Author Topic: what Avast is critically missing...  (Read 23344 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: what Avast is critically missing...
« Reply #30 on: December 24, 2013, 11:00:44 PM »
What could be done and try to do so only - whenever you are absolutely sure  as to what you are excluding -
is to exclude a specific file by typing it out manually as  some File System Shield default rules come with file names.
This should work for the free solution as well.
I do not know such tweaks are endorsed by avast!as the info was found through Wilders Security Forums
and as I am not representing the official avast point of view as we are no avast! team members/avast !staff.
We are not fan-boys either, but try to give support as far we know it for this great av solution.,
and will always try to come up with solutions in a positive way.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Randissimo

  • Guest
Re: what Avast is critically missing...
« Reply #31 on: December 25, 2013, 01:04:04 AM »
What could be done and try to do so only - whenever you are absolutely sure  as to what you are excluding -
is to exclude a specific file by typing it out manually as  some File System Shield default rules come with file names.
I'm not sure if I've understood it right, but when you exclude a specific file like "worksheet1.dll" by writing it manually in the
exclusion field, files like "worksheet2.dll" would get instantly whitelisted, too?
If that's the case, it would be much more a risk than a (temporary) whitelistening feature on demand for each file that triggers an alert,
because malware might try to read the whitelist and name themselves like "worksheet9.dll" or "worksheet5.dll" while you yourself know
that you only have "worksheet1.dll" till "worksheet4.dll" from your work project.

Quote
If you are working on a software project logic dictates you will get detections.
The files you are working with have not been added nor sent out via a vps update.
What's your point and what does it have to do with the feature request of making a "do-nothing" scenario when a fp pop-up
is shown from the real-time protection?

Quote from: propheticus
- How wide a scope of folders do you add to ignored folders to prevent detection of project files without setting this so wide that it becomes a security risk?
- Is manually adding excluded folder a real option for these users (software developers/testers/etc) as they often use many (extruded) code from various (remote) sources.
- Does a deeply hidden (advanced) option that enables an advanced user to whitelist a file from the pop-up actions list really pose such a big risk to average users? Will they really go through the effort to go deep into the setting to enable this? I believe not.
Would be nice to hear some answers from the staff or at least from the "everything's o.k. with current Avast" - lot.
« Last Edit: December 25, 2013, 01:16:05 AM by Randissimo »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: what Avast is critically missing...
« Reply #32 on: December 25, 2013, 01:53:18 AM »
Normally work projects are to be made in lab settings disconnected from the Internet, the av testing phase is a next one.
I would have such a lab settings without any active av solution and bring in the testing phase with av active in another more natural settings later.
The excluding development phase handling with avast exclusion on demand is in fact somethng an avast team developers could instruct on.
Maybe one can react to these questions posted here?

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

propheticus

  • Guest
Re: what Avast is critically missing...
« Reply #33 on: December 25, 2013, 02:04:07 AM »
A lab setting might be feasible for the development of a corporate scale information system, but I don't think a small developer will do this. Or let's say a developer works from home, he'll need to be connected via the internet (VPN or not, still..). Also hobby programmers or one of the many people making (android/iOS) apps will often use a PC that's connected to the internet. Open source projects use online bugtrackers and version control repositories like sourceforge.net
Whenever you are connected to the internet you should have an Antivirus solution. Inconvenient truth nowadays...

NoelC

  • Guest
Re: what Avast is critically missing...
« Reply #34 on: December 25, 2013, 03:13:07 AM »
The simple truth is that any person could create a file that triggers a detection - and I'm not talking about a virus writer or a person who's already infected.

I've had it happen, in an intermediate file as part of a software build.  Apparently something about the Win32:Evo-gen detection at the time was set a little loose because I'm not the only one.  In fact, other than alerts on a few web sites that I wouldn't have gotten an infection from anyway (I disable ActiveX as a matter of course), false positives are the ONLY detections I've had literally in years.  I do not rely on my AV solution, it's there as a safety net that hopefully never sees action.

Thing is, a LOT of people develop software and/or create content out there.  Smart people.  People who know what they're doing as well as any evangelist here, and who don't practice bad habits and get infections.  I'll concede that it's probably no where near a majority of all users, but enough that there needs to be an expert option - or maybe an expert version - that provides expanded user control and includes better options for working around false positives. 

This does not even touch on the possibility of the AV software having a problem that causes false positives.

Here's a good rule for any software developer to follow: 

Make things easy to use, and as foolproof as possible, but don't dumb things down so much that they get in the way of smart users who know what they're doing.

If I had to summarize, the argument here seems to be between smart users who know what they're doing and aficionados who believe people would just get themselves in trouble if given control. 

But, you see, the trouble is they DO have control.  All or nothing control.  This just needs to be refined.

-Noel

Offline Cast

  • Sr. Member
  • ****
  • Posts: 302
Re: what Avast is critically missing...
« Reply #35 on: December 25, 2013, 04:18:40 AM »
Make things easy to use, and as foolproof as possible, but don't dumb things down so much that they get in the way of smart users who know what they're doing.

If I had to summarize, the argument here seems to be between smart users who know what they're doing and aficionados who believe people would just get themselves in trouble if given control. 

But, you see, the trouble is they DO have control.  All or nothing control.  This just needs to be refined.

-Noel

Thats part of the problem though, not everyone that uses avast is a "smart user" as you call them, some are people that are new to computers or dont know the risks involved with what you guys are so hard trying to prove a point.

Take it for instance the older generation, they didnt grow up with this kind of technology and yet a lot of them are forced to use it because thats what a lot of things now a days are required of this era. Just because the advanced users want something doesnt mean avast will cater towards it because they have to think of every user here not just those that are tech savy.

olddog

  • Guest
Re: what Avast is critically missing...
« Reply #36 on: December 25, 2013, 12:54:15 PM »
..Take it for instance the older generation, they didnt grow up with this kind of technology..

Cast,
Though perhaps not intended, that is more than a little patronizing. Some of us "older generation"  had to design and write their programs long hand before transferring to paper tape, then stand in a queue to have the chance to try it on the few uni machines available. Many wrote their own programs in micro code for (by todays standards) incredibly limited memory and limited hardware functionality home built micro "computers", and later used primitive multipass compilers. (anyone else remember the early fortran compilers). We were there as the computer industry progressed from its infancy to where it is today.

Some of us may well know more about what is happening technically in terms of both the hardware and software than many of the current generation who buy their PC's off the shelf, and buy all of the software itself.  I have no problem with this, that is what personal computers are for now, to be "used". 

There are obviously people in the "older generation" who don't have the same level of computer knowledge as some of the people of the current generation, and there are people in the current generation who don't have anywhere near the technical knowledge of some of the "older generation"

Please think a little before making generalisations based on age.

Nuff said - have a happy Christmas and a prosperous new year.  :)

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: what Avast is critically missing...
« Reply #37 on: December 25, 2013, 01:55:04 PM »
Hi olddog,

Remarks that went right down to my good "old" heart. On the other side I have experienced what is still lacking with security education on Higher Education Institutes for IT Development and Communication Science in the Netherlands. Doing the rounds this year at exams I asked several students about their coding security education? Non-existent this year, had been in the curriculum the year before, but taught from the wrong textbooks.  :(
Student in question is now having his own hosting firm, being a potential danger to the general Interwebs community (of course some of the posters in this thread excluded  :D) ,
That is the other side of arrogant remarks, the unreasonable demands etc. I would not code outside a VM environment and inside a sandbox. Who is to risk his valuable OS coding right on the open Internet, that is now known to be completely "pn*w*d", from the recent various gov surveillance revelations and we now know the extent of where this goes  ;)

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: what Avast is critically missing...
« Reply #38 on: December 25, 2013, 01:58:13 PM »
@ Cast,
As someone of the "older generation", I take a little exception to your comment.
Those of us in the "older generation"  taught most of you much of what you now know.  Hopefully, you will eventually become part of that "older generation"  should you be around
long enough.
You'll then need to put up with those of your current generation who will be calling you a member of the "older generation".  ;D
Remember, we all eventually reap what we sow.    :)
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

J.Stalin

  • Guest
Re: what Avast is critically missing...
« Reply #39 on: December 25, 2013, 03:57:31 PM »
It is extremely annoying when developers of AV, operating systems or browsers take control over the users pc's. I make plenty of small applications to make computing faster and easier. These almost always trigger Avast, either because they are unknown, scripts or some other debauched reason. I use version 7, and have my entire application work mainfolder marked as "Avast free zone". This works fine until the moment I try to move a file to usb or anywhere else. Then I need to pick it up from the chest and mark it trusted. All this annoying babysitting could be avoided by adding a simple ignore button. And why is there no ignore button? Because some people don't understand pc's, we must all be treated as completely  ignorant fools. How hard could it be to make a babysitter/non-babysitter option. And for the sake of all the worried evangelists, make babysitter mode the default. I suspect version 9 to be even worse than version 8 and version 7, that is why I stick to version 7.

kodl

  • Guest
Re: what Avast is critically missing...
« Reply #40 on: December 25, 2013, 04:41:58 PM »
@para-Noid, so it is logical/common sense go and ignore what people are demanding/suggesting and also negatively react to criticism? Read people reaction on Avast 9! I'm not the only1 who is criticizing. Avast should learn first RULE of any business anywhere in the world: Customer is ALWAYS right. So far Avast is ignoring this rule. I did check Avast reviews on the net. Why is Avast falling? Again: Customer is always right!

Offline Cast

  • Sr. Member
  • ****
  • Posts: 302
Re: what Avast is critically missing...
« Reply #41 on: December 25, 2013, 06:52:28 PM »
I only used the older generation as an example because I know my parents and grandparents arent as tech savy as most of the younger generation, I meant no offense to anybody in particular but all I meant is that the younger generation such as myself grew up with this technology while the older generations such as my grandparents had to adapt to it and still are.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: what Avast is critically missing...
« Reply #42 on: December 25, 2013, 07:49:01 PM »
Hi Uncle Scrooge,

And alas that is a general trend and development and it is not only av that is contributing to this here. To have the IDS detection of a user script like malware script detector extension inside the firekeeper add-on for firefox, I had to incorporate that into firekeeper's blacklist to make it function. Would have liked to tweak it with my own rules. Incorporate my own user scripts into firefox is ask ing me to jump more and more hoops and hurdles  to accomplish this. What I mean to say is to take software back into apt user's hands by tweaking is not that easy as it used to be and on all levels. As a f.ravia and woodman adept I know what I talk about. Annoying it really becomes when for instance Google bans the use of specific adblocking in their OS when they seems to be able to get away with it, because it conflicts with their commercial earn model.  Whenever general security considerations prevail I can go along with these developments, whenever patronizing the user is behind it or fingerprinting/monitoring like with the browser google sponsor model I loathe it. So legally fuzz, code explore, use safe hex, regular expressions, input output validation on all layer levels to be aware what is going on under the hood. Bur do not make cheap accusations and assumptions. That won't help the situation. The avast! av solution has "a lot of irons in the fire" at the moment, but I hope they also will watch over general development".

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6700
  • Trust only what you test yourself!
Re: what Avast is critically missing...
« Reply #43 on: December 25, 2013, 08:04:31 PM »
1) Many studies have been done showing the same result...99% of the time the customer is wrong.

2) Don't get me wrong...I can see your point. I just don't think it's feasible or wise.

3) The points made "for" this idea should have been posted in the feedback board in the first place.
    Click "login">click "single sign-in">wait for page to reload>click "idea">then post your idea
    Don't be too surprised when it gets rejected.


https://feedback.avast.com/
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: what Avast is critically missing...
« Reply #44 on: December 25, 2013, 08:29:27 PM »
Hi Para-Noid,

This discussion is going more and more into a general opinion discussion and we have been there many times before. Tweak-ability of (open) software opposed to rigid predefined closed software. So specific use of software. Just give an example from what I am doin' here, website software analyzing. Whenever I use http://aw-snap.info/file-viewer/ to scan the code of a site on a fixed IP I get banned by the tool as that specific use was not being foreseen by redleg, the developer. When asked he saw no objection and granted me access, because he knew I was not abusing the service, just sanning suspicious or potential malicious code on websites from website owners that asked for support with detections. Well a similar situation arose here. Only thing is this can only be tackled by avast development and the big question here can abuse be excluded?

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!