Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
HTTPS scan: should you enable it?
Message
<blockquote data-quote="avatar" data-source="post: 909998" data-attributes="member: 22875"><p>DNS filtering software is kinda my expertise (see AdGuard DNS, AdGuard Home, etc, etc) so let me please comment.</p><p></p><p>It is easy for any software to avoid DNS filtering. Use DoH/DoT, load stuff from legit domains, simply use plain IP addresses. Besides that, being able to scan the response content is crucial for threats detection. What's the point of developing all these complicated heuristic algorithms if you cannot apply them.</p><p></p><p></p><p></p><p>Let's google "Chrome zero-day exploit 2020" and see what we get on the first page.</p><p></p><p>1. CVE-2020-6519 - allows bypassing CSP to run <strong>Javascript</strong></p><p>2. CVE-<em>2020</em>-6418 - exploits a bug in Chrome's <strong>Javascript</strong> engine</p><p>3. A news piece about 11 zero-days discovered Google Project Zero in 2020. 5 of them were discovered in browsers: 3 in Firefox, 1 in IE, 1 in Chrome. All 5 are <strong>Javascript</strong>-based.</p><p>4. CVE-<em>2020</em>-6418 again</p><p>5. CVE-2019-5786 - potential RCE, exploitable with <strong>Javascript</strong></p><p>6-10. Articles on CVE-<em>2020</em>-6418 and CVE-2020-6519 again.</p><p></p><p>I hope you've got the idea.</p></blockquote><p></p>
[QUOTE="avatar, post: 909998, member: 22875"] DNS filtering software is kinda my expertise (see AdGuard DNS, AdGuard Home, etc, etc) so let me please comment. It is easy for any software to avoid DNS filtering. Use DoH/DoT, load stuff from legit domains, simply use plain IP addresses. Besides that, being able to scan the response content is crucial for threats detection. What's the point of developing all these complicated heuristic algorithms if you cannot apply them. Let's google "Chrome zero-day exploit 2020" and see what we get on the first page. 1. CVE-2020-6519 - allows bypassing CSP to run [B]Javascript[/B] 2. CVE-[I]2020[/I]-6418 - exploits a bug in Chrome's [B]Javascript[/B] engine 3. A news piece about 11 zero-days discovered Google Project Zero in 2020. 5 of them were discovered in browsers: 3 in Firefox, 1 in IE, 1 in Chrome. All 5 are [B]Javascript[/B]-based. 4. CVE-[I]2020[/I]-6418 again 5. CVE-2019-5786 - potential RCE, exploitable with [B]Javascript[/B] 6-10. Articles on CVE-[I]2020[/I]-6418 and CVE-2020-6519 again. I hope you've got the idea. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
