Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Bitdefender
How does Bitdefender web protection work in Android?
Message
<blockquote data-quote="Trident" data-source="post: 1045290" data-attributes="member: 99014"><p>Scanning can be achieved in few ways. It can be done by using a service (accessibility permission required as well as permission to draw over the app). The service should be light, as light as possible and also, battery optimisations for it should he disabled. Even though the service can check various data such as DNS records (location, time of registration and others) and take a decision this way, it will be unable to scan the content using heuristics the way it will be done on Windows. The service doesn’t have access to the browser cache. Hence, it can’t scan HTTPS traffic even if it performs MITM.</p><p></p><p>The second way scanning could be done is via VPN tunnel in which case the product can easily intercept all traffic from anywhere. In this case it may be possible to implement some heuristic analysis, but it will be too expensive on battery life.</p><p>HTTPS scanning is possible in this case.</p><p></p><p>Third way is via autofill extension (Norton patent about to be implemented). In this case, the extension can read the page as soon as the keyboard is brought up and detect brand impersonation/phishing. On iOS the same can be done via Safari extension and ZoneAlarm is already doing it. HTTPS scanning is not needed in this case.</p><p></p><p>There is also the option of replacing your default browser with a fictional one that both sends the link for real-time analysis in the cloud and brings up your real default browser. This is performed by Avast and it looks like Sophos does the same, at least on iOS.</p></blockquote><p></p>
[QUOTE="Trident, post: 1045290, member: 99014"] Scanning can be achieved in few ways. It can be done by using a service (accessibility permission required as well as permission to draw over the app). The service should be light, as light as possible and also, battery optimisations for it should he disabled. Even though the service can check various data such as DNS records (location, time of registration and others) and take a decision this way, it will be unable to scan the content using heuristics the way it will be done on Windows. The service doesn’t have access to the browser cache. Hence, it can’t scan HTTPS traffic even if it performs MITM. The second way scanning could be done is via VPN tunnel in which case the product can easily intercept all traffic from anywhere. In this case it may be possible to implement some heuristic analysis, but it will be too expensive on battery life. HTTPS scanning is possible in this case. Third way is via autofill extension (Norton patent about to be implemented). In this case, the extension can read the page as soon as the keyboard is brought up and detect brand impersonation/phishing. On iOS the same can be done via Safari extension and ZoneAlarm is already doing it. HTTPS scanning is not needed in this case. There is also the option of replacing your default browser with a fictional one that both sends the link for real-time analysis in the cloud and brings up your real default browser. This is performed by Avast and it looks like Sophos does the same, at least on iOS. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
