Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Businesses Privacy

How Good is Antivirus Software at Protecting Itself? (tomsguide.com) 73

An anonymous reader writes: Earlier this week, AV-TEST evaluated 19 security suites and found that only three of them seemed to be well protected from savvy potential hackers. First, some context about the tests: The first test measured how well each program uses address space layout randomization (ASLR) and data execution prevention (DEP). Briefly, ASLR randomizes a computer's memory allocation, making it harder for an attacker to target a particular process in a program; DEP is a Windows protocol that designates some memory as non-executable space (other operating systems do this under different names), making it harder (or impossible) for unauthorized programs to run in that space. The second test measured whether the AV programs digitally signed their software-update files. Signing is a way of determining a file's origin and authenticity; unsigned files could be more easily substituted with malicious ones. The final test was the simplest, and determined whether an AV manufacturers delivered its software updates via the encrypted HTTPS web protocol. Lack of encryption makes it easy for an attacker to stage a man-in-the-middle attack by intercepting the data transmission, altering the data and then sending the data back on its way. Of the 19 programs tested, only three succeeded on all counts: Bitdefender Internet Security 2017, ESET Internet Security 10 and Kaspersky Internet Security 17.0. It's difficult to rank the rest of the programs, as each one succeeded and failed to varying degrees.
This discussion has been archived. No new comments can be posted.

How Good is Antivirus Software at Protecting Itself?

Comments Filter:
  • by Anonymous Coward
    I use Windows Defender Antivirus. It's helping to protect my Win 10 pc even now.
  • That's (a small) part of why I don't employ them.

    Next question?

  • by williamyf ( 227051 ) on Thursday May 04, 2017 @01:26PM (#54355893)

    That's strange. That is the solution that is in the box for the foreseable future.

    Is updated the same way the rest of the OS is updated... Say what you want about forced updates and restarts, but if you do not trust the update mechanism (signeage of files + Method of delivery) of the OS itself, no ammount of 3rd party AV will do you any good.

    I wonder how it stacks up on ASLR and DEP... but anyhow, I usae a Mac with BootCamp, so no big dealio

  • Question: Why does Microsoft keep rewriting their software and perpetually adding vulnerabilities instead of perfecting code?
    Answer: Money.

    Solution: Don't use Microsoft products.

    • by GuB-42 ( 2483988 )

      Yes, money.
      But this is not exclusive to Microsoft. Perfecting code doesn't sell, you need something new, and with new features come new bugs.
      It is also applicable to free software. Free software mostly done by developers working for for-profit companies, and in most case their priority is not to perfect the code but rather adapt the software to their business model. A typical example is adding drivers for their products in the linux kernel.
      And it even applies to nonprofits, just look at Mozilla.

      The solution

  • There is no perfect anti-virus program. The only thing that comes close is using a sandbox and you religiously do all of your online stuff in that sandbox. You preferably use a sandbox with a golden recovery point or use a program like Deep Freeze which resets your session upon reboot or uncontrolled power down. I prefer just using Virtualbox and an OS that run within it. You can recover your golden setpoint within 10 seconds (no joke). This protection scheme alone will not protect against keylo
  • by Balial ( 39889 ) on Thursday May 04, 2017 @02:21PM (#54356327) Homepage

    ... but rating them on their use of ASLR is worse than the problem:

    https://forums.grsecurity.net/... [grsecurity.net]

    Find someone who's done some real security analysis, don't see if they bought the snake oil.

  • For more information, click on This Google Doc that explains how.

  • I knew BitDefender were on to something good.

    They offer a free version and even the full version has near-negligible impact on performance.

    And it was one of only three that passed all tests.

You are always doing something marginal when the boss drops by your desk.

Working...