Author Topic: NEW: Beta version released - 2016.12.1.2265  (Read 14571 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
Re: NEW: Beta version released - 2016.12.1.2265
« Reply #15 on: May 25, 2016, 07:00:43 AM »
While we're here, how about telling us which versions of embedded software Avast is using.

The list in "About Avast" is useful, but not as useful as it could be.  When a vulnerability is discovered, like the 7-zip recently, having version numbers in the credits list could remind us to upgrade quickly in case we get bitten.

Cheers, keep up the good work.

Gordon.

Offline Be Secure

  • Long Time Avast User(10years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1908
Re: NEW: Beta version released - 2016.12.1.2265
« Reply #16 on: May 25, 2016, 10:13:18 AM »
- Please disable HTTPS scanning by default. Avast is behaving like "man in the middle", it is a common malicious activity of malwares. Do not do that!
See: https://blog.avast.com/independent-test-shows-avast-offers-best-https-protection-in-the-market
++1 ;D
PC- Windows10 EDU 64Bit,avast! free 21.1.2449,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

REDACTED

  • Guest
Re: NEW: Beta version released - 2016.12.1.2265
« Reply #17 on: May 25, 2016, 11:53:52 AM »
Ok, you do not like the disabling HTTPS scanning, OK. Lets skip this.

Aaaahhhhh, negative!  I have this collection of ancient 32-bit legacy software which always shows up on PUP scans, so I've had to disable PUP scanning to avoid all the FPs.

Sme folks want PUP scanning, by all means.  But others, no.

Gordon.

It is not you problem, Avast should improve their PUP detection to avoid these false positives. Todays threats are adwares, toolbars.. They are as dangerous as ransomwares.
Please read: http://blog.avira.com/potentially-unwanted-applications-2/

What do you think about other  suggestions? You only beat me about your negative comments. Please do positive if you like others.

and any dev or QA is here to answer me about my requests?
Thanks

REDACTED

  • Guest
« Last Edit: May 25, 2016, 12:29:20 PM by yigido »

Offline Alikhan

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
Re: NEW: Beta version released - 2016.12.1.2265
« Reply #19 on: May 25, 2016, 01:25:01 PM »
- Please remove the free version registration, you even do not control the mails. I wrote blala@live.com and accepted. This registration make users think "Should I have buy this?" .. if it is a marketing feature then tell me I can accept this. You have to pay your bills. I respect.

It's surely not that hard to input your email and name once a year, it even states it's for a free registration.

- Please remove nags from main interface. I installed Windows Avast but it always asks me "Install Avast to your phone".. I do not want to see this. You already show this with popups. Why it is still on main interface. I want clean interface.

To have an ad free GUI, you would need to go to a paid version, however, what is the need to look at the interface once set up?

- Please enable PUP detections by default. It is very importatn situation!

I believe that during setup the user should be asked to enable PUP and explain why rather than be enabled by default.

- Please disable HTTPS scanning by default. Avast is behaving like "man in the middle", it is a common malicious activity of malwares. Do not do that!

No chance. A lot of malware does come from HTTPs in the current day and Avast has secure HTTPs certification implementations.

- While installing Avast, please ask o users "Do you want to participate in data sharing program/Avast community?".. Users should select this while installing software.

I think you have a valid point here but isn't there a screen that lets you know about privacy during install?

- Please add more information into hardened mode popups. User should know "why this file blocked?" "Why Avast suspecting on this file" .. if you did not give this verdict, believe me all user will click on "Exclude" to run their god damn program.

Every file which is not under Avast whitelist will be blocked by Hardened Mode if using the aggressive mode. If using the moderate, it will block files which trigger DeepScreen action.
Windows 10 Home 64-bit • Avast Free (latest stable version) •  Malwarebytes 4 Premium (On-Demand) • Windows Firewall Control • Google Chrome • LastPass • CCleaner • O&O ShutUp10 •

REDACTED

  • Guest
Re: NEW: Beta version released - 2016.12.1.2265
« Reply #20 on: May 25, 2016, 01:39:01 PM »
to @Alikhan ,

Quote
- Please remove the free version registration, you even do not control the mails. I wrote blala@live.com and accepted. This registration make users think "Should I have buy this?" .. if it is a marketing feature then tell me I can accept this. You have to pay your bills. I respect.

It's surely not that hard to input your email and name once a year, it even states it's for a free registration.
I did not say it is hard. It has no point to exist. I just said the feature confuse the users.

Quote
- Please remove nags from main interface. I installed Windows Avast but it always asks me "Install Avast to your phone".. I do not want to see this. You already show this with popups. Why it is still on main interface. I want clean interface.

To have an ad free GUI, you would need to go to a paid version, however, what is the need to look at the interface once set up?
If users do not look at the main UI after install, whats the point putting ad there?

Quote
- Please enable PUP detections by default. It is very importatn situation!

I believe that during setup the user should be asked to enable PUP and explain why rather than be enabled by default.
Yes, we just improved the a suggestion here nice :)

Quote
- Please disable HTTPS scanning by default. Avast is behaving like "man in the middle", it is a common malicious activity of malwares. Do not do that!

No chance. A lot of malware does come from HTTPs in the current day and Avast has secure HTTPs certification implementations
Why no chance? Please ask users about this feature while installing because many user do not want to use Avast certificate on their banking website  :-X
I believe that during setup the user should be asked to enable HTTPS scanning and explain why rather than be disabled or enabled.

Quote
- While installing Avast, please ask o users "Do you want to participate in data sharing program/Avast community?".. Users should select this while installing software.

I think you have a valid point here but isn't there a screen that lets you know about privacy during install?
Yes it tells the user but users only have one option "Just accept this".. Why Avast does not offer 2 button?
1 - Accept data sharing
2 - No thanks. Reject data sharing.
There must be 2 options then after informing the user. User should decide this feature will be on or off. Avast already enabled this feature and just informing the user. It is false for me. I believe that during setup the user should be asked to enable data sharing/Avast Community and explain why rather than be disabled or enabled by default.

Quote
- Please add more information into hardened mode popups. User should know "why this file blocked?" "Why Avast suspecting on this file" .. if you did not give this verdict, believe me all user will click on "Exclude" to run their god damn program.

Every file which is not under Avast whitelist will be blocked by Hardened Mode if using the aggressive mode. If using the moderate, it will block files which trigger DeepScreen action.
I knew how it works. I just want a popup like.
"Avast blocked this file because the file is not in Avast Cloud Whitelist and it is a suspected "trojan" or "pup" file.
Devs can come up with a better idea on this.

Thank you for your time  :)
« Last Edit: May 25, 2016, 01:41:43 PM by yigido »

Offline igor

  • Moderator
  • Serious Graphoman
  • *
  • Posts: 11849
    • AVAST Software
Re: NEW: Beta version released - 2016.12.1.2265
« Reply #21 on: May 25, 2016, 01:49:11 PM »
While we're here, how about telling us which versions of embedded software Avast is using.

The list in "About Avast" is useful, but not as useful as it could be.  When a vulnerability is discovered, like the 7-zip recently, having version numbers in the credits list could remind us to upgrade quickly in case we get bitten.

I get your point, but I'm not sure if the version would be of any real help... or that there actually is a version you can say the particular component is using.
The 7-Zip is quite a good example - the code has been heavily modified or redone from scratch and only a small part (basically just the LZMA decompression algorithm) is there in a form similar to the original. So you can't say it's version this and this because... it is not anymore. The component is shown in the About box because we want to give Igor Pavlov a credit, we did use his code somehow - but it certainly doesn't mean the whole 7-Zip vX.XX source is a part of Avast.

The recently published vulnerabilities are completely irrelevant here (they don't affect the 7-Zip format at all, they are connected to other file formats supported by 7-Zip program, a code which has never been part of Avast)... so even if the About box said it's based on version 9.x (I'm making the number up), there's no reason to update. So the only thing we could update (if we were asked to solve the "problem") is the number shown in the About box. Plus, the unpacking code is a part of virus definitions - which is updated daily anyway, so there isn't much you could do to help it (on the other hand, it's updated much faster than the program - so even if the program shows an old version in the About box, it can be much newer already).

Some libraries are used in multiple places (in multiple modules, or in the program and virus definitions) - and they might be in different versions.
So... what I'm saying is that in my opinion, showing some exact versions in the About box may bring more confusion than be of help.

On the other hand, I can imagine a page on our web commenting on recently discovered vulnerabilities (and their connection to Avast).
I can see our blog post about the 7-Zip issues noted that Avast was not affected, but I admit it may be somehow hidden.

REDACTED

  • Guest
Re: NEW: Beta version released - 2016.12.1.2265
« Reply #22 on: May 25, 2016, 04:30:28 PM »
Hi igor - thank you for a very informative answer.  Maybe this sort of thing should be in the blog?  (I wish the blog link was at the top of the page...)

@yigido - I quite agree,
Quote
Avast should improve their PUP detection to avoid these false positives.
  Maybe Avast should compile a library of old/legacy apps to teach the AV what to ignore?  This should only take a couple of hundred Petabytes :)

OTOH, yes, more info should be given about (hardened mode) blocking.  I don't use it, but a few arrests have been made where I couldn't quite see the evidence, they turned out to be FPs.

Gordon.

Offline Dwarden

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1793
  • Ideas, that's ocean without borders!
    • Bohemia Interactive
Re: NEW: Beta version released - 2016.12.1.2265
« Reply #23 on: May 25, 2016, 09:33:06 PM »
Igor thanks for the detailed answer on the 7zip problem that solves lot of questions :)
https://twitter.com/FoltynD , Tech. Community, Online Services & Distribution manager of Bohemia Interactive

Offline schmidthouse

  • VIRUS FREE A Long Time
  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 7170
  • When you think you know, Think Again
Re: NEW: Beta version released - 2016.12.1.2265
« Reply #24 on: May 25, 2016, 10:12:07 PM »
Igor thanks for the detailed answer on the 7zip problem that solves lot of questions :)

Yes thanks  :)

REDACTED

  • Guest
Re: NEW: Beta version released - 2016.12.1.2265
« Reply #25 on: May 28, 2016, 10:08:59 AM »
Quote
- Please enable PUP detections by default. It is very importatn situation!

I believe that during setup the user should be asked to enable PUP and explain why rather than be enabled by default
+1