Jump to content
bld

STILL no IMAPS/POP3S/SSL scanning??

Recommended Posts

Wow -- I opened up the original thread in 2013 and almost SIX years later, after a scan of the current user guide, ESET on the Mac STILL hasn't reached feature parity with NOD32 to offer scanning of secure email and secure web sites. Pathetic. This is clearly not a serious product.

Share this post


Link to post
Share on other sites

SSL filtering will be included in v7 products which are planned for 2019/2020.

Share this post


Link to post
Share on other sites

I just downloaded the early access verision 6.7.400.0 that you appear to have posted just last month. I was hoping the docs were just out of date.

First off after the install, the launch of ESET COMPLETELY hung my machine, including commands as root in Terminal. I had to hard reboot my machine.

Now on reboot things appeared to look promising as ESET proceeded to as me about permitting a ton of outbound connections. And the screen for email looks promising in the preferences because it references the secure ports used for POP3 and IMAP. But are you saying that's a red herring, and that ESET can't actually scan encrypted data on those ports?

Screen Shot 2019-02-13 at 12.46.48 AM.png

 

So nope -- still no dice on secure email or web sites, As I mentioned in the original thread, I'm a software engineer familiar with stacks on both Windows and Mac -- and there's no way it would take SIX YEARS to provide SSL integration with these protocols. And you're still promoting email scanning in your literature and even worse showing the ports normally reserved for encrypted traffic in your POP3 and IMAP preferences. I'll repeat -- that's flat out deceptive. Shame on you.

I'm the fool for wasting another 30 minutes on this product -- installing, rebooting and cleaning it away from my machine.

 

Edited by bld
update on results of testing

Share this post


Link to post
Share on other sites

Hello bld,

The ports used for SSL communication were added both to HTTP and POP3/IMAP scanners in order to facilitate blocking feature - without seeing the encrypted content, we can still perform basic decisions based on the available information about the connection (mainly applicable in the HTTP scanner).

Rest assured we did not forget the request for SSL scanning - however, we analyze and prioritize new features based on many criteria, both from the users and the market in general and we strive to create a product with features that the majority of our user base will find useful in their everyday online activities.

With that being said, full HTTPS and POP3S/IMAPS scanning has now been confirmed, is already in the works and will be coming, as Marcos said above.

Regards,
Tomas

Share this post


Link to post
Share on other sites

Tomas,

Thank you for taking the time to respond. However, the "analyze and prioritize" argument just doesn't pass muster.  Phishing and malware in email and web sites are arguably two of the top most important security issues on any platform, and that content in email is extremely likely (probably close to 100%) to be over SSL  (I can't think of a single client on any of my machines that uses unencrypted traffic for email). Web site traffic is less likely than email to be encrypted but it's still very significant. The fact that you have gone SIX YEARS not covering this HUGE GAP in your security coverage does not give me faith in the tool whatsoever. It makes me extremely uncomfortable that ESET during this time continued to market the product as if it had this coverage when in practical terms it did not at all. I know "false advertising" and "fraudulent" are strong words, but that's how bad I think this was.

This is very sad too, because NOD32 is excellent.

I think at this point -- to have any hope of restoring user confidence in this product -- it would take a letter from your executive management posted here explaining without deflection why ESET so completely dropped the ball here.

BLD

Edited by bld

Share this post


Link to post
Share on other sites

I understand your concern and I don't disagree that each protection level is important, as it hardens the security, however, it is equally necessary to point out that the users are not left unprotected, because if a piece of malware theoretically makes it in via HTTPS, POP3S, or IMAPS, it will still face the Real-time file system protection.

Share this post


Link to post
Share on other sites

One of the most serious concerns today are phishing scams, which require inspection of actual email and web content. You are simply unable to do that today for a Mac.

And as far as malware goes, while your point about real time scanning is not without merit, I know you're certainly aware that recognizing the signature of malicious software before they start executing is far more effective at containing damage. Real time file system protection is of course vital -- but malware can still do a lot of damage even with that if it executes at all. The worst thing, however, is that most users are going to think they have a level of protection they do not -- even I, an experienced software engineer, had to really look twice to know that you weren't doing what your marketing materials claim. That's inexcusable.

I still feel like your response was a deflection. To ever consider this product for the Mac again, personally, I need to see executive management take real ownership, apologize and explain the lack of this critical functionality all this time and the deceptive marketing. I'm sure the vast majority of people buying this product right now think they are getting something they are not. It's not right that it takes people like me in your forums to point this out. It's that bad -- and until I see something in a public forum -- maybe even a big letter on your web site -- there is no way I'd entrust my Macs to your software. This is so bad it's making me take another hard look at NOD32, which I've relied on for years. You're in the trust business -- and ESET blew it big time with this. Frankly, I don't see how the Mac product was ever allowed out the door without secure email and web content scanning -- and the fact that you still don't have it after SIX YEARS is really just so absurd as to be beyond rational defense.

BLD

Edited by bld

Share this post


Link to post
Share on other sites

Thank you for your comment. To be honest, I don't recall a situation when a customer contacted us believing the SSL scanning feature was present when it actually wasn't - seldom customers asked whether it is included or not, but I don't think I remember someone actually being misled.

Can you please point me to the marketing material that made you believe SSL scanning was a part of the product? If there is a misinformation somewhere, we can certainly have it fixed!

Thank you.

Share this post


Link to post
Share on other sites

You're missing the point. You do state in your product literature that you support email and web site scanning, and to the average user the fact that you are not scanning SSL email or SSL web sites means that you will be skipping most of the content they would believe you are. Quickly, here are a few comments from product pages that I think overstate things at best:

"Comprehensive security and privacy online" . <-- the exclusion of email and web site content (the vast majority of which is encrypted) is hardly "comprehensive"

"Antivirus and Antispyware built on our record-breaking ESET NOD32® technology will help to protect your Mac against malware. Anti-Phishing steers you clear of websites stealing usernames and banking details." <-- "built-on" implies a superset of NOD32, and the Mac product doesn't even have feature parity, much less a superset. You also can't claim anti-phishing for non-encrypted email or web sites, so again the vast majority of that content.

And listing out the ports normally reserved for encrypted POP and IMAP in the default settings is misleading even for knowledgable users. When I saw that, I really had to double check that you meant.

IMO, you absolutely shouldn't be shipping this product without SSL email and web site support and probably not even without NOD32 feature parity. But if you're going to do so, you should be making a much bigger deal of the lack of SSL support, rather than making users figure it out by your lack of explicit mention. This is an expected feature of a security tool -- and for you not to have it is bad enough -- but to present things in such a way that it's hazy to end users is awful.

And I still am just stunned that here you are SIX YEARS later not having done so -- just indefensible.

I have said all that I can say on this. Either you'll recognize the huge loss of trust and try to fix it -- or you won't.

Share this post


Link to post
Share on other sites

I see where you're coming from. Most of the claims you listed can subjectively be understood in several ways, but in general, they are not false, nor misleading - e.g. the product is indeed built on NOD32 technology, as it uses the same malware detection engine, the same database, etc.

I also checked the product's online help pages and they only mention HTTP, POP3 and IMAP protocols, but nevertheless, I will ask our documentation team to include an explicit mention of no support for encrypted protocols at this time, to make it even clearer and more transparent - thank you for the feedback.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...