Slyguy
Level 40
CheckPoint, Bastion of Unit8200 talent. Zone Alarm back channel stealing data off systems, etc. Checkpoint has likely been weaponized by the IDF and someone has to be a masochist to use it.Check Point
IMO uBlock Origin shouldnt be there, it is a wide-spectrum blocker (the best) and can improve the security by a very large margin, but it isnt a traditional security extension made to block zero day malware download.
For me the winner is Malwarebytes Browser Extension, the reason for that is because CheckPoint is a paid solution, more akin to FortiCloud Sandbox/Palo Alto Networks' WildFire class of product.
For me the winner is Malwarebytes Browser Extension, the reason for that is because CheckPoint is a paid solution, more akin to FortiCloud Sandbox/Palo Alto Networks' WildFire class of product.
Agreed on Point #1 especially. Advanced user medium mode can afford more protection from malware-infested ads, but not websites. Not its job. But how many people actually know of and use uBO this way? Learning curve is simple with some trial and error. I can usually un-break a site with 1 or two clicks. Really only some built-in filters needed. No big deal.
@Evjl's Rain's test results speak for themselves.
What more to say?
Who the hell uses uBlock Origin to block malware? I use it to cosmetically remove ads. That being said, how many here have run into a phishing site unknowingly? I've never in my life run into a phishing site.
5
509322
5
509322
1. uBO is primarily an ad blocker with very limited malicious domain blocking capabilities.
2. Virtually no one ends up on phishing sites.
3. Malicious URL block lists are often stale and obviously behind the curve. What gets reported to the malicious URL gatherers and list compilers is only a fraction of what is out there.
4. The browser extension craze is pretty laughable, but it appeals to those that want free. And extensions are heavily promoted by that whole tin foil hat, privacy fanatic crowd.
Last edited by a moderator:
That's why I disable Malware Domains and similar lists on uBlock Origin because Google Safe Browsing is better anyway and I haven't had a hit with that or Quad9.
I expect email links I'm going to click anyway.
Community lists vs list from a big company.
I expect email links I'm going to click anyway.
Community lists vs list from a big company.
Last edited:
Mariihh
Level 2
I respect your opinion, but I'd rather rely on CheckPoint than on American companies, Edward Snowden, who says that, in addition to other minds around the world, the EUA is number 1 in spying on everyone else
Slyguy
Level 40
US Govt. has massive budgets and can do significant levels of spying on the entire planet. For US Citizens, the use of such data is limited, if not impossible so it serves them no purpose in most cases as while they can collect the data, they cannot utilize it because it isn't paired with actionable intelligence to authorize it. It's also a violation of the US Constitution. For anyone not a US Citizen, those protections aren't in place and the data is a free for all for the most part. Also remember, contractors and public domain intelligence aren't as well protected so that's almost a free for all. There are 'ways' around restrictions, such as CIA operations on US Soil is proxied by a rep from the FBI fronting the activity at the behest of, etc.I respect your opinion, but I'd rather rely on CheckPoint than on American companies, Edward Snowden, who says that, in addition to other minds around the world, the EUA is number 1 in spying on everyone else
But for a non-US Citizen, I probably wouldn't use US Based stuff to be honest. If I wasn't based in the US you'd never catch me using it because those consumer protection laws, state and federal constitution aren't there for you. I'd actually be more inclined to toss my data over to Germany, with the decent German privacy laws (and their acute awareness of govt. overstep) and GDPR. Also some firms have signed the TeleTrust agreement which further enhances your security and privacy. Gdata is one company that signed the TeleTrust agreement.
The result - a “No Backdoor” guarantee. With this, the IT company based in Bochum, Germany, undertakes not to provide any holes for intelligence services in its security solutions. G DATA does not leave backdoors open, thus guaranteeing not only the best possible, but also reliable, protection against online threats. This point is very important for companies that take privacy and the forthcoming EU basic data protection regulation (EU-Datenschutz Grundverordnung; EU-DSGVO) seriously. In addition, G DATA promises that the leveraging of personal data and telemetry information is reduced to a minimum. As such, the principle of the EU-DSGVO is already being upheld - and, more than that, the processing of such information and data takes places exclusively in Europe.
So your point is very valid!
Slyguy
Level 40
Wonder how Terra Privacy's new phishing block extension will do after it is released on Dec15?
PhishViewer, Terra Privacy LLC
PhishViewer, Terra Privacy LLC
The malware filterlist of uBlock are futile compared with ip/URL block lists of extensions of AV/UTM companies.
When the number of blacklisted IP/URL ranges into millions in stead of thousend, a browser extension using cloud or server side black list is probably a lot faster and effectieve than client/endpoint stored black lists.
So even when uB0 was tested with in it's functional scope (malware blocking on URL) it would probably ended last also.
There are twice as much websites as there are people on this Planet, which makes URL blocking a number game.
It should be seen as additional protection, not as core defense for malware protection.
When the number of blacklisted IP/URL ranges into millions in stead of thousend, a browser extension using cloud or server side black list is probably a lot faster and effectieve than client/endpoint stored black lists.
So even when uB0 was tested with in it's functional scope (malware blocking on URL) it would probably ended last also.
There are twice as much websites as there are people on this Planet, which makes URL blocking a number game.
It should be seen as additional protection, not as core defense for malware protection.
Last edited:
This thread made me aware of Sandblast. The only perfect product in this test.
They are now testing a browser extension. Maybe a few of you smart-guys should test this thing out and let the rest of us know how it goes.
See details at link below.
Do you want to influence an upcoming Check Poin... | CheckMates
although I believe in their tests, I suspect they are always sponsored by a vendor
for example, in previous tests, Arcabit was always top of the list but in the hub, it was average
in this test, they used a lot of words to describe Checkpoint but not anything else + checkpoint requires an external hardware to work so it's unfair for other standalone extensions
and how does avast online security block exe? It can never block exe. That's fact because that's how it works
for example, in previous tests, Arcabit was always top of the list but in the hub, it was average
in this test, they used a lot of words to describe Checkpoint but not anything else + checkpoint requires an external hardware to work so it's unfair for other standalone extensions
and how does avast online security block exe? It can never block exe. That's fact because that's how it works
5
509322
AV lab tests do not provide generic protection results. I don't know why people cannot grasp this fundamental fact. AV lab test results apply only to the specific test(s) performed using the specific samples\simulators used in the tests.
You cannot extrapolate any AV lab test result to encompass everyday use. It just doesn't work like that. AV lab testing is a sub-set of all possible eventualities. Comparing AV test lab results to malware HUB test results is erroneous for a lot of reasons.
Last edited by a moderator:
A more practical test would be a test of the additional blocking over Google/Yandex Safe Browsing.
YossiH
New Member
I am the product manager in Check Point for the endpoint security products (including SandBlast Agent and SandBlast Agent for Browsers).
I want to assure you that we did not sponsor this test in any way. Actually, I, as a product manager was not even aware of this test until it was published.
Also, the solution does not require any hardware appliances as it can rely on a cloud service. However, the extension is provided as a part of our SandBlast Agent solution which provides very advanced EP threat prevention capabilities in addition to the browser extension. It does require a license that has some costs associated with it.
Regarding the below post, we are actually considering productizing the extension as a separate product with dedicated enterprise grade cloud management and we are looking for some feedback about our plans.
Do you want to influence an upcoming Check Poin... | CheckMates
You are encouraged to approach me on yossih@checkpoint.com if you want to be a part of the product advisory board for this.
Yossi
I want to assure you that we did not sponsor this test in any way. Actually, I, as a product manager was not even aware of this test until it was published.
Also, the solution does not require any hardware appliances as it can rely on a cloud service. However, the extension is provided as a part of our SandBlast Agent solution which provides very advanced EP threat prevention capabilities in addition to the browser extension. It does require a license that has some costs associated with it.
Regarding the below post, we are actually considering productizing the extension as a separate product with dedicated enterprise grade cloud management and we are looking for some feedback about our plans.
Do you want to influence an upcoming Check Poin... | CheckMates
You are encouraged to approach me on yossih@checkpoint.com if you want to be a part of the product advisory board for this.
Yossi
Welcome to MT Yossi,
We need to get you registered as a rep here. Maybe @Jack can assist with this. We like industry reps here.
I hope you stick around and keep us abreast on the developments of SandBlast.
The product was impressive in that test.
For clarity -- would the product be developed for the consumer market? Would it be an independent extension much like the relatively new Malwarebytes Browser Extension? (Malwarebytes Browser Extension)
With very good extensions from Malwarebytes, the recently improved TrafficLight, and new Emsisoft extension.... will the SandBlast extension be similar?
If you plan to charge for the extension, what will it have that the aforementioned extensions don't?
Thanks,
v/r Burrito
Similar threads
Latest Posts
-
SECURE: Complete Gandalf_The_Grey's Security Configuration for 2019- Latest: Gandalf_The_Grey
-
Latest Threads
-
Discuss Have you seen a drive by download in the wild?- Started by blackice
- Replies: 10
-
Discuss Is FortiClient for Linux worth it?- Started by Threadripper
- Replies: 4
-
