topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 8:01 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: AV testing: Is your antivirus app doing its job?  (Read 16042 times)

CWuestefeld

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,009
    • View Profile
    • Donate to Member
Re: AV testing: Is your antivirus app doing its job?
« Reply #25 on: July 27, 2015, 02:51 PM »
even legit sites that you'd keep whitelisted might be compromised

As the manager of a web development team, this is something that I'm always paying attention to, much to the annoyance of some partners and even customers. You might be surprised how many third parties want us to directly reference js code that lives on somebody else's servers (for example, to show fancy interactive product info from the manufacturer).

My position is that my users have agreed to trust *me*, but they don't even know that they'd be implicitly trusting *you*. I don't have the authority to transfer my users' trust like that, so I simply will not allow your code to run in my site.

We've made a couple of sort-of exceptions. If they'll give us the code to verify ourselves, and host on our own servers, it's much less of an exposure. At least I can still have control over the stuff that I have responsibility for, rather than just abdicating that security consciousness.

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: AV testing: Is your antivirus app doing its job?
« Reply #26 on: July 27, 2015, 02:56 PM »
It's more important to avoid (or at least click-to-play) Java + Flash plugins than keeping JS disabled. The diagram it ignores the fact that Chrome has a special and somewhat-safer implementation of Flash, it ignores the smaller amount of malware targeting OSX, it ignores the browser used, and it ignores user behavior.

I do believe OSX has worse security holes than Windows, but given the combination of available malware and user behavior, I don't agree in the short-circuit. And fringe OSes are extremely unlikely to be infected with anything even with javascript turned on.
- carpe noctem

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: AV testing: Is your antivirus app doing its job?
« Reply #27 on: July 27, 2015, 03:03 PM »
even legit sites that you'd keep whitelisted might be compromised
As the manager of a web development team, this is something that I'm always paying attention to, much to the annoyance of some partners and even customers. You might be surprised how many third parties want us to directly reference js code that lives on somebody else's servers (for example, to show fancy interactive product info from the manufacturer).
I wouldn't be surprised, given I deal with both front- and backend code these days :)

My position is that my users have agreed to trust *me*, but they don't even know that they'd be implicitly trusting *you*. I don't have the authority to transfer my users' trust like that, so I simply will not allow your code to run in my site.

We've made a couple of sort-of exceptions. If they'll give us the code to verify ourselves, and host on our own servers, it's much less of an exposure. At least I can still have control over the stuff that I have responsibility for, rather than just abdicating that security consciousness.
I'm opposed to pulling in just any random external link, but sometimes clients have desires that you just have to be pragmatic about. I don't much mind pulling in stuff from the google CDNs - if they get hacked, things are bad on so many other levels. You do have to consider *where* you pull in stuff, though, as referencing the google CDN serves as a tracking beacon even though you're just grabbing jQuery or Angular.

For most other stuff, I want a local copy, checked into the project's version control system. Better for security, and for project longetivity given how fickle a thing web development is.
- carpe noctem

Jibz

  • Developer
  • Joined in 2005
  • ***
  • Posts: 1,187
    • View Profile
    • Donate to Member
Re: AV testing: Is your antivirus app doing its job?
« Reply #28 on: August 23, 2015, 07:37 AM »
I've been using the MSE + MBAM + EMET combo on all computers for the past couple of years without any issues, but the past couple of days I've had problems on this one machine.

MSE kept hanging, and I cannot figure out what is causing a conflict. So I am trying out alternatives at the moment. This is reminding me how much I hate most AV software, because they all seem to be huge suites that do all kinds of things I would rather have a dedicated separate program do if I need it.