hate these ads?, log in or register to hide them
Page 3 of 5 FirstFirst 12345 LastLast
Results 41 to 60 of 93

Thread: Antivirus is shit, and here's why

  1. #41
    big diiiiiiiiick Movember 2012Donor Dark Flare's Avatar
    Join Date
    April 9, 2011
    Posts
    7,490
    Shit like the above is why I use NOD32.
    Quote Originally Posted by Amantus
    whats tyhe appear of a shnitifuck cu nt eve onlio9ne corpotraTION DICKOLHEAD FUCKIN AS

  2. #42
    Movember 2011Movember 2012 Nordstern's Avatar
    Join Date
    April 10, 2011
    Posts
    7,351
    Oh, this is new: add-on disabled manually, and the NoScript button reports that every webpage is still trying to load data from kaspersky-labs.com (edit: after some trial and error, this only seems to happen if the page doesn't have a security certificate). This behavior previously only happened when the Kaspersky Protection add-on was not disabled. Now it's happening regardless. I guess Kaspersky is adapting.

    So, it seems NoScript is my last line of defense. And I will be ditching Kaspersky for good now.
    Last edited by Nordstern; January 18 2016 at 03:46:34 PM.
    "Holy shit, I ask you to stop being autistic and you debate what autistic is." - spasm
    Quote Originally Posted by Larkonis Trassler View Post
    WTF I hate white people now...

  3. #43
    Liare's Avatar
    Join Date
    April 9, 2011
    Location
    Denmark
    Posts
    9,663
    Quote Originally Posted by Dark Flare View Post
    Shit like the above is why I use NOD32.
    http://googleprojectzero.blogspot.dk...n-of-eset.html
    Viking, n.:
    1. Daring Scandinavian seafarers, explorers, adventurers, entrepreneurs world-famous for their aggressive, nautical import business, highly leveraged takeovers and blue eyes.
    2. Bloodthirsty sea pirates who ravaged northern Europe beginning in the 9th century.

    Hagar's note: The first definition is much preferred; the second is used only by malcontents, the envious, and disgruntled owners of waterfront property.

  4. #44
    big diiiiiiiiick Movember 2012Donor Dark Flare's Avatar
    Join Date
    April 9, 2011
    Posts
    7,490
    Quote Originally Posted by Liare View Post
    Quote Originally Posted by Dark Flare View Post
    Shit like the above is why I use NOD32.
    http://googleprojectzero.blogspot.dk...n-of-eset.html
    "reported to ESET June 18th, fixed June 22nd"

    Not really comparable. Especially given the context of the vulnerability compared to the TM one.
    Quote Originally Posted by Amantus
    whats tyhe appear of a shnitifuck cu nt eve onlio9ne corpotraTION DICKOLHEAD FUCKIN AS

  5. #45
    Liare's Avatar
    Join Date
    April 9, 2011
    Location
    Denmark
    Posts
    9,663
    Quote Originally Posted by Dark Flare View Post
    Quote Originally Posted by Liare View Post
    Quote Originally Posted by Dark Flare View Post
    Shit like the above is why I use NOD32.
    http://googleprojectzero.blogspot.dk...n-of-eset.html
    "reported to ESET June 18th, fixed June 22nd"

    Not really comparable. Especially given the context of the vulnerability compared to the TM one.
    it is, it's literately remote write access to the disk up to and including overwriting configuration and the like.



    the point is all the vendors are shit, there are no "all these guys suck, except this shining beacon of excellence!" they are all shit. it's a natural consequence of software complexity and the incentive model these companies rely on.
    Viking, n.:
    1. Daring Scandinavian seafarers, explorers, adventurers, entrepreneurs world-famous for their aggressive, nautical import business, highly leveraged takeovers and blue eyes.
    2. Bloodthirsty sea pirates who ravaged northern Europe beginning in the 9th century.

    Hagar's note: The first definition is much preferred; the second is used only by malcontents, the envious, and disgruntled owners of waterfront property.

  6. #46
    Movember 2011Movember 2012 Nordstern's Avatar
    Join Date
    April 10, 2011
    Posts
    7,351
    Semi-related: WSJ commissions security review of 20 current routers, results are that most suck due to horrible QA and support.

    Paywall link: http://www.wsj.com/articles/rarely-p...136285?mod=LS1
    "Holy shit, I ask you to stop being autistic and you debate what autistic is." - spasm
    Quote Originally Posted by Larkonis Trassler View Post
    WTF I hate white people now...

  7. #47
    big diiiiiiiiick Movember 2012Donor Dark Flare's Avatar
    Join Date
    April 9, 2011
    Posts
    7,490
    Quote Originally Posted by Liare View Post
    Quote Originally Posted by Dark Flare View Post
    Quote Originally Posted by Liare View Post
    Quote Originally Posted by Dark Flare View Post
    Shit like the above is why I use NOD32.
    http://googleprojectzero.blogspot.dk...n-of-eset.html
    "reported to ESET June 18th, fixed June 22nd"

    Not really comparable. Especially given the context of the vulnerability compared to the TM one.
    it is, it's literately remote write access to the disk up to and including overwriting configuration and the like.



    the point is all the vendors are shit, there are no "all these guys suck, except this shining beacon of excellence!" they are all shit. it's a natural consequence of software complexity and the incentive model these companies rely on.
    Yes, a bug in the way an antivirus works which was patched exceptionally quickly is exactly the same as an update opening over 70 API endpoints for a completely non-required function, even if you don't enable that function, with very clearly no testing done.


    Identical.
    Quote Originally Posted by Amantus
    whats tyhe appear of a shnitifuck cu nt eve onlio9ne corpotraTION DICKOLHEAD FUCKIN AS

  8. #48
    root's Avatar
    Join Date
    April 26, 2011
    Location
    The Camel Empire
    Posts
    2,657
    Another one: http://news.softpedia.com/news/avast...m-499990.shtml

    "If you have SafeZone installed on your PC, you're doomed, since the malicious link can be opened in other browsers and work regardless."
    The Rapier is my love boat
    ~lowsec smallscale pvp 'n stuff~

  9. #49
    Tyrehl's Avatar
    Join Date
    April 10, 2011
    Location
    [STUGH] Rote Kapelle
    Posts
    3,522
    Just wanna highfive Windows Defender, it is great. Laptop of Gf's mom got proper rekt with a bunch of nice software that installed even more nice software; some of which was eventually detected as a rootkit.
    Did a quick Malwarebytes scan that removed some stuff but upon restart all hell broke loose again. I deleted some registry key that disabled Windows Defender. Windows Defender proceeded to steamroll all unwanted bullshit on the laptop. N1.
    <Devec> hello captain Tyrehl
    <Devec> sailor of the persian seas
    Quote Originally Posted by Paradox
    I swear you are some sort of biological weapon developed in the early '90's for the Yugoslav wars but they lost track of you at some point and now you're waging a psychological war on Western Europe without a clue what you're doing.

  10. #50

    Join Date
    May 31, 2011
    Posts
    2,549
    For the German speaking, somewhat computer/PC-literate fellow FHCers, I'd suggest looking at the c't Helper collecting tool.

    It's not anything you can't assemble yourself, but it takes away the hassle of chasing through dozens of different websites and hunting down the latest versions of tools. It updates them in one go, taking care of deleting older version's downloads

  11. #51
    Super Moderator DonorGlobal Moderator whispous's Avatar
    Join Date
    April 9, 2011
    Location
    Mails Tegg > пошел ты на хуй
    Posts
    4,734
    Anyone here still using AVG at all needs to get a lobotomy

  12. #52
    Amantus's Avatar
    Join Date
    April 9, 2011
    Location
    i afiuhagsfksdfdjafkfjg am a fag
    Posts
    8,322
    John McAfee
    MAX damage posting





  13. #53
    Movember 2012 Stoffl's Avatar
    Join Date
    April 10, 2011
    Location
    The original viennese waffle
    Posts
    18,172
    Snorting mdpv off Belizean hookers

    Poasting from my couch

  14. #54
    root's Avatar
    Join Date
    April 26, 2011
    Location
    The Camel Empire
    Posts
    2,657
    Ding ding ding.
    This month winner: Comodo Antivirus
    https://bugs.chromium.org/p/project-.../detail?id=769
    The Rapier is my love boat
    ~lowsec smallscale pvp 'n stuff~

  15. #55
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    11,802
    Holy fuck that's dumb.

    This is like encryption. You. Don't. Trust. Yourself. To. Write. Your. Own.
    In this case when yet more AV makers can't roll their own right, how are users to decide between the shit-show?

    Why emulate x86 hardware though, when they need to be doing a full OS emulation/VM to avoid such mistakes. Don't actually call even stateless APIs as root on behalf of untrusted code (basic Confused Deputy there). A lower priv account or a virtual copy of the OS should be used.
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  16. #56
    Super Moderator Global Moderator QuackBot's Avatar
    Join Date
    March 7, 2012
    Posts
    19,433
    Quote Originally Posted by Dark Flare View Post

    "reported to ESET June 18th, fixed June 22nd"

    Not really comparable. Especially given the context of the vulnerability compared to the TM one.
    So it's not the one i was looking for these thanks!

  17. #57
    root's Avatar
    Join Date
    April 26, 2011
    Location
    The Camel Empire
    Posts
    2,657
    Wat https://bugs.chromium.org/p/project-.../detail?id=773

    There is a remote debugger stub listening by default on a new install of TrendMicro Antivirus.

    The port the stub is listening on can change, to exploit it you need to do something like:

    http://localhost:50820/json/new/?jav...(&#39;calc.exe')
    The Rapier is my love boat
    ~lowsec smallscale pvp 'n stuff~

  18. #58
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    11,802
    Once again, in the game of choosing an AV suite, the only winning move is not to play.
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  19. #59
    vDJ's Avatar
    Join Date
    July 31, 2012
    Location
    �� out there
    Posts
    1,190
    Quote Originally Posted by Daneel Trevize View Post
    Once again, in the game of choosing an AV suite, the only winning move is not to play.
    How I play, basic Windows Defender aside.

    But this is the gift that keeps on giving.

  20. #60
    root's Avatar
    Join Date
    April 26, 2011
    Location
    The Camel Empire
    Posts
    2,657
    It has been a month again.

    https://twitter.com/taviso/status/732365178872856577


    On Windows, this results in kernel memory corruption, as the scan engine is loaded into the kernel (wtf!!!), making this a remote ring0 memory corruption vulnerability - this is about as bad as it can possibly get.

    The obvious way to exploit this flaw is either via email or a web browser.
    [..]
    Just clicking download should be enough to trigger a kernel panic on a vulnerable system (!!!).
    Bonus:
    I think Symantec's mail server guessed the password "infected" and crashed (this password is commonly used among antivirus vendors to exchange samples), because they asked if they had missed a report I sent.

    They had missed the report, so I sent it again with a randomly generated password.
    The Rapier is my love boat
    ~lowsec smallscale pvp 'n stuff~

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •