Scheduled Scans

[Skier 7]

A lesson learnt the hard way.

An Intel NUC11PHKi7C (Phantom Canyon) with a 1TB M2 SSD (boot disc with Windows and all program installations) and an 8TB M2 SSD for all my data (document, pictures, video etc.)  This latter drive was where the ESET Encrypted Drive.eed was created.

There needs to be a means of recovering the contents of an ESET Encrypted Drive.eed when created on a drive (whether boot drive or not) following, for example, a Windows reinstall or, in my case, the failure of the boot drive but the data drive (on which the ESET Encrypted Drive.eed was created) was fine.  In these circumstances, this data is irrecoverable.

Edited November 8, 2023 by Skier

[itman 1,659]

8 hours ago, Skier said:

There needs to be a means of recovering the contents of an ESET Encrypted Drive.eed when created on a drive (whether boot drive or not) following, for example, a Windows reinstal

The solution here is to modify or replace existing ESSP Secure Data with Endpoint Encryption feature: https://support.eset.com/en/kb7432-using-virtual-disks which supports virtual drives created on another system. It also includes the ability to backup/restore the keystore file.

[Damjan 8]

I noticed that ESET v17 is coming out soon. I also noticed that you will add a new product, one ecer ESET Security Ultimate, which will also have a VPN (this is commendable). However, I feel that another very important feature is missing, namely "File shredder".

It's a shame you didn't include this in your future products, it would greatly improve your program. As noted by other experts in the field of protection, one of the shortcomings of your program is the missing VPN (which will now be added) and File shredder.

I hope that you will be able to add File Shredder to your program soon (maybe even in version 18, if it is not already in v17 - which is a shame).

[czesetfan 29]

Why was Android "killed" in the Main GUI ?   😭 👎 

[jadorwin 1]

Description: Support Encrypted Client Hello (ECH) with SSL
Detail: I would like that when "analyze SSL/TLS connection" is enabled and that the browser support ECH like Firefox, then ESET use ECH to connect to websites. Check https://www.cloudflare.com/ssl/encrypted-sni/ with and without ESET analyzing SSL/TLS connection.

[itman 1,659]

59 minutes ago, jadorwin said:

Description: Support Encrypted Client Hello (ECH) with SSL
Detail: I would like that when "analyze SSL/TLS connection" is enabled and that the browser support ECH like Firefox, then ESET use ECH to connect to websites. Check https://www.cloudflare.com/ssl/encrypted-sni/ with and without ESET analyzing SSL/TLS connection.

Not sure this is an Eset problem.

According to this;

Quote

ECH is enabled by setting network.dns.echconfig.enabled to true, network.dns.http3.echconfig.enabled to true and network.trr.mode 3.

https://www.reddit.com/r/privacy/comments/13canhc/a_guide_on_how_you_can_enable_ech_and_http3_in/

On my Firefox installation, network.trr.mode is set to default setting of 0. Force setting it to a value of 3 still does not enable Secure SNI.

Also it appears this is the correct Cloudflare HTTP/3 test: https://cloudflare-quic.com/;

Edited November 25, 2023 by itman

[Marcolino 0]

Description: Feature to trick sandbox-aware malware

Detail: Implement a (optional) feature that tricks sandbox-aware malware to "think" that its running inside of a vm

like the "vaccination" feature from "HitmanPro.Alert" to prevent the malware from executing.

Idk. how this could be done exactly. Maybe with placing some environment variables or some common sandbox folders or registry keys of some reverse engineering software like Ghidra etc.

Would be pretty cool to think that you could beat some malware samples with its own weapons..

I guess the amount of sandbox-aware malware will increase more and more over the upcoming years.

[Nightowl 202]

I wish for an Application Control that is similar to Kaspersky's App Control , Trend Micro's App Control

It can give more control on what runs on the PC and what cannot run

 

Thanks ESET.

[jadorwin 1]

On 11/25/2023 at 6:11 PM, itman said:

Not sure this is an Eset problem.

This is an Eset problem. I have configured correctly Firefox and If I uninstall ESET everything is working perfectly and secure SNI is enabled (you can see that in the first screen capture). When ESET is installed and acting as an SSL proxy, then it's not working anymore.

[itman 1,659]

On 12/4/2023 at 1:11 PM, jadorwin said:

This is an Eset problem.

Actually, it's a problem for any AV solution currently performing HTTP/HTTPS scanning. See this posting/thread on the subject: https://forum.eset.com/topic/38340-web-access-protection-and-encrypted-client-hello-ech/?do=findComment&comment=173774 . Appears the only security solution that performs HTTP/HTTPS scanning that has figured out how not to bust ECH tunneling is AdGuard and only if using their DNS servers.

-EDIT- "To add to this mystery" the Cloudflare test web site: https://www.cloudflare.com/ssl/encrypted-sni/ is excluded from Eset HTTP/HTTPS scanning which can be verified by mouse clicking on the web site page lock symbol and noting that Eset's root cert. is not shown. However if Eset SSL/TLS scanning is disabled, then the Secure SNI test passes. One possibility is Clouldfare is redirecting to this web site: https://crypto.cloudflare.com/cdn-cgi/trace/ to perform the Secure SNI test. This web site is scanned using Eset SSL/TLS processing.

Edited December 7, 2023 by itman

[czesetfan 29]

When will the products be automatically renamed, e.g. "Internet Security" to "Home Security Essential" in the main GUI window?

Depending on the length of the license, the "old" names could still be in the products for years. 

[dh27564 0]

I would like to suggest ESET provide the ability to wake the computer from sleep to conduct a scheduled scan.  An in-depth scan on my machine takes 8+ hours and I would prefer to run it overnight when the computer is not being used and in sleep mode.