Future changes to ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium and ESET Ultimate Security

[Sonoran Desert 7]

Description: Make the email tag message shorter and editable.

 

Details: Have it so email tag messages are shorter with less cryptic database and virus definition info and just have a short message (with the link to ESET) with something like "scanned with ESET Smart Security, a better way to fight malware" or something similar. Possibly make the tag message editable for a custom message with the link to ESET.

 

Veteran ESET power users might chortle and guffaw at this simple request but in my wife's business she talks with and emails many people who don't know anything about computers and malware, it's all mysterious to them. Many of them have "computer problems" stemming from getting malware installed on their systems. They run Norton or McAfee (or other inferior AV's) simply because it was pre-installed on their computer/device and just keep using it, not knowing any better. At times, in the course of conversation, chit-chat, some of my wife's clients complain of "yet another virus" and ask my wife what she uses and she tells them ESS (and recommends Malwarebytes Pro along with ESS for an unbeatable combination). Of course, they've never heard of ESET and their computer "fixers" never recommend ESET either. They just keep bringing their infected computers back to the shop, or have the shop log in and remove the malware, not getting advice to try a better malware solution.

 

This suggestion is presented as just a simple way to "grass roots, word-of-mouth" advertise ESET. In my opinion, people who don't know anything about computers or just don't want to fuss with their malware solution should only be running ESET anyway. ESET is simple to install and works perfectly at all default settings with no tweaking required, perfect for a novice. Everyone emails and having the simple ESET tagline link might make people who don't pay attention to computer security aware of ESET and hopefully try out ESET.

Edited May 4, 2015 by Sonoran Desert

[itman 1,746]

When is Eset going to fix this and other security issues of SSL protocol scanning mentioned in the below referenced article?

 

Disabling of HTTP Public Key Pinning

 

 Each and every TLS intercepting application I tested(Avast, Eset, and Kapersky) breaks HTTP Public Key Pinning (HPKP). It is a technology that a lot of people in the IT security community are pretty excited about: It allows a web page to pin public keys of certificates in a browser. On subsequent visits the browser will only accept certificates with these keys. It is a very effective protection against malicious or hacked certificate authorities issuing rogue certificates.

 

 Browsers made a compromise when introducing HPKP. They won't enable the feature for manually installed certificates. The reason for that is simple (although I don't like it): If they hadn't done that they would've broken all TLS interception software like these Antivirus applications. But the applications could do the HPKP checking themselves. They just don't do it.

 

ref: https://blog.hboeck.de/archives/869-How-Kaspersky-makes-you-vulnerable-to-the-FREAK-attack-and-other-ways-Antivirus-software-lowers-your-HTTPS-security.html

Edited May 8, 2015 by itman

[rugk 397]

Yes the important point there is:

But the applications could do the HPKP checking themselves.

(the same is valid for OCSP stapling too BTW)

 

BTW here is the complete topic about this: https://forum.eset.com/topic/4806-ways-anti-virus-software-lowers-your-https-security/

Edited May 9, 2015 by rugk

[itman 1,746]

Yes the important point there is:

But the applications could do the HPKP checking themselves.

(the same is valid for OCSP stapling too BTW)

 

BTW here is the complete topic about this: https://forum.eset.com/topic/4806-ways-anti-virus-software-lowers-your-https-security/

What Eset should be doing is not unencrypting sites with EV certs. like Avast and Kapersky. Validate the cert pinning path and leave it at that. 

 

If you can't trust a web site with an EV cert., you shouldn't be doing business there.

[rugk 397]

What Eset should be doing is not unencrypting sites with EV certs. like Avast and Kapersky. Validate the cert pinning path and leave it at that. 

 

If you can't trust a web site with an EV cert., you shouldn't be doing business there.

 

Well... the researcher (alias the author of the blog post) mentioned that none of the AVs he tested would do this. So all would not scan EV certificates.

As for ESET this is wrong as I showed in the topic I linked.

 

However back to your suggestion. Even some guys who want to spread malicious files could register a EV-certificate. It would be quite expensive for them and they would maybe have to hide behind a (fake) company, but it could be possible.

Or just think of the file hosters which use an EV certificate.

 

However on the other hand of course sites which host static content (or at least no user-submitted files) could be excluded this way. So I would agree to have an option in the SSL scanning settings to exclude all EV certificates from SSL scanning, but not to do this automatically. The user should be able to choose whom he trusts and whom not.

Edited May 10, 2015 by rugk

[itman 1,746]

 

What Eset should be doing is not unencrypting sites with EV certs. like Avast and Kapersky. Validate the cert pinning path and leave it at that. 

 

If you can't trust a web site with an EV cert., you shouldn't be doing business there.

 

Well... the researcher (alias the author of the blog post) mentioned that none of the AVs he tested would do this. So all would not scan EV certificates.

As for ESET this is wrong as I showed in the topic I linked.

 

However back to your suggestion. Even some guys who want to spread malicious files could register a EV-certificate. It would be quite expensive for them and they would maybe have to hide behind a (fake) company, but it could be possible.

Or just think of the file hosters which use an EV certificate.

 

However on the other hand of course sites which host static content (or at least no user-submitted files) could be excluded this way. So I would agree to have an option in the SSL scanning settings to exclude all EV certificates from SSL scanning, but not to do this automatically. The user should be able to choose whom he trusts and whom not.

 

I posted this under a topic in the Smart Security forum and will duplicate here. I believe this is the best overall solution. Also I don't believe this suggestion wouldn't be too difficult for Eset to quickly implement.

 

Here's my suggestion to make SSL protocol usable. Add an option to the Eset's desktop taskbar icon display to turn SSL protocol scanning on and off. You can even add time intervals that it will remain off. This way I could easily turn off SSL protocol scanning when I wanted to use a site where I wanted my privacy maintained and when finished, easily re-enable SSL protocol scanning.

Edited May 10, 2015 by itman

[kakashi 6]

Eset corp for the master peace eset 9

Details here.

Add a new 4 firewall artificial intelligence technology protection

That be more accurate ,focus ,turbo speed blocking,deep scan attack,and ports,anti bypass firewall and anti brute force,ping protection and fast response, reduce false and positive firewall attacks or detection

,fix firewall crash and bugs

Add new engines for better detection

1. Ai codes engine =this will analise all codes running or hidding this can increase to detect any virus or any modifications

2. Ai header engine =scan full software or anything from the inside

3. Ai advance heuristic =this will help

To detect more complex infections

4. Ai forensics engine = this will detect more difficult and strong virus mechanism

And run a full diagnostic if is safe or not what the detect

5. Ai.cloud engine detection = this is for maximum deep detection analise everything

6 AI dll engine = this is very important most of the virus hide uaing dll and anti virus fail to detect it or a haker manipulate a dll to enter to your pc and the anti virus fails and cant block it

7. Ai smart strong engine for sistem defense. = this block any manipulation of the software ,registry,network and settings,polity ports, dll,keyboard,webcam,browser,flash,java,script,text,audio ect virus or any malware can bypass this.

8. New Ai smart anti exploit mitigation

= what this you say, this protect you from any exploit, from new ,old,and unknown

This protect any software holes ,like bios,cpu,hardware,mac addresses network exploit ,bugs ,drivers,crash,incompavility,errors,java,flash, webcam, keyboard and network ip and protect you in real time and you can add any software that no is included in the anti exploit mitigation to be protected and monitored if is attack this increase the security

8 ai new smart engine anti publishing = this can help in real time detect if the page is fraud ,fake,scammer,modifie,, this can detect the full page code And tell you what part of the page is not secure ,for example baking online ,logging online,sensitive information,https if is secure or encrypted ,check the domain is safe or fake and prevent malware spread

Ect

9.ai advanced anti spam engine ,= detect deep spam scams scammers bots hide attachment infected ,full page deep analysis.inpection ,detection,prevention blocking,and emails and links . Ect

10.Ai smart network intrusion and Ids and protection =

Detect all type of network attacks ,bots ,botnet,script network attacks brute force anti exploit attack,network holes ports,https vulnerability ,new unknown attack,dos attack ,mac adrees flooding ,memory flooding,hardware and harddrive flood or attack ,ip flood,ip fragmentation

Mac high jack remote ,dns protection dns encryption,wireless protection detect all wireless attacks Windows host protection

Cooking protection etc

11.new design software

-low memory impact

-low cpu impact

-low hardware and harddrive impact

12. Add turbo fast scan ,deep scan

New rootkit scan

13.add new network monitor

See all conection running and what internet usage you have been used on total

14new firewall rule and port bloking

Add to block or edit any port incase you want to block a port or restrict access to something like a program, port or remote

Add denied access to Windows programs running on network or stop it ,check if is safe name and details

Add instant notification for all

For example you computer have been compromised and is blocked

And for unknown ports so you know is something wrong ,for example unknown port have been detected program name is ect

Add ai ssl new secure sll protocol that cant be intercepted or exploit or be vulnerable

Add a new fast intelligence run package but that dont slow down the pc performance

Add out date it software scan, so this checks for new updates and pach it like browsers java flash ,framework or programs

Fix firewall always slowdown internet speed test and loading

Fix in the.firewall take to much junks on the internet crash or stop working or get super slow

Just helping make the ultimate software master peace

[kakashi 6]

Fix eset driver crash and instaling and unistaling problems

Make a new anti stealth protection that protect your files to been steal and prevent criptolokers virus to encrypt your files and take over the sistem or share

Make a new eset filter network protection

Add low impact starting up

[rugk 397]

@kakashi

Just shut off your computer then you have the protection you are suggesting. And your computer will be "turbo speed blocking" any "anti stealth protection" and "criptolokers" (yeah crispy lockers, bad things) and "dont slow down the pc performance" while blocking "any malware can bypass this". Don't forget you will have a "dns encryption" ("nothing" is quite undistinguishable I think, so that's encrypted), a "new secure" "ssl" "protocol" "that cant be intercepted"¹ and of course a very "low hardware and harddrive impact".

The "Ai header engine" can take a header if water is in your computer so everything spouts out. The "Ai smart anti exploit mitigation" will protect you from software which tries to mitigate exploits, which is the only useful thing to do because it would be bad if you miss heroic deeds.

And all "software holes ,like bios,cpu,hardware" will be blocked too of course. So all this software holes are not needed anymore. Just uninstall your BIOS, CPU or hardware. No problem! Additionally "bugs" will be smashed as these crawling critters don't have a warm and comfortable environment in your computer. And the "keyboard" blocking is by default of course - no one needs a keyboard.

"4 firewall" will protect you from "artificial intelligence technology" - just image all these AIs which try to kill people. All of them will be barbecued! (There's only one problem: What will happen to the other AIs like the "Ai forensics engine"?)

The "smart engine anti publishing" is not really new but very effective - usually it's called "control my brain". But of course it's improved as it's smart now. Now it will not only control the brain of one user it will also try to control other users brains with whom the user spoke.

"Add a new fast intelligence run package" - Yes of course the next NSA marathon will come soon!

"Fix eset driver crash" - No the ESET drivers are reliable, there driver's license was never revoked at all and all

"Add low impact starting up" - Until you are not hitting your shutdowned computer you already have a low impact.

 

¹ (quite difficult to bring the words into the right order while still quoting correctly...)

Edited May 29, 2015 by rugk

[SlimRock 6]

my 2 cents advice! 

[kakashi 6]

It see you hated me the way you talk are you ok... they are simple ideas in order to make a better product mr rugk

[kakashi 6]

I found in eset 9 some bugs. The icon look in blank the firt time installing crash

The scan engine very slow

Try to reduce memory from 100mbs to 50 or 40mbs this can help

Nope firewall errors for the moment

Idont see the anti exploit mitigation and the anti exploit log

Try to reduce ping network impact this can help page load more faster

Fix the start up have higth impact

Add new smart diagnostic like

Network

Performance

Memory

Anti virus engine

Report automatically crash

Report https website certificate error bugs or vulnerability and sll problems

And protocols filtering

Report firewall crash or bugs

This help mode send it automatically to the developer

You try to add anti backdoor technology ,prevents any software ect open a backdoor or webpages

Ect

[SweX 871]

Try to reduce memory from 100mbs to 50 or 40mbs this can help

 

Because ? And help with what exactly ? Do you even know why the RAM usage is like it is ?

(sorry for only quoting one of your requests...I simply don't have time to ask questions about each one)

 

No, rugk doesn't hate you, don't be silly kakashi. It's just that we are all concerned about what would happen with the products if you were head of development at ESET.    ESET could easily loose over 50% of their user-base if they did a 360 with their product lineup, and started to offer something totally different. If we would go over to Kaspersky's, Symantec's, Bitdefender's, Avast's, Webroot's etc etc... forum and copy your post and paste it there, do you think they would appreciate it, or not ?

(People use their products (just like ESET) because they like them, not because they want the products to become something totally different.)

 

Why do you even use ESET if you don't like it and want it to change so badly ?

There are over a 100 other AVs you can try out if you like, maybe one of them will suit you better.

Edited May 29, 2015 by SweX

[rugk 397]

Thanks @SweX and @kakashi no I'm not hating you. I'm just showing that most of your ideas are not "simple ideas in order to make a better product" in an ironical way.

So if I'm suggestion something I would at first try to write at least in decent English. I'm not an native English speaker too and my English is not nearly perfect, but anyway you can at least try to put the spaces, commas and other things at the correct position. Additionally you can even just use an online translator tool like Google Translator or - if you want to write it yourself - an (Online) dictionary for English to look up words (especially the spelling) and installing an English spell checker in your browser should also not be that difficult.

Secondly I'd like to remember you about my "suggestions" for you I posted some time ago:

Okay, seriously now...

1. This is a feature thread, so please don't report problems here.
2. Check before posting whether these features are already included in ESS.
3. The first post in this topic includes an explanation how you should report ideas (for features etc) here.
4. Also pay attention to the blue message there!

 

Also you can't just add some nice sounding words to a feature to improve the feature. Even if ESET adds a "super-intelligent smart enhanced advanced ultra-power-heuristics-engine AI with super turbo fast implementation protection" this doesn't change anything. Calling things like this may be impressive in pokémon games, but in reality that's just gibberish.

And these are the obvious things which make your post (to say it polite) not that useful, so it also won't help you if add things like "don't ignore this this is important for all the security users" like you did in your last post.

And I don't want to get into detail now, but in my first reply to your post you can already get some ideas of how useful or reasonable some of your ideas are - and most of the post just consists of quotes from you.

 

Anyway just keep in mind that I'm not saying you shouldn't express your suggestions here and of course I'm not hating you. You just have to suggest features which are not taken from a pokémon game and most importantly they have to make sense! And you have to explain your features, just throwing words around doesn't help anybody and as I "explained" your ideas in my first reply you can see what they look like.

Or tell it as Arey wrote, because I doubt you read the first post (although I've linked several times to it now):

 If you have a specific feature or functionality you would like to see added (or improved) please post it here, but general requests to "make things better" are not helpful because they do not give ESET detailed enough information.

Edited May 29, 2015 by rugk

[kakashi 6]

Add a full compavility for eset 9 for other anti virus and engines dont conflict and reduce the pc performance if they are 2 antivirus or other security programs installed

Add enchanted firewall

Add enchanted anti publishing =why most antivirus fail to detect I fraud page,fake page,scammer ect

I recommend add advanced scan anti publishing that scan the full page code and domain in orden to check if is real or fake or modified to prevent fraud and steal money and credit cards ect

Add enchanted anti botnet protection

Add enchanted hips self defense protection

Add enchanted network protection

Add enchanted protocol filtering

Add to block any port or unblock for gaming or any program and for some other security reasons / to prevent attacks from any specific port ect

Add strong ping protection and network performance

Fix the eset icons crash in in blank

.increase the speed scanning

Add better detail from any virus .what he do in order you to know

Fix the network deny the network klbs still running supposed to be zero klbs running from that deny programs running on the pc ect fix that

That all for now just helping

[rugk 397]

No it won't be better if you use a wrong-written version of enhanced instead of AI. And no, you don't need to try it with advanced next time...

But if it amuses you...

[kakashi 6]

Eset corp 
To eset smart 9 add ssl protol filtering anti exploit shild network protection  =to prevent exploits or brute force in the ssl protocol

Fix the ssl protocol some  t time a normal page dont work say network not detect it. And i need to start  refleshing  the page for example google , and everithing is fine  is the protocol filtering some time do the same when i do a  speed test

Maybe the protocol dont the detcect the conect correr or have some issue conecting to some pages fix that please

Not all page are the same, some use advance encription other user nolmal encription ,other use other page format maybe that create a conflic, some page have a lot of errors  this maybe cold afect

Update the protocol filtering and add this engine    smart ssl protocol filtering deep  analise= this will analise any format page or encription if there is something not compatible or have any error  or domains dns will automatic report you.

Edited June 8, 2015 by Marcos
Formatting removed

[kakashi 6]

Fix the sll protocol filtering  is preventing to acess some web page like goole or any other fix that

 

Add smart ssl protocol filtering = this will analise any web page encription page format,dns,domain , in other if there any error this mode will automatic report ,   some web page use new encription cold create conflic  other use old enceription and new webpage  format.

 

Add smart anti exploit shild  in the sll protocol filtering to prevent any exploit ,in any port  and web pages

Edited June 8, 2015 by Marcos
Formatting removed

[kakashi 6]

 i type it 2 time but is ok 

[Marcos 5,259]

@kakashi: With all due respect, please post reasonable suggestions and refrain from using capitals which is not permitted by TOS.

[SweX 871]

@kakashi: With all due respect, please post reasonable suggestions.

I reckon that all of his suggestions and ideas are perfectly realistic and reasonable to him. But I'm not worried, it's not like ESET will take notice and implement any of it, especially when 99% are nothing but made up fancy words taken out of the blue. I guess he has a wild fantasy or something that he get all funny ideas from.

Edited June 9, 2015 by SweX

[itman 1,746]

I would also like to see SSL protocol scanning decoupled from e-mail scanning. I very much need this feature to scan my Thunderbird encrypted e-mail received from my e-mail ISP. I don't want to turn it on for browser use however.

[rugk 397]

@itman

Nice idea. But if I'm remembering correctly in v8 you can include and exclude applications for SSL scanning, so this may solve your problem.

[itman 1,746]

@itman

Nice idea. But if I'm remembering correctly in v8 you can include and exclude applications for SSL scanning, so this may solve your problem.

The "excluded applications" option turns off all protocol scanning for the selected app. I do want my browser HTTP traffic scanned; just not the HTTPS traffic.

[User 13]

I would also like to see SSL protocol scanning decoupled from e-mail scanning. I very much need this feature to scan my Thunderbird encrypted e-mail received from my e-mail ISP. I don't want to turn it on for browser use however.

 

 

It's already implemented:

 

First activate SSL scanning, after that you can deactivate https-scanning under

Web and E-Mail -> Web protection -> HTTP, HTTPS