PHILIPPINE HEADLINE NEWS ONLINE: Since 1997 © Copyright (PHNO) http://newsflash.org

PHNO SCIENCE & INFOTECH NEWS
(Mini Reads followed by Full Reports)

WHAT'S THE BEST ANTIVIRUS FOR WINDOWS 10? AND IS WINDOWS DEFENDER ENOUGH?


A built-in Windows Defender already. Make sure it is enough. Windows Defender is essentially the latest version of Microsoft Security Essentials, a free antivirus program Microsoft offered for Windows 7. Now it’s built-in, ensuring all Windows 10 PCs have some baseline level of antivirus protection. Is Windows Defender Good Enough? Antivirus is already running out of the box. Windows Defender automatically scans programs you open, downloads new definitions from Windows Update, and provides an interface you can use for in-depth scans. But how good is this? Well, truth be told, Microsoft’s antivirus is a bit behind the others when it comes to comparative antivirus software tests. We’ve sounded the alarm on this before, and we were particularly worried because we had previously liked Microsoft’s antivirus product so much. Windows Defender has a lot of advantages. It’s built-in, won’t harass you with pop-ups and requests for money, and is lighter than some competing antivirus solutions. It won’t attempt to harvest your browsing data and make money from it, as some free antivirus programs have started doing in an attempt to make a profit. Overall, Windows Defender doesn’t provide bad protection, assuming you keep Windows up-to-date, use an up-to-date browser, and avoid potentially dangerous plug-ins like Java. In short: the standard computer security practices you should be following go a long way, and Windows Defender combines that with a baseline of protection. Windows Defender receives fairly low “scores” in antivirus rankings–just 3.5 out of 6 from AV-TEST and the vague but not-very-complimentary “tested” from AV-Comparatives. However, when it comes to actual statistics, AV-TEST found that it still caught 99 percent of the “widespread and prevalent malware” in October 2015, along with 95 percent of the zero-day attacks. AV-Comparatives real-world protection tests found that it caught 94.5% of threats. That’s decent, although still lower than almost every other option (and when you consider AV-Comparatives’ sample size of 1517 threats, it meant that 89 threats still got through). BitDefender and Kaspersky, on the other hand, managed to protect against 100 percent of AV-TEST’s zero day threats, and 99.9% percent of both AV-TEST and AV-Comparatives’ real world tests. READ MORE...

ALSO: 10 Important Computer Security Practices You Should Follow computer-security


Antivirus programs aren’t perfect — especially Microsoft Security Essentials. If you’re relying on your antivirus alone to protect you, you’re putting yourself at risk. You should still follow basic, common-sense computer security practices.
It’s hard to make a complete list of all the little tips and best practices geeks follow every day. This is an attempt at listing some of the most important security practices that you should swear by.Even if you’re careful, you should use an antivirus. It’s possible you may be infected by a zero-day vulnerability in a browser plugin like Adobe Flash or your web browser itself. Even if you keep your browser updated, you may be infected by a new, unpatched vulnerability just by visiting a web page. Now, this isn’t extremely common — but it does happen. An antivirus is an important layer of protection, as it will help protect you even in the face of such vulnerabilities. READ MORE...

ALSO: How to Use the Built-in Windows Defender Antivirus on Windows 10


Windows 10 has built-in real-time antivirus, just as Windows 8 did. It automatically runs in the background, ensuring all Windows users have a baseline level of antivirus protection. Windows 10 won’t complain at you to install an antivirus, as Windows 7 did. If you’ve used Microsoft Security Essentials on Windows 7 or previous versions of Windows, this is the same basic product. It was renamed to “Windows Defender” in Windows 8 and integrated into Windows itself. Automatic Scans and Updates Like other anti-malware applications, Windows Defender automatically runs in the background, scanning files when they’re accessed and before you open them.
You don’t really have to think about Windows Defender at all. It will only pop up and inform you when it finds malware.  It won’t even ask you what you want to do with the malicious software it finds — it will clean it up and quarantine the files automatically. You’ll see a “Malware detected” notification saying “Windows Defender is taking action to clean detected malware” or “Detected threats are being cleaned.” It’ll appear in the notification center, too. Antivirus definition updates will automatically arrive through Windows Update and be installed like any other system update. These types of updates don’t require rebooting your computer. You don’t need to worry about updating Windows Defender. READ MORE...

ALSO: Don’t Use Your Antivirus’ Browser Extensions; They Can Actually Make You Less Safe


Most antivirus programs–or “security suites”, as they call themselves–want you to install their browser extensions. They promise these toolbars will help keep you safe online, but they usually just exist to make the company some money. Worse yet, these extensions are often hideously vulnerable to attack.
Many antivirus toolbars are, at best, just rebranded Ask Toolbar extensions. They add a toolbar, change your search engine, and give you a new homepage. They may brand it as a “secure” search engine, but it’s really just about making the antivirus company money. But in some cases, they do more than that–and sometimes with unintended consequences. “AVG Web TuneUP” is installed when you install AVG antivirus. According to the Chrome Web Store, it has nearly 10 million users. AVG’s official description of the extension says it will “warn you of unsafe search results.”  Back in December, Google-employed security researcher Tavis Ormandy discovered that the extension adds a large number of new JavaScript APIs to Chrome when it’s installed and that “many of the APIs are broken.” Aside from exposing your entire browsing history to any website you visit, the extension offered many security holes for websites to easily execute arbitrary code on any computer with the extension installed. “My concern is that your security software is disabling web security for 9 million Chrome users, apparently so that you can hijack search settings and the new tab page,” he wrote to AVG. “I hope the severity of this issue is clear to you, fixing it should be your highest priority.”  READ MORE...


READ FULL MEDIA REPORTS HERE:

What’s the Best Antivirus for Windows 10? (Is Windows Defender Good Enough?)

CYBERSPACE, MARCH 7, 2016 (HOWTOGEEK.COM) By How To Geek - Windows 10 won’t hassle you to install an antivirus like Windows 7 did. Since Windows 8, Windows now includes a built-in antivirus named Windows Defender.

But is it really the best for protecting your PC–or even just good enough?

Windows Defender is essentially the latest version of Microsoft Security Essentials, a free antivirus program Microsoft offered for Windows 7. Now it’s built-in, ensuring all Windows 10 PCs have some baseline level of antivirus protection.

Is Windows Defender Good Enough?

Antivirus is already running out of the box. Windows Defender automatically scans programs you open, downloads new definitions from Windows Update, and provides an interface you can use for in-depth scans.

But how good is this?

Well, truth be told, Microsoft’s antivirus is a bit behind the others when it comes to comparative antivirus software tests. We’ve sounded the alarm on this before, and we were particularly worried because we had previously liked Microsoft’s antivirus product so much.

Windows Defender has a lot of advantages. It’s built-in, won’t harass you with pop-ups and requests for money, and is lighter than some competing antivirus solutions. It won’t attempt to harvest your browsing data and make money from it, as some free antivirus programs have started doing in an attempt to make a profit.

Overall, Windows Defender doesn’t provide bad protection, assuming you keep Windows up-to-date, use an up-to-date browser, and avoid potentially dangerous plug-ins like Java. In short: the standard computer security practices you should be following go a long way, and Windows Defender combines that with a baseline of protection.

Windows Defender receives fairly low “scores” in antivirus rankings–just 3.5 out of 6 from AV-TEST and the vague but not-very-complimentary “tested” from AV-Comparatives. However, when it comes to actual statistics, AV-TEST found that it still caught 99 percent of the “widespread and prevalent malware” in October 2015, along with 95 percent of the zero-day attacks. AV-Comparatives real-world protection tests found that it caught 94.5% of threats. That’s decent, although still lower than almost every other option (and when you consider AV-Comparatives’ sample size of 1517 threats, it meant that 89 threats still got through).

BitDefender and Kaspersky, on the other hand, managed to protect against 100 percent of AV-TEST’s zero day threats, and 99.9% percent of both AV-TEST and AV-Comparatives’ real world tests.

READ MORE...

In the past, Microsoft has alleged that it focuses on malware that’s actually prevalent in the real world while the tests aren’t representative and other antivirus vendors tune their products to do well in tests. Microsoft employees don’t generally comment on test results anymore, however.

Windows 10 also includes various other protections introduced in Windows 8, like the SmartScreen filter that should prevent you from downloading and running malware, whatever antivirus you use.

Chrome and Firefox also include Google’s Safe Browsing, which blocks many malware downloads.

In short: Windows Defender isn’t bad, per se, it just isn’t as good as your other options.

However, it’s by far the least intrusive, considering most other antivirus programs come bundled with crapware, install problematic browser extensions, and contain occasional popup ads.

If you’re following common sense and other good security practices, Windows Defender may be fine, depending on your risk tolerance.

However, if you’re regularly downloading pirated applications or engaging in other high-risk behaviors, you may want to skip Windows Defender and get something that does better against the collection of obscure malware samples used to
 
test antivirus software.

So What’s the Best Antivirus?

Okay, so that was a little vague. The fact of the matter is, it’s hard to say whether Windows Defender is “good enough”–in fact, it’s hard to recommend only one specific product, since everyone’s needs and tolerances are a little different.

Even among our own staff, each of us recommends something different.

However, we can list a few of our favorites, and you can choose what works best for your situation.

•If you want the absolute best protection: then you’re going to have to pay a little bit for it. Kaspersky is consistently ranked at the top of various antivirus tests, and we like its interface, so if you want the best possible protection for your PC, look no further.

•If you want the best free protection: You can examine rankings for yourself to see the best free options, but we think Avira Free Antivirus currently offers the best balance between protection and non-intrusiveness. It regularly scores highly for protection, and as long as you uncheck the Ask Toolbar during installation, uninstall its browser extension, and don’t mind the occasional popup ad, it’s less intrusive than most other free options.

•If you want the least intrusive free protection: Windows Defender will never trick you into installing something you don’t want, and it will never nag you with ads. If you care more about intrusiveness than you do about perfect protection, Windows Defender is a decent option. Windows Defender will automatically disable itself when you install a third-party antivirus, and then re-enable itself again if you ever uninstall that third-party antivirus. It’s designed to get out of the way.

Antivirus Isn’t Enough: Use Anti-Malware and Anti-Exploit, Too

Antivirus is important, but these days, it’s almost more important that you use a good anti-exploit program to protect your web browser and plug-ins, which are the most targeted by attackers.

MalwareBytes Anti-Exploit is the free program we recommend here. It functions similarly to Microsoft’s own EMET security tool, but it’s more user-friendly and offers more security features. This helps block common exploit techniques, even if they are zero-day attacks that have never seen before. MalwareBytes Anti-Exploit would have blocked all those nasty Flash zero-day attacks you heard of recently, for example. It hardens your browser, plug-ins, and other targets attackers frequently target, defending you against the most common attack techniques rather than attempting to catalog and defend against every known piece of malicious software.

While you’re at it, we also recommend grabbing MalwareBytes Anti-Malware, which itself is a solid anti-malware program that functions well as a compliment to antivirus and anti-exploit programs. It finds a lot of the “potentially unwanted programs” (PUPs) and other junkware that a typical antivirus won’t find.

With those three options–MalwareBytes Anti-Exploit, MalwareBytes Anti-Malware, and your antivirus of choice–you’ll be pretty well protected.

Remember: whatever antivirus you choose, it won’t provide complete protection.

If you download and run harmful programs, you’re going to end up in trouble at some point. Good security hygiene is just as important, if not more important, than running antivirus, so don’t use it as an excuse to be irresponsible.


10 Important Computer Security Practices You Should Follow computer-security

Antivirus programs aren’t perfect — especially Microsoft Security Essentials. If you’re relying on your antivirus alone to protect you, you’re putting yourself at risk. You should still follow basic, common-sense computer security practices.

It’s hard to make a complete list of all the little tips and best practices geeks follow every day. This is an attempt at listing some of the most important security practices that you should swear by.

Even if you’re careful, you should use an antivirus. It’s possible you may be infected by a zero-day vulnerability in a browser plugin like Adobe Flash or your web browser itself. Even if you keep your browser updated, you may be infected by a new, unpatched vulnerability just by visiting a web page.

Now, this isn’t extremely common — but it does happen. An antivirus is an important layer of protection, as it will help protect you even in the face of such vulnerabilities.

READ MORE...


avast-antivirus

Leave UAC Enabled

User Account Control
was obnoxious when Microsoft introduced it on Windows Vista, but it’s much less intrusive on Windows 7 and 8. It’s at its worst when setting up a new computer and installing your favorite software — but, after you set your computer up, it won’t bug you too much. UAC helps prevent malicious software from modifying your system without permission. Like antivirus, it’s an important layer of protection.

Leave the Firewall Enabled and Configure It Correctly



Windows has a built-in firewall, so you don’t need to install a third-party firewall. However, you should leave the built-in firewall enabled. The firewall blocks unsolicited incoming connections, protecting Windows and the other software on your computer from malware that exploits unpatched vulnerabilities in system services that listen to the network. This is how worms like Blaster spread so quickly in the early days of Windows XP and why such worms can’t spread as quickly anymore.

You should also configure your firewall correctly — when it pops up and asks you whether you’re on a Home, Work, or Public network, choose the appropriate answer. If you select the Home option when you’re connecting to Wi-Fi at a coffee shop, your laptop may make your shared Windows files available to other people on the coffee shop’s network. The Public option prevents other people from accessing shared resources.



Uninstall Java
Most web users have an outdated, insecure version of Java running. It’s therefore extremely easy for them to be infected by just visiting a web page. Java has seen a constant stream of massive security holes. The most tragic thing about the Java situation is that Java applets are so rare on the web these days that few people actually need Java installed.

If you have Java installed, visit your Control Panel and uninstall it. If you do actually need Java for something, you’ll be prompted to reinstall it — but you probably don’t.

If you do need Java installed — to play Minecraft, for example — you’ll want to disable the Java browser plug-in to protect yourself.

Keep Your Software Updated — Automatically if Possible
All the software we use every day is likely riddled with security issues. These security issues are constantly being found — whether we’re talking about Windows, Internet Explorer, Mozilla Firefox, Google Chrome, the Adobe Flash plugin, Adobe’s PDF Reader, Microsoft Office — the list goes on and on.

Software companies regularly release security patches for such software. Worse yet, the patches release notes themselves may give information to attackers that helps them develop attacks on unpatched machines. It’s important to install such software updates as soon as possible after they’re available.

To do this, leave Windows Update set to automatically update — or at least set it to alert you to new updates and install them quickly. Internet Explorer, Mozilla Firefox, Google Chrome, Adobe Flash, and Adobe Reader all have automatic-update features — leave them enabled so you’ll always have the latest version without having to worry.

Browser plug-ins are a significant security issue. To be completely sure that you don’t have outdated browser plug-ins, visit Mozilla’s plug-in check website — yes, it works in other browsers and not just Firefox.


windows-update

Be Careful About Programs You Download and Run
This one may seem obvious, but so much of the malware Windows users encounter seems to be as a result of accidentally downloading and installing bad software. Be careful about the programs you download and run.

Only download and run trustworthy software. Get the software from its official website — if you want to download VLC, download it from VLC’s official website. Don’t click a “Download VLC Media Player” banner on another website and download it from someone else that may bundle malware or adware along with it.

The same goes for software that arrives via email attachments — don’t open executable email attachments.

And, when downloading software, be sure to watch out for advertisement banners disguised as “Download” links that will take you elsewhere and try to trick you into downloading possibly malicious software.

Be aware that there are many different types of “programs” — for example, screensavers in .SCR format are essentially just programs and could contain harmful malware.

We’ve got a list of 50+ different types of file extensions that are potentially dangerous on Windows.


open-file-security-warning-header

Avoid Pirated and Cracked Software
When you acquire pirated or cracked software from peer-to-peer networks or shady websites, you’re taking a big risk. By running an .exe file from such locations, you’re trusting the distributor to not do anything harmful. Worse yet, the cracks you may need to run to make such software work properly are made by software-cracking groups. You can’t know if they’ve included malware or not.

Downloading pirated software and cracks is just a bad idea from a security standpoint. We’ve probably all seen people download files from peer-to-peer networks and become infected as a result.

Downloading unauthorized software is much riskier than pirating music or videos — software is machine code that can be tampered with. A video is just a media file that can play or not play — although untrustworthy individuals often try to disguise malicious programs as videos so less-experienced users will run them.

Beware Phishing and Social Engineering
Browsers and email clients try to protect you from phishing attacks, but they’re not perfect.

A phishing attack is the web equivalent of someone calling your phone, claiming to be your bank, and asking for your credit card number. Your bank would never call you and ask for this information, just as they would never email you and ask you to send the information in an email.

Be very careful when disclosing personal information online. Ensure you disclose it only to legitimate individuals and websites.

To access your bank’s website, go directly there — don’t click a link in an email that claims to be from your bank, but may actually direct you to an imposter site.



Don’t Reuse Passwords
Password re-use is a huge problem. If you use the same password everywhere, a leak at one website would mean that your username, password, and email address are known. Attackers could then try your password along with your username or email address on other websites, attempting to gain access to your accounts. They could even try the password and email combination to get into your email account — so if you use the same password on your email account, you’re in trouble.

Such password leaks are happening with alarming frequency. If you use a unique password everywhere, you wouldn’t have to worry if your passwords ever did end up leaked. For help using unique passwords, you may want to use a password manager that makes this easier on you.

Use Secure Passwords
Password managers can also help you use secure passwords, which are reasonably long and ideally contain some combination of letters, numbers, and symbols. Password leaks have shown that many people use alarmingly simple passwords, such as “password”, “letmein”, and “12345” to log into their favorite websites. It should be obvious — these passwords definitely aren’t secure.

There’s no way to make a complete list of all the best computer security practices, so we’re sure we’ve missed some important ones. Feel free to leave a comment and share other important tips people should follow.


How to Use the Built-in Windows Defender Antivirus on Windows 10

Windows 10 has built-in real-time antivirus, just as Windows 8 did. It automatically runs in the background, ensuring all Windows users have a baseline level of antivirus protection. Windows 10 won’t complain at you to install an antivirus, as Windows 7 did.

If you’ve used Microsoft Security Essentials on Windows 7 or previous versions of Windows, this is the same basic product. It was renamed to “Windows Defender” in Windows 8 and integrated into Windows itself.

Automatic Scans and Updates

Like other anti-malware applications, Windows Defender automatically runs in the background, scanning files when they’re accessed and before you open them.

You don’t really have to think about Windows Defender at all. It will only pop up and inform you when it finds malware.

It won’t even ask you what you want to do with the malicious software it finds — it will clean it up and quarantine the files automatically. You’ll see a “Malware detected” notification saying “Windows Defender is taking action to clean detected malware” or “Detected threats are being cleaned.” It’ll appear in the notification center, too.



Antivirus definition updates will automatically arrive through Windows Update and be installed like any other system update. These types of updates don’t require rebooting your computer. You don’t need to worry about updating Windows Defender.

READ MORE...

Configuration and Exclusions
Windows Defender settings are now integrated into Windows 10’s new Settings app. To access it, open the Start menu and select Settings. Choose the “Update & security” category and select Windows Defender.

By default, Windows Defender automatically enables real-time protection, cloud-based protection, and sample submission. Real-time protection ensures Windows Defender automatically finds malware by scanning your system in real time. You could disable this for a short period of time if necessary for performance reasons, but Windows Defender will automatically re-enable real-time protection to keep you safe later. Cloud-based protection and sample submission allow Windows Defender to share information about threats and the actual malware files it detects with Microsoft.

You can also set Exclusions from here — scroll down and select “Add an exclusion.” Exclusions can be specific files, folders, file types, and processes. If the antivirus is dramatically slowing down a certain application you know is safe by scanning it, this can speed things up again. Be careful to use exclusions sparingly and smartly — these reduce your PC’s security because they tell Windows Defender not to look in certain places.



Manual Scans
Scroll down to the Version info section at the bottom of the Windows Defender pane in the Settings window and click “Use Windows Defender” to access the Windows Defender desktop app interface.

If you’ve used Microsoft Security Essentials before, you’ll immediately recognize this. (We can probably expect Microsoft to move more of the options here to the Windows Defender pane in the Settings app over time.)

From this window, you can initiate a quick scan, full system scan, or a custom scan of specific folders. For example, you could connect an external hard drive to your computer and perform a Custom scan to scan that entire drive for malware.

You shouldn’t have to regularly perform manual antivirus scans. Windows Defender scans everything in the background anyway, and there’s even a scheduled task in Windows that automatically scans your computer on a regular basis. This feature is mostly useful for scanning external media and network locations.



Viewing Quarantined Malware
If Windows Defender informs you that it’s blocked malware, you can view the blocked malware from the Windows Defender desktop app.
•Click the “use Windows Defender” link in the Settings app to access Windows Defender, and then click over to the History tab.
•Click “View details” to view detected malware. You can see the name of the malware and when it was found and quarantined.

From here, you can remove the malware to delete it entirely from your PC or allow the supposedly malicious file to run. You should only do this if you’re absolutely sure the detected malware is a false positive. If you’re not absolutely, 100 percent sure, don’t allow it to run.



What if You Install Another Antivirus?
Windows 10 will automatically disable Windows Defender if you install another anti-malware program. It won’t continue performing real-time scans, so it won’t interfere with your other antivirus.

Try to open the Windows Defender settings pane with another antivirus installed and you’ll find every option grayed out. Click the “Use Windows Defender” link and you’ll be informed Windows Defender has been disabled. Windows Defender will pop-up and say “This app has been turned off and isn’t monitoring your computer.”

If you uninstall the other antivirus, Windows Defender will kick into gear once again and take over, providing antivirus protection.



Whichever antivirus product you prefer, it’s good that every single new Windows installation going forward will come with built-in antivirus protection.

The Malicious Software Removal Tool Microsoft occasionally delivers through Windows Update is no substitute for a proper anti-malware application.


Don’t Use Your Antivirus’ Browser Extensions: They Can Actually Make You Less Safe

Most antivirus programs–or “security suites”, as they call themselves–want you to install their browser extensions. They promise these toolbars will help keep you safe online, but they usually just exist to make the company some money. Worse yet, these extensions are often hideously vulnerable to attack.

Many antivirus toolbars are, at best, just rebranded Ask Toolbar extensions. They add a toolbar, change your search engine, and give you a new homepage. They may brand it as a “secure” search engine, but it’s really just about making the antivirus company money. But in some cases, they do more than that–and sometimes with unintended consequences.

“AVG Web TuneUP” is installed when you install AVG antivirus. According to the Chrome Web Store, it has nearly 10 million users. AVG’s official description of the extension says it will “warn you of unsafe search results.”

Back in December, Google-employed security researcher Tavis Ormandy discovered that the extension adds a large number of new JavaScript APIs to Chrome when it’s installed and that “many of the APIs are broken.” Aside from exposing your entire browsing history to any website you visit, the extension offered many security holes for websites to easily execute arbitrary code on any computer with the extension installed.

“My concern is that your security software is disabling web security for 9 million Chrome users, apparently so that you can hijack search settings and the new tab page,” he wrote to AVG. “I hope the severity of this issue is clear to you, fixing it should be your highest priority.”

READ MORE...

Four days after it was reported, AVG had a patch. As Ormandy wrote: “AVG submitted an extension with a “fix”, but the fix was obviously incorrect.” He had to provide instructions for how to fix this flaw, and AVG issued an updated patch a day later. The fix restricts the functions to two specific AVG domains, but, as Ormandy noted, the websites on those domains have their own flaws that opens users up to attack.

Not only did AVG ship a browser extension with obviously broken, shoddy, insecure code, but AVG’s developers couldn’t even fix the problem without having their hands held by a Google security researcher. Hopefully, the browser extensions are being developed by a different team and the real experts are working on the antivirus software itself–but that’s a good example of how those antivirus browser extensions can go from useless to harmful.

Example 2: McAfee and Norton -Don’t Think Microsoft Edge Is Secure (Because It Doesn’t Support Their Add-On)



If you’ve been following the development of Microsoft Edge for Windows 10, you’ll know that it’s supposed to be a more secure web browser than Internet Explorer. It runs in a sandbox and abandons support for old, insecure plug-in technologies like ActiveX. It has a more streamlined codebase and a variety of other improvements, such as protection against “binary injection,” where other programs inject code into the Microsoft Edge process.

And yet, McAfee–which is even installed by default on many new Windows 10 PCs–really doesn’t want you to use Microsoft Edge. Instead, McAfee recommends you use Internet Explorer, and will helpfully remove Edge from your taskbar and pin Internet Explorer there if you let it. All so you can keep using the McAfee browser extension.

Even if that browser extension helped keep you secure a little bit–something we don’t really believe–you’d be much better off with the improved security in Microsoft Edge. Norton does something similar, recommending you use a “supported browser” like Internet Explorer on Windows 10.

Thankfully, Microsoft Edge will soon support Chrome-style browser extensions. And when it does, McAfee and Norton can force their browser extensions on Edge users and stop redirecting them to the old-and-out-of-date-IE.

Example 3: Avast’s Online Security Extension Once Included Ads and Tracking img_56a1972a79fec

Here’s one we’ve covered before: Avast installs an “Avast! Online Security” browser extension when you install the main security suite, and they later added a feature named “SafePrice” to the extension in an update. This feature was enabled by default, and it displayed online shopping recommendations–in other words, ads that presumably make Avast money when you click them–as you browse.

To do this, it assigned you a unique tracking ID and sent every single web page you visited to Avast’s servers, associated with that unique ID. In other words, Avast tracked all your web browsing and used it to show ads. Thankfully, Avast eventually removed SafePrice from its main browser extension. But antivirus companies clearly see their “security” extensions as an opportunity to dig deep into the browser and show you ads (or “product recommendations”), not just a way to keep you secure.

It’s Not Just Browser Extensions: You Should Disable Other Browser Integrations, Too

Extensions are just part of the problem. Any form of browser integration can create security holes. Antivirus programs often want to monitor all your network traffic and inspect it, but they can’t normally see what’s happening inside an encrypted connection, like the one you use to access your email, or bank, or Facebook. After all, that’s the point of encryption–to keep that traffic private. To get around this limitation, some antivirus programs effectively perform a “man-in-the-middle” attack so they can monitor what’s actually going on over an encrypted connection. These work an awful lot like Superfish, replacing certificates with the antivirus’s own. The MalwareBytes blog explained avast!’s behavior here.

This feature is generally just an option in the antivirus program itself, and not part of a browser extension, but it’s worth discussing all the same. For example, Avast’s SSL-interception code contained an easily exploitable security hole that could be used by a malicious server. “At least get an intern to skim your [code] before shipping it,” tweeted Ormandy after discovering the problem. It’s one of those bugs that Avast, a security company, should have caught before shipping it to users.

As he argued in following tweets, this sort of man-in-the-middle code just adds more “attack surface” to the browser, giving malicious sites another way to attack you. Even if the developers of your security program are more careful, features that tamper with your browser are a lot of risk for not much reward. Your browser already contains anti-malware and anti-phishing features, and search engines like Google and Bing already attempt to identify dangerous websites and avoid sending you there.

You Don’t Need These Features, So Disable Them

Here’s the thing: even barring the above issues, these browser extensions are still unnecessary.

Most of these antivirus products promise to make you more secure online by blocking bad websites, and identifying bad search results. But search engines like Google already do this by default, and phishing and malware page filters are built into Google Chrome, Mozilla Firefox, and Microsoft’s web browsers. Your browser can handle itself.

So whatever antivirus program you use, don’t install the browser extension. If you already installed it or weren’t given a choice (many install their extensions by default), visit the Extensions, Add-ons, or Plug-ins page in your web browser and disable any extensions associated with your security suite. If your antivirus program has some sort of “browser integration” that breaks the way basic SSL encryption is supposed to work, you should probably disable that feature too.

Interestingly enough, Ormandy–who’s found a variety of security holes in many, many different antivirus programs–ends up recommending Microsoft’s Windows Defender, stating that it’s “not a complete mess” and “has a reasonably competent security team.” While Windows Defender certainly has its flaws, at least it doesn’t attempt to insert itself into the browser with these additional features.

Of course, if you want to use a more powerful antivirus program than Windows Defender, you don’t need its browser features to stay secure. So if you download another free antivirus program, be sure to disable its browser features and extensions. Your antivirus can keep you safe from malicious files you might download and attacks on your web browser without those integrations.


Chief News Editor: Sol Jose Vanzi
© Copyright, 2015 by PHILIPPINE HEADLINE NEWS ONLINE
All rights reserved

Best viewed on IE (On Chrome & Firefox some images may be awry)


PHILIPPINE HEADLINE NEWS ONLINE [PHNO] WEBSITE