Jump to content

SeriousHoax

Most Valued Members
  • Posts

    355
  • Joined

  • Last visited

  • Days Won

    10

Everything posted by SeriousHoax

  1. Only decryption of TLS is ignored for sites using trusted certificate, but blacklisted hosts are/should still be blocked by TLD.
  2. Web protection not working properly, self-defense somewhat bypassed. Not a good week for ESET šŸ¤” An ESET official should privately contact Andy Ful on this matter to learn the method he used to disable ESET. He'll only share the details privately to an ESET official if they reach out to him asking the details and possibly take measure so that it doesn't happen again. As Andy Ful suggested, the preventive measure for this should not be a mere signature-based solution.
  3. ESET officials need to have a look at this matter and find the solution ASAP.
  4. Same here. But on Chrome and Edge it's not behaving correctly even in default settings. So, it's a far more serious issue as more people use Chrome and Edge.
  5. The above issue I showed in the GIF above is happening even when DoH is disabled in Edge. So, the problem is probably worse than we thought.
  6. Compatibility issue with DoH. Have a look at this weird behavior on Edge: https://ibb.co/1TXPwMs
  7. Well, now it's not even working for me in Chromium browsers. In Edge, the first time it blocks and then if I reload the page, it isn't blocked. On my testing Chrome Portable browser in another drive, web protection is not working most of the time even in default settings without DoH. Something is not right. It needs to be looked at fixed soon.
  8. Very interestingšŸ¤” I have two blocks. But mine is a twitter redirect not google.
  9. I don't know whose bug it is but for me the example site is not blocked even in Increased protection mode. I tested two other security products, but they don't have this issue on Firefox.
  10. When Firefox is set to use maximum or increased protection in DNS over HTTPS settings then ESET does not block blacklisted websites. For example, here's a VT link of a fake crack program website already in ESET's blacklist: https://www.virustotal.com/gui/url/5583ee6d3fa820c9c851f37746d9b5a896da37bc7ce93329d6dcc02e4b7d9daa/detection But with above DNS settings, it is not blocked: When I set Firefox's DNS over HTTPS settings to Off, ESET blocks it. There is no such issue on Chromium browsers: Edit: In case it has some sort of connection, ESET's web protection also doesn't work when used with AdGuard for Windows. Changing any network driver or other related settings has no impact. To be clear, in the explained scenario in my main post I'm not using AdGuard for Windows.
  11. The help link you gave above has the link to the extension in Chrome store: https://chromewebstore.google.com/detail/eset-browser-privacy-secu/oombnmpbbhbakfpfgdflaajkhicgfaam
  12. Did you really see ESET's certificate in Brave? I don't think ESET officially supports Brave and also based on your screenshot ESET is not decrypting Brave's traffic as expected. You have to manually add the Brave's exe to Application scan rules in SSL/TLS settings and set it to Scan. Also, I'm curious to know if "ESET Browser Privacy & Security" extension with Secure Search works in Brave. Do you know @Marcos?
  13. Do two more scans with Norton Power Eraser and Kaspersky Virus Removal Tool. These two are the best second opinion scanners.
  14. Thanks for this link, but I see that it only mentions some security software that have keylogger protection. I'm talking about incompatibility with apps like this one: https://www.omicronlab.com/avro-keyboard.html which is used by a lot of people in my region. ESET is not compatible with this app. An ESET staff on this forum told me that ESET will work to make it compatible but that was a while ago. Nothing has changed so far. I think ESET should add apps like this to the incompatible list.
  15. Since keyboard protection became default, I think ESET should have a support/help page where all the software that is known to be incompatible with default ESET settings should be listed.
  16. FYI, I have tested some other top products on the site and none of them detected anything. ESET's detection is correct for sure as confirmed by Marcos. This once again proves (to me at least) that ESET is the best at detecting malicious scripts on websites. Many times, ESET is the only one/the first one to detect such things.
  17. Yeah, all AV products with SSL scanning function bust ECH.
  18. It doesn't have to be Cloudflare DNS. Any DNS that supports one of the encrypted DNS protocols like DoH, DoT, DoQ works. For example, I use my custom NextDNS. BTW, for Firefox one may have to manually set "network.dns.echconfig.enabled" to True. There are methods to enable in Chromium browsers also.
  19. The thing is ESET's HTTPS scanning feature breaks Encrypted Client Hello. According to tests, SNI's aren't encrypted with default ESET. This is not just ESET of course, any product with HTTPS traffic scanning breaks it. Only Adguard For Windows can apply ECH( even though it decrypts TLS connection like ESET) if you allow its DNS protection feature (enabled by default) and enable ECH from Advanced settings. It makes Adguard handle the DNS and apply ECH. So maybe this is not possible unless AV products with HTTPS scanning feature like ESET handles DNS encryption by supporting ECH. ECH is still not finalized and currently mainly supported by cloudflare services I think. But looks like eventually it will become a standard. So I'm curious how ESET is going to handle this case. Sites to test if ECH is working or not: https://tls-ech.dev/ https://defo.ie/ech-check.php https://crypto.cloudflare.com/cdn-cgi/trace/ For the last test site, you'll have to check if, sni=plaintext/encrypted.
  20. As Marcos said it could depend on the number of files you have. Also, if it's a HDD then some higher disk usage is expected. It has almost no impact on SSDs.
  21. My assumption is somewhat wrong then probably. Maybe a troll or a random geek using new persona on security forums. Admins/Mods can delete my comments if required since it's a feedback thread.
  22. I'm 100% certain that this @adulwahabis a fake account aka bot that was created just to post a positive comment on this thread. It has to be either from ESET or Intel. The ChatGPT like writing style, the picture and the fact that it was the first and only post from that account so far is a clear giveaway. If you do an image search, you'll find this image on a random Indian website. It's also not hard (for me at least) to guess this person's religion just by looking at the photo which doesn't match with the name. Really poor and unnecessary marketing attempt. Regarding my Intel TDT experience, "I'm an AMD user".
  23. Hi @Marcos! Wondering what this particular malicious script does? Does it redirect to malvertisements or something else?
×
×
  • Create New...