senna

In addition to my questions above: I am also a Mac user. As far as I know ESET is not scanning HTTPS traffic on Macs. Why is this handeled differently?

Thanks for all the comments on this topic. I appreciate alot. I am very interested how ESET handles HTTPS scanning in detail. What happens to my data, how does it de- and encrypt my connection? How does ESET handle scanned traffic including usernames, passwords, pivate data (documents, pictures, etc.)? I couldn't find any detailed information on this so far.

I am undiceded on this topic, following some of the news, e.g. "the security Impact of https interception" or "https interceptions weakens tls security". You may find some examples and arguments why https scanning does more harm than good. I definitely feel uncomfortable knowing of software scanning my encrypted connections.

I checked some of the settings and was wondering why programs like my password manager or my cloud encryption tool are being scanned too? They appear in the "List of SSL filtered applications". These are trustable software applications. I am not concerned that any of this peace of software would throw malware at me.

Isn't there any way of blocking https:// encrypted sites without tls interception? E.g. adding some kind of "browsing protection" checking the sites that are being visited against lists of reported phishing and malware-spreading sites.

Hi, in principle I don't like the idea of HTTPS scanning or TLS interception. I share views and arguments that TLS interception weakens the idea of a secure, private (encrypted) tunnel between a client and a server. I can't imagine why I want anyone to scan that information. In my opinion it s a matter of privacy. I am still not convinced that https scanning does more good than harm. If I am right ESET scans HTTPS traffic by default. I guess the idea behind is to catch bad encrypted traffic. So far I turned HTTPS/SSL scanning off. Isn't there any other way blocking bad https encrypted websites without tls interception? How much of protection do I have to sacrifice by turning HTTPS/SSL scanning off? Cheers.

There is no Eset product in the latest AV-Test for Android mobile devices (March 2018), Windows 7 Home User (February 2018), Windows 10 Business Client (February 2018) and 16 Client-Server Solutions for Windows 10 (April 2018). AV-Test and AV-Comparatives are one of my favorites institutes testing av security products. If a security solution is missing in these tests I wouldn't buy it in the future.

Yep. Using Microsoft Edge the tesfile is blocked. Using Firefox (v.59.0.2) it's still not working.

@Marcos No it's not. I can download it (8kb file) and can perform a manual scan but it's not detected as malicious

@Marcos Thanks for letting us know. v11.1.51 just works fine on my Windows 10 PC except of AMTSOs 'CloudCar Testfile' is not detected for some reasons. So far my Eset IS installation is on default settings.

You also may want to have a closer look at those sites: - https://thatoneprivacysite.net/ - https://www.privacytools.io/ I think they are quite informative and tell some interesting things about privacy. In my opinion a good VPN: - should not log your traffic, IP adress, DNS requests - and should not have any contradictory logging policies - should use strong encryption - uses OpenVPN protocol - should have IP-Leak protection, DNS leak protection - offers anonymous sign-up - is still fast enough Just a few points to think about.

It depends a bit on how experienced you are and for what reasons you want to use a VPN. Not every VPN is good. And you always have to trust a companies promise that they are not logging any of your browsing habbits. You can hide your IP (some VPNs do that better than others), and hide your browsing from your ISP but be clear that the VPN you‘re using is potentially able to record everything. So it‘s a matter of trust. Just write a few words what‘s your intention to use a VPN. I might recommend you some good sites reviewing VPNs.

Eset und welivesecurity suggest using 2FA where possbile. And I'd love to see more administrators implementing 2FA. But why has e.g. my.eset.com still no 2FA implementation?

Hi folks! There are two things I am wondering about since registrating my new license. First: After entering my license code to activate Eset on my computer, I realized that Eset is sending license information (license code, public id, username and password) via email unencrypted! So technically this email with my personal data could be easily compromised and read by others. I am pointing at that because nowadays even WhatsApp chats are encrypted. Second: After signing on my.eset.com to manage my license, I realised there is no two-factor authentication available. Regardless of using a strong and unique password, this is obviously another big missing security feature. I can manage some serious stuff on my.eset.com (release or change licenses, anti-theft, parantel control) so in my opinion adding another security layer should be taken for granted. Ho do you think about it? How important is encryption and securing account information to you?

Oh, I don't care about the performance part. I am sure ESET performs great protecting our computers. But through this test you can discover misconfiguration or bugs during installation routines. In my case 'Scanning for potentially unwanted applications' was not enabled although I put my preferences on default and reinstalled the software. As I figured out, this is already a known bug. Yep. Sorry for confusion. With ESET on Windows 10 it just works fine. I assumed Microsoft supports all the AMTSO tests. Phishing Test on my Mac still not working. I usually open support tickets. In my case I am still waiting for official response. But this is a great community to ask questions to and discuss problems. I bet lots of the problems you can be solved by community support

Thanks alot. Excluding Boxcryptor Drive helps for now resolving OS freezing.

Hi, is there any way to exclude local drives or folders from real-time scanning. As already mentioned in another thread (issues with Boxcryptor) I am experiencing performance issues and OS freezing when browsing or copying files. Hope there is any way to resolve this issue.

Just installed Windows 10 in a virtual machine (latest security updates). Windows Defender + Edge not blocking AMTSO Phishing test site either. No other software running.

I added another security layer (VPN which also blocks Phishing sites and supporting AMTSO tests) with the same result: Phishing Test Site is not being blocked. Issues due to changes at AMTSO test sites?

Hey @Jack's_Son, thanks for checking again. I started all over again coming out with new results: EICAR test files are blocked successfully now. PUA (.exe) still able to download. Phishing Page Check still fails. My results are very inconsistent and no idea why since settings were always on default.

I double checked again, with Safari (11.0.1) and Firefox (57.0) and I was able to successfully download following files: 1. RAR-SFX Format (EICAR test file) 2. ZIP-SFX Format (EICAR test file) 3. Potentially Unwanted Application ‘test’ file 4. CloudCar Testfile (only with Firefox 57.0) Regarding AMTSO this shouldn't be possible saying that ' your Anti-Malware solution is NOT configured correctly or does not conform with industry best practice.' 5. Phishing Page Check still doesn't work properly EDIT: All preferences are on default.

Hi, I am testing ESET Cyber Security Pro (6.5.x) on MacOS 13.1 (High Sierra) for now. I tried all of the AMTSO Feature setting checks but the 'Phishing Page Check' states that my Anti-Phishing features are not working. ESET 'Phishing-Protection' is of course enabled. Any ideas why AMTSO Phishing Test ist not working properly? Cheers, senna.

Hi, unfortunately this is a long lasting problem with real-time scanners on MacOS intercepting Boxcryptor file operations. Unfortunately there are only a few antivirus software solutions that work with Boxcryptor on MacOS without any flaws. Boxcryptor is aware of this problem saying they have no influence on real-time scanning incompatibilities. No issues experienced on Windows devices though. I am testing ESET Cyber Security Pro (6.5.x) on MacOS High Sierra (10.13) and Boxcryptor but still experiencing slowness and freezing while browsing encrypted files. Hope eset-team can look into this.