- Mar 16, 2013
- 582
Any comment about IE10 blocking malware better than Chrome, FF, Opera? The discussion here is about that---not Windows.
IE10 beats Chrome, Safari, Firefox at blocking web malware
- Thread starter DrBeenGolfing
- Start date
- Status
DrBeenGolfing said:
I'm impressed to be honest, I might start using it more. I was out right shocked that it did better than chrome.
- Mar 16, 2013
- 582
I'm not an IE fan, but I use SlimBrowser which uses the IE10 engine and adds loads of features which puts it in the same usability league with Chrome, FF, Opera.ZeroDay said:
- May 11, 2013
- 1,687
DrBeenGolfing said:
*caugh* *caugh*
I am not talking about windows, but i cannot go around the fact that IE is a integral part of it agree? So to explain things you have to mention certain things.
Now skipping the windows talk i would like to see a test, using IE 10 and SS with those same links but then re-uploaded and renamed to a different server.
See if IE 10 blocks those files then, if it does then it shows serious progress by MS, if it does not then we know that SS only blocks known stuff which can be easy done running a AV.
The reason for this is simple, that TEMP file that i mentioned has been a issue for years with IE.
9 out of 10 times the security in IE has been enhanced, but failed at the last moment because of those TEMP files as they offered a way to infect the pc and bypass the security settings.
Now let me say this again i am really impressed with the scores so far, but history shows that even with such results we should be skeptic.
And thats why i request a slightly different test.
Because i fear that the smartscreen filter is based upon the data gathered from the windows users pc (The reporting tool in win defender, malicious software removal tool, and MSE as these 3 programs report ones every 15 minutes to MS.)
And if thats the case then great as it will add to the security, but also we should caution with suing IE as it brings a false sense of security due the fact that large scale malware distributions will be blocked as they are "known" in a matter of hours, but those single infections might still get in because they are not listed yet.
See my point?
- Mar 16, 2013
- 582
Are you Leo Tolstoy's long lost twin brother?n.nvt said:
http://www.microsoft.com/windows/antivirus-partners/windows-7.aspx
Those are MS Partners - wonder how much MS code is in their products?
- May 11, 2013
- 1,687
[/quote]
http://www.microsoft.com/windows/antivirus-partners/windows-7.aspx
Those are MS Partners - wonder how much MS code is in their products?
[/quote]
Well i can tell you beyond the reasonable doubt that there is not much Windows code in there as MS does not release its source code.
As MS has stated many times, however they do have a source code sharing center. But the source itself will not be made public.
So the odds that you will find actual windows code in third party will be virtually NIL. With the exception of the basic frameworks.
Do you have any datum when you are going to reply to it?
or do you need to google it.
Cheers
http://www.microsoft.com/windows/antivirus-partners/windows-7.aspx
Those are MS Partners - wonder how much MS code is in their products?
[/quote]
Well i can tell you beyond the reasonable doubt that there is not much Windows code in there as MS does not release its source code.
As MS has stated many times, however they do have a source code sharing center. But the source itself will not be made public.
So the odds that you will find actual windows code in third party will be virtually NIL. With the exception of the basic frameworks.
Lol i asked you a question in the previous post
Do you have any datum when you are going to reply to it?
or do you need to google it.Cheers
- Mar 16, 2013
- 582
The point of THIS THREAD is "IE10 beats Chrome, Safari, Firefox at blocking web malware." That is posted on the top line of every post on this thread.
I've posted NSS Labs report and two long-standing malwaretips.com members videos that show the same results.
You have posted your opinion - most of them rambling expositions of...your opinion.
Start your own thread and tie all those opinions together in it.
Bty - I don't read your posts because I find them tedious, rambling, over-long, lacking in any fact references of independent sources , and overall, boring.
I've posted NSS Labs report and two long-standing malwaretips.com members videos that show the same results.
You have posted your opinion - most of them rambling expositions of...your opinion.
Start your own thread and tie all those opinions together in it.
Bty - I don't read your posts because I find them tedious, rambling, over-long, lacking in any fact references of independent sources , and overall, boring.
Gnosis
Level 5
- Apr 26, 2011
- 2,779
Funny you should say that; I did such fine job of attempting to strip it from my system that Bill Gates would have to come over to my place to help me install ANY version of IE. It is very broken within my OS. Last time I tried to install a new version it took forever and would never finish installing. I don't even know why I tried in the first place.
I understand that the malware prevention within it might be top-of-the-line, but that is not enough to make me even come remotely close to wanting to switch to IE.
And I asked you a question some posts back but you seem to have dodged it. So I'll ask again - Have you got a link to this test you speak of where 19 samples bypass UAC?
- May 11, 2013
- 1,687
ZeroDay said:
Sorry ZeroDay,
Thanks for the heads up.
I did not notice your post, there was no intention to dodge it at all.
That being said it has been a while ago that i did see this test, so it will take some time to find it as i do not known anymore who this dude was.
But rest assured if i cannot find it anymore i am sure that i can find something just as good.
In the meantime you might have a look at newer Zeroaccess Rootkit versions to start with.
As this particular malware has been known to bypass, Smartscreen, MSE, Windef and UAC. Symantec
Cheers
- May 11, 2013
- 1,687
DrBeenGolfing said:
Listen dude, thats all fine ok but let me say this to you only ones:
If you find my posts rambling, over-long, lacking of facts and references of independent sources and boring, thats fine by me.
You have to keep in mind that everyone is entitled to his or her opinion and that there will be discussions where not everyone agrees with each-others findings agree? But that does not necessarily mean that someone is per definition wrong or right, so instead of slamming the door on someone who tries to explain something and take the time and effort to write a post you can for example do your own research, or tap from your own experience or just ask for references.
There is no need to slam the door on a person, as its just rude.
That being said if you want to challenge what posters write, or if you wish to challenge what i have written, then please do so.
Now i do not have beef with you and i am looking forward to your next post, but if its going to be another slam at my address then i respectfully request that you do not post at all.
None including me has anything to gain from a flame war on a fine webpage.
I registered several days ago here on this forum, because its a very nice community and with a wealth of knowledge, so everyone wins and if my knowledge can help a bit then even better.
But i did not sign up to be told by you what i am doing right or wrong.
Now in regards to your NSS reports and 2 video's of longstanding members.
I do not challenge their findings as i repeatedly said that i find it pretty fantastic, and believe it or not i am pretty happy to see that features like Smart screen enhance the security of a clients pc.
However i also voiced some concerns about those very same features based upon finding in the past.
Does that make your post any less? or does it make untrue? not at all dude.
But i will say this:
You asked me for independent sources, uhhmm remember NSS is a MS partner (Payed and funded) just hit google: NSS Labs funded by Microsoft, and while you are at it type: NSS Labs bias
So next time when you slay me or anyone else for that matter you might wanna check your own sources and do your home work.
On top of that i raised a concern based upon earlier findings, and one of those findings was that the Smart Screen Filter is based upon a reputation system which collects data from the user and if found malicious will add it to a blacklist so that the feature in windows 8 can protect users right?
Now lets assume that i am a malware creator and i create myself a nice code, pack it into a application and have it signed with some certificate.
Then my malware is unknown yet and appear to be legit (Like for example some newer bogus software does) Then i upload it to a seemingly good host and the some sorry user will download my program and Smart Screen will not be able to stop it as its database has not yet a reputation or analyses report of it.
In the mean time during downloading there will be a TEMP file made, this TEMP file is actually a copy of the very program you are downloading and the past has proven that some viruses can jump from that TEMP file into your windows system, without user intervention.
As i mentioned before the tests shown in the 2 video's are done using "known" malware agree? So its only reasonable to assume that Smart Screen would block them, and it did (Well done) however my critique was not aimed at the current findings, but my critique was aimed upon the scenario that i just did describe as this has been a issue sinds Smart Screen got implemented into the IE browser.
In regards to UAC being bypassed and Windows Defender being unable to stop some malware using this technique has been shown enough on the Internet.
Now i hope you understand what i am saying and i invite you to a constructive discussion about this, as again i am not challenging your findings and neither do i challenge the provided data.
And i have asked if someone could test this.
Also i would like you to study this webpage (The Zero Day Initiative (ZDI)
Which is a respectable organization working with the white hacker community and CanSecWest conference (As well as other major international events)
These are all Smartscreen, Inprivate browsing, DEP and Windows Defender & MSE but above all IE9, 10 Vulnerabilities (Most are fixed tho...)
Which confirms my concerns as most of them are of these attacks are engineered to appear legit. And thus get past the browser security.
Obviously these are just tests, and results may be different in a real world environment, but this same applies for the NSS report as they stated that results of the browser test might differ from real world situations, and that was exactly what i was trying to point out.
So can we trow away the war axe?
Kind Regards
N.NVT
- Status
Similar threads
