Broadband History & Ping Monitors
Pages: 1 [2]