Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
A quick Malwarebytes 3.0 test
Message
<blockquote data-quote="Fabian Wosar" data-source="post: 576312" data-attributes="member: 24327"><p>There is no doubt about that. In fact, I am pretty sure for the samples displayed, there will be no difference at all. However, the difference is, that at the moment they will dismiss the test. I have been through that. During the MB3 beta I tried to get them to fix massive flaws in their ransomware protection that downright failed completely with high profile ransomware families like Locky and Cerber. I spoke to two different Malwarebytes employees directly. The reaction was always the same: "Oh, you must not replicate the infection vector correctly!"</p><p></p><p>If your motivation as a tester is, that you improve everyone's security, which I think is the case for cruelsister, not giving them the opportunity for easy excuses, especially if it adds only a very small amount of overhead, is something worth doing.</p><p></p><p>On a more personal note: Yes, it sucks big time that jumping through hoops like that to get some attention for a flaw is even necessary. In a perfect world, this shouldn't be necessary at all. However, we are not in a perfect world. I am a pragmatist. I can try arguing for hours, days, or even months, trying to change their mind and then start all over again with the next company, or I can simply adjust my testing, provided it doesn't compromise my test's integrity, which takes me a couple of minutes to do, and give them no platform for excuses to begin with. It's an easy pick for me.</p><p></p><p></p><p>Correct. Although MBAE and MB3 treat stuff executing from a packer differently as well. Also a lot of packers and download manager tools these days preserve the zone identifier. Not all of them do, though.</p></blockquote><p></p>
[QUOTE="Fabian Wosar, post: 576312, member: 24327"] There is no doubt about that. In fact, I am pretty sure for the samples displayed, there will be no difference at all. However, the difference is, that at the moment they will dismiss the test. I have been through that. During the MB3 beta I tried to get them to fix massive flaws in their ransomware protection that downright failed completely with high profile ransomware families like Locky and Cerber. I spoke to two different Malwarebytes employees directly. The reaction was always the same: "Oh, you must not replicate the infection vector correctly!" If your motivation as a tester is, that you improve everyone's security, which I think is the case for cruelsister, not giving them the opportunity for easy excuses, especially if it adds only a very small amount of overhead, is something worth doing. On a more personal note: Yes, it sucks big time that jumping through hoops like that to get some attention for a flaw is even necessary. In a perfect world, this shouldn't be necessary at all. However, we are not in a perfect world. I am a pragmatist. I can try arguing for hours, days, or even months, trying to change their mind and then start all over again with the next company, or I can simply adjust my testing, provided it doesn't compromise my test's integrity, which takes me a couple of minutes to do, and give them no platform for excuses to begin with. It's an easy pick for me. Correct. Although MBAE and MB3 treat stuff executing from a packer differently as well. Also a lot of packers and download manager tools these days preserve the zone identifier. Not all of them do, though. [/QUOTE]
Insert quotes…
Verification
Post reply
Top