ichito

Level 6
Verified
Content Creator
A demand for free solutions which protects computers is high, so we couldn’t skip this type of security tools. Most of the tested solutions achieved a slightly different result which to some extent reflects the fact that developers share information about threats. However, there is no doubt that the Check Point SandBlast Agent for Browser extension has gained the leading position (remember that its free version protects only against phishing).
Test of web browser extensions for protection against malicious software

uBO?...where are you?
 
5

509322

The test results make perfect sense based upon what and how the test was performed. One has to read the entire test notes to understand the results.

I'll give the clueless a hint... anti-phishing wasn't tested, address blocking wasn't tested, web-content blocking was not tested,...

The data in this study proves that merely blocking web-content based upon lists provides very little to overall security. It's a fact that is well accepted except by browser-extension crazed security forum members.
 

Burrito

Level 18
Verified
Check Point SandBlast is the interesting product in the test.

It's apparently linked to their enterprise product and/or other Check Point products.

So, apparently.... we can't really use it -- without other Check Point products.

Does anybody know anything different?

It's right 'there' -- ready to be added to Chrome. Any 'secret' tweaks to make it work?

Check Point SandBlast Agent for Browsers
 
  • Like
Reactions: oldschool

Slyguy

Level 42
Verified
Too bad they didn't test the FortiClient Chrome Extension. Hehe

Also, I do not trust Checkpoint either way. I assume uBlock did poorly because it simply depends on lists and really only checks TLD, not actual malware activity so it's probably useless in that respect.

Finally - Panda no longer tries to install SafeWeb extension when you install Panda Dome (paid) products.
 

ichito

Level 6
Verified
Content Creator
uBO is mainly a adblocker. so there is no problem that it missed so much. its not the job from uBO to block malware.
Realy??...so why they say on his page
uBlock Origin is NOT an "ad blocker": it is a wide-spectrum blocker -- which happens to be able to function as a mere "ad blocker". The default behavior of uBlock Origin when newly installed is to block ads, trackers and malware sites
gorhill/uBlock
I think people beleve that due to uBO installation they are protected and perhaps you know that some of them even disable filtering modules in installed AV to have "better" protection. uBO have gained milions of users but maybe few thousands know how good prepare this addon to work.
 

Slyguy

Level 42
Verified
Speaking of this.. A regional online news source I read 'requires' adblockers to be disabled to view it. Today I went to read the latest news, disabled adblocker, and Gryphon fired off on the website constantly. Big fan of layered security here.

G_malware.png
 
  • Wow
Reactions: Handsome Recluse
5

509322

Realy??...so why they say on his page

gorhill/uBlock
I think people beleve that due to uBO installation they are protected and perhaps you know that some of them even disable filtering modules in installed AV to have "better" protection. uBO have gained milions of users but maybe few thousands know how good prepare this addon to work.
uBO does not block malware downloads. That is what was tested. IP address\URL\web-content blocking was not tested.

The malicious file samples were obtained via honeypots and tested as a drive-by download from essentially private\non-public LAN IPs. It is explained in the test notes.

uBO will never succeed in drive-by download testing because it is merely a web-content blocker as Gorhill explains. It does not inspect any downloads whatsoever. It merely blocks IP\URL\scripts that are in a list.

Web content filtering is good for ad blocking, but for malicious site blocking it is only marginally effective. The only ones who think that malicious web content filtering is of utmost important are browser extension crazed security forum members.

It is so trivial to bypass blocking by what is in a list. Such blocking offers the equivalent of 1 in 100,000 protection.

Of course one can get much better protection out of uBO by configuring it for every single website, blocking javascript, third party scripts, etc, etc. However, only a minute number of people go through all the trouble because it is a major hassle.