ESET Internet Security subscription expiring, not sure how long to renew

[RogerRoger 0]

My subscription to ESET Internet Security expires on May 11. I don't know how long I should renew it for (1 or 2 years), or if I should upgrade to Smart Security Premium. Because I'm getting conflicting information as to whether Windows 7 will be protected or not, and there are other things I'm not understanding, that I'm going to be asking about below.

I'm using Windows 7 with 0patch Pro.  Works great. This computer will not install any versions of Windows above Windows 7, not even Windows 8.  It just says, "Inaccessible boot device" whenever I try. Looking online, I see that many users have not been able to upgrade either. It can install Linux, but Linux is awful.

I did my research back when Windows 7 support ended, and I found that ESET Internet Security and 0patch Pro were the best combination for protecting my computer. For 66 USD per year (barring any price increases), I could use Windows 7 on this computer forever. But now both of them are talking about ending support.

ESET has stated that they can't update the actual version of the program, only the signatures, because:

"This is not because we at ESET would like to cut users with older OS but it's due to PE file signing requirements by Microsoft.

Azure code signing support is available via a Windows update only for Windows 7/8 ESU (extended security updates program) versions.

Currently ESET PE files are signed with a cert. issued by Entrust besides one issued by Microsoft ID Verified CS AOC CA 01, which, however, is going to expire on Dec 8, 2023 and cannot be renewed any more.

That said, v16.0 is the latest version for Windows 7/8. After the expiration of the Entrust certificate, updates for v16.0 will be limited since we won't be able to sign kernel modules and drivers with a SHA2 certificate any more. That said, we won't be able to bring you newer HIPS and EPFW modules."

Why does ESET even care about Microsoft or Entrust signing rules?  Do they think people who write viruses and other malware have those files officially signed? I believe ESET should just not have their programs signed, just as many free programs aren't signed. Either that, or find a company that will sign and issue a certificate for ESET to run on Windows 7. As far as I know, this digital code signing is not required.  Just tell users not to have a security policy that prevents running unsigned scripts.  There's also this alternative:

https://en.wikipedia.org/wiki/Trust_on_first_use  (Google "Trust on first Use" if this link doesn't post)

Also, ESET seems to think that it needs to have different versions of it's software for different Windows versions. As far as I know, any program that runs on Windows 7 will also run on Windows 8-11. Just code it to work on Windows 7, and that should take care of every machine.

Also, as people have said in these forums before, ESET and 0patch (by Acros Security), need to form an alliance and promote their products to users who can't install higher versions of Windows, or who don't want to. And then vigorously promote their products to the public. When people see that they can get their older computers back out and use them again, or can now use an older computer online again, I think ESET and Acros will see a lot of money coming to them. Most computers don't need anything beyond Windows 7 (Actually, many don't need anything beyond Windows XP.)  When businesses see that they can use older machines for the more basic things, such as the computers hotel clerks and people who work in offices who aren't doing digital creation or anything like that use, this too will bring in plenty of money for these two companies. These two companies are also based in the same general area of the world, which should make it easy for them to form an alliance.

This all said, how long does anyone think I should renew my Internet Security subscription for, and should I upgrade to Smart Security Premium or not?

[Marcos 5,070]

All software vendors have to fulfill Microsoft requirements, the make of the Windows operating system, otherwise their product would not install and run on current and future versions of the operating systems. Their kernel modules and drivers have to be signed by an ACS certificate in order to be loaded by Windows. Unfortunately there is no Windows update that would add ACS support to non-ESU versions of Windows 7 and 8 like it was in the case of SHA-2 code signing support (there was no such update for Windows XP for it).

ESET products v16.0 will continue to run on Windows 7/8, we expect to keep this version available for the next few years like it was in case of Windows XP when v9 had been the only available for the OS for several years after EOL. It's just that the HIPS and firewall module will not update because the kernel modules will have to be ACS-signed and this is not specific to ESET but to every sw/AV vendor.

[RogerRoger 0]

Well, it can't be true that programs HAVE to be signed or certified, because there are all kinds of programs on MajorGeeks and elsewhere that aren't.  And of course, malware is never signed or certified, but it executes and runs on Windows anyway.

Microsoft's stupid rules are the reason we need good malware protection like ESET and 0patch more than ever. I wish they would work on finding a way around these rules.

[peteyt 393]

I presume these are some of the newer security stuff with windows. Each new version does have newer protection so comparing to older versions isn't really applicable. I'd also add people would be put off by an AV not signed properly as it could look dodgy and you need to be able to trust your AV

You mention a Hotel Clerk using XP but surely any system a hotel would use would contain data, either just user data and/or card details.

I think in these days it's bad advise/practise to advise people to use an OS no longer officially supported and officially patched