New Update F-Secure beta version updates

TuxTalk

Level 13
Verified
Top Poster
Well-known
Nov 9, 2022
649
@bazang "Security is not software. Security is a process". Profound, yet for the average user, it is also a tool, a safety net.

And back to the thread topic at hand, well sort of, Ville (F -Secure Mod/Product expert) did not respond to the replies posted, and I don't think they will. I'm thinking F-Secure sold their soul to Gen Digital already, and the architecture, the re-engineering has been a part of the merger, that they're keeping it under wraps for now?

It's a marriage made in heaven in this regard, both apps have the VPN and Password Manager incorporated in the app itself. Both VPN/s use Amazon servers. Maybe that was part of the initial discontinuation of the Freedome app, to make it more of a seamless transition from F-Secure into F-Secure Avira?

Edit: As F-Secure maintains its vice like grip on trying to be the king of FPs 😂😂

View attachment 286290
Never have any FP with Trend, AV-C are a bunch of Noobs.
 

Jonny Quest

Level 22
Verified
Top Poster
Well-known
Mar 2, 2023
1,153
I renewed my F-Secure subscription a few days ago. Due to the switch from F-Secure to Avira, I requested a refund of the subscription costs.
At one time, I had a subscription to Avira Pro which I'm now installing again on all of my PC's. It's also nicer to work with a portal that actually has more information and functionally to it than F-Secure's stripped down version.
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,779
Emsisoft could be next. Abandoning the firewall, simplifying settings, minimizing changes, ...
"could be next" in what sense? taken over by Norton group (I forget the correct name), or taken over by another? I don't see that happening. My recent usage of Emsi has been very positive (fwiw) and I sense their independence fwiw2. They stopped developing their firewall years ago, saying windows fire was good (enough) for integration with Emsisoft. Or I hope they stay independent.
 

bazang

Level 8
Jul 3, 2024
359
@bazang "Security is not software. Security is a process". Profound, yet for the average user, it is also a tool, a safety net.
The average user thinks that security is software and there are security software publishers that pander to that user ignorance. It is a big reason why the malware problem will never be solved. Security software is like putting a bandaid onto a broken leg and saying "OK. There you go. You are fixed."

The security software publishing industry has poisoned the global population by preying upon users' ignorance. That's what has happened over the past decades.

Average users, without knowledge, need way more than just a security software. Their systems need to be managed. By that I mean there are lots of things that average users need to be prohibited doing.

Edit: As F-Secure maintains its vice like grip on trying to be the king of FPs 😂😂

View attachment 286290
I have seen this always wonders what AV-C is up to? I have never experienced a false positive with F-Secure. But every single time that AV-C does one of their rounds of testing, they must have specially crafted files that they throw at F-Secure (and the others) and F-Secure detects something.

False Positives are no big deal. They are blown way out of proportion. The reason they are promoted as a huge deal is that the end user lacks the knowledge to know what to do. Going back to Square 1: Security is not software. It is a process (that involves people and those people need to have the knowledge).

Instead security software publishers promote and perpetuate user ignorance, and snowball societies into never making "security through knowledgeable and proficient users" a priority.

One need not be a 50 year IT Pro to be proficient enough to handle most security issues.

The other side of the coin is that people are people, and they will unravel security no matter what to do what they want to do. That is why devices need to lock users out of being able to do almost all of what they can do today on a Windows system. Their systems need to be managed.
 

Vitali Ortzi

Level 26
Verified
Top Poster
Well-known
Dec 12, 2016
1,580
Never have any FP with Trend, AV-C are a bunch of Noobs.
Fact they have false positives in their test doesn't mean you have encountered the same files and they probably use fake cracks for the test (look at the test methodology for more accurate information about the test )


Maybe you specifically aren't using all kinds of cracks activators etc
Since you have good behavior but doesn't mean all users wouldn't and the results are important to understand how much you can get impacted by false positives
(Low false positives means it's probably not too aggressive again piracy and those who use only popular safe software can use the most aggressive false positives avs )
 

bazang

Level 8
Jul 3, 2024
359
@Jonny Quest

Confirmation F-Secure is switching-out its own technologies for Avira's EPP = Endpoint Protection Platform:

1731719331460.png
 

Dreams&Visions

Level 1
Nov 16, 2024
32
@Jonny Quest

Confirmation F-Secure is switching-out its own technologies for Avira's EPP = Endpoint Protection Platform:

[...]
Since when does Avira employ a Behavior Blocker? I was not aware they have one since I last used it (>2y ago). I know they have HEUR(istics) and AVC (the cloud). I did not find anything on a quick Google search (apart from things which I knew from the GUI at all). Not aware of HIPS also?
 

silversurfer

Super Moderator
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,256
Since when does Avira employ a Behavior Blocker? I was not aware they have one since I last used it (>2y ago). I know they have HEUR(istics) and AVC (the cloud). I did not find anything on a quick Google search (apart from things which I knew from the GUI at all). Not aware of HIPS also?
AFAIK, the technology "Sentry" of behavioral blocking was originally developed by BullGuard, here you can find more information the forum thread from 2022:
 

bazang

Level 8
Jul 3, 2024
359
Since when does Avira employ a Behavior Blocker? I was not aware they have one since I last used it (>2y ago). I know they have HEUR(istics) and AVC (the cloud). I did not find anything on a quick Google search (apart from things which I knew from the GUI at all). Not aware of HIPS also?
As @silversurfer said. Avira has the Bullguard Sentry behavior blocker.

My guess about F-Secure based simply upon observed facts:

1. Avira components will have much fewer false positives (FP).
2. F-Secure is not doing well financially; a sale or an agreement of sale to GenDigital is possible.
3. The move to Avira components would then make sense.
4. Maybe GenDigital\Avira gave F-Secure a great deal to move to Avira technologies, and this would make sense if F-Secure is attempting to reduce costs?

Until the F-Secure leadership explains what it is doing in 19.9 and what changes and how they will affect the product ¯\_(ツ)_/¯ ???

F-Secure staff are not answering direct questions about the impending changes which is a sure indicator that something is up.
 

Szellem

Level 9
Well-known
Apr 15, 2020
416
As @silversurfer said. Avira has the Bullguard Sentry behavior blocker.

My guess about F-Secure based simply upon observed facts:

1. Avira components will have much fewer false positives (FP).
2. F-Secure is not doing well financially; a sale or an agreement of sale to GenDigital is possible.
3. The move to Avira components would then make sense.
4. Maybe GenDigital\Avira gave F-Secure a great deal to move to Avira technologies, and this would make sense if F-Secure is attempting to reduce costs?

Until the F-Secure leadership explains what it is doing in 19.9 and what changes and how they will affect the product ¯\_(ツ)_/¯ ???

F-Secure staff are not answering direct questions about the impending changes which is a sure indicator that something is up.
This is very bad news.
 

Lord Ami

Level 21
Thread author
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 14, 2014
1,041

Release 19.9 beta 2 (6.0.551)

Bug fixes:

  • Improved robustness of Device Protection installation (PBL-13781)
  • Visibility of banking sessions on ARM64 processor (PBL-13779)
Know issues:

  • During upgrade from beta 1 to beta 2, Device Protection components will be uninstalled, and then reinstalled, automatically. During the time period while Device Protection is not installed, Windows Defender will be activated, and there will be a notification from Windows about Virus protection being turned off.

The digital signature dates for both SentryEye.exe (7 Oct → 30 Oct) and Endpointprotection.exe (15 Oct → 13 Nov) were updated with this beta refresh. This is a good sign, as I recently checked these files on Avira's solutions and found them to be newer versions (compared to 1st beta). However, I didn't document the exact versions, so I can't confirm if they're identical now. UPDATE: They are identical.

Unfortunately the log files I previously outlined were cleaned. Checking the new logs tells me that the whole VDF package was completely reinstalled:

[info] [Core] [thread id: 704] [CoreSdk] Updated '0' files for 'avcp-engine' module
[info] [Core] [thread id: 704] [CoreSdk] Updated '88' files for 'avcp-vdf' module

EDIT:
Beta 1
  • Core: 2.0.1.8
  • Detection: 8.3.70.44 (2024-10-16T00:00:00Z)
  • EPP: 1.0.2410.4113
  • ODS: 1.0.2410.1851
  • Quarantine: 1.0.2410.1217
  • Remediation: 1.0.2410.1677
  • VDF: 8.20.38.124 (2024-11-12T14:15:25Z)
Beta 2
  • Core: 2.0.2.12
  • Detection: 8.3.70.44 (2024-10-16T00:00:00Z)
  • EPP: 1.0.2411.4265
  • ODS: 1.0.2410.1911
  • Quarantine: 1.0.2410.1266
  • Remediation: 1.0.2410.1753
  • VDF: 8.20.38.254 (2024-11-18T15:57:55Z)
 
Last edited:

Dreams&Visions

Level 1
Nov 16, 2024
32
As @silversurfer said. Avira has the Bullguard Sentry behavior blocker.

My guess about F-Secure based simply upon observed facts:

1. Avira components will have much fewer false positives (FP).
2. F-Secure is not doing well financially; a sale or an agreement of sale to GenDigital is possible.
3. The move to Avira components would then make sense.
4. Maybe GenDigital\Avira gave F-Secure a great deal to move to Avira technologies, and this would make sense if F-Secure is attempting to reduce costs?

Until the F-Secure leadership explains what it is doing in 19.9 and what changes and how they will affect the product ¯\_(ツ)_/¯ ???

F-Secure staff are not answering direct questions about the impending changes which is a sure indicator that something is up.
Quite shocking news for me, but it's the common game it seems, the big fish eats the small ones.
I wonder why they are about to completely dump technologies like DeepGuard?
I never used BullGuard, i know it was preinstalled in long gone days, when u used to buy your PC at Aldi. Medion is now a very big and common player (or maybe always was, however the visible marketing hasn't been there for long).
No idea how good BullGuard really is / was, I remember having read it's not that good, but when and where, IDK, as i have been team Avast in my younger days, and since joining here first, moving to Asia (now travelling there a lot, too, India is booked for February funny enough).

Long story short, thank you for the clarification :)
 

bazang

Level 8
Jul 3, 2024
359
I wonder why they are about to completely dump technologies like DeepGuard?
F-Secure is keeping DeepGuard for MacOS.

The name "DeepGuard" is actually only a marketing term. Within F-Secure's product line, "DeepGuard" works completely differently on different platforms. So the code bases are different for each protection feature or "technology" called "DeepGuard." Not many people know this.

Either the move to Avira is a consolidation step, or F-Secure has another reason to switch - such as laying off some of its development staff. It is cheaper to purchase components and then integrate them into your software and infrastructure than it is develop proprietary technologies internally. This is generally accurate.
 

Dreams&Visions

Level 1
Nov 16, 2024
32
F-Secure is keeping DeepGuard for MacOS.

The name "DeepGuard" is actually only a marketing term. Within F-Secure's product line, "DeepGuard" works completely differently on different platforms. So the code bases are different for each protection feature or "technology" called "DeepGuard." Not many people know this.

Either the move to Avira is a consolidation step, or F-Secure has another reason to switch - such as laying off some of its development staff. It is cheaper to purchase components and then integrate them into your software and infrastructure than it is develop proprietary technologies internally. This is generally accurate.
Wow, thank you for the heads up, did not know that!
Haven't invested in a MacBook yet (maybe I'm to bond to M$, IDK), but used to have iPhones and an iPod Classic (which unfortunately died lately, was quite difficult to find something comparable, good old times are long gone...).

I did like the AMSI protection they added lately, it worked quite well against scriptors, which IMO was quite a weakness of FS (and is of many AV; let alone the static (=signature based) detection). I wonder if it is comparable w/ BullGuard (in terms of protection).
Actually I'm not sure whether DeepGuard is also tied to some cloud, which calculates the danger of the tracked malware actions? Of course, the module gets some kind of local database from time to time each week, but it's tough to test it offline, it seems to recognize malware also by hash, and many (PEEXE) malware did require outbound to trigger detection (loaders, stealer) as far as I noticed testing.

I follow your guess that FS might go the way many AV have gone before, and just license technology (like Bitdefender engine being found in many AV out there, and being replaced in favour to Avira by FS also).
 

Lord Ami

Level 21
Thread author
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 14, 2014
1,041

Release 19.9 beta 3 (6.0.698)

New features:

  • Support for Thai language localization
  • Manual scans started while Device Protection update is in progress do not fail but are instead delayed until update is finished
Bug fixes:

  • Using backspace for navigation in Settings UI does not update selection
  • Narrator does not work properly with dropdown controls
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top