Aryeh Goretsky

upgrade
Future changes to ESET Smart Security

616 posts in this topic

15 hours ago, itman said:

Please post a "sticky" in this forum and the NOD32 one that Eset's SSL Protocol scanning feature is not compatible with any other security software that does the same and list examples of such software e.g.

Ad-Aware Web Filtering

Adguard install version

NetNanny

etc..

The wording should state that either the software must be uninstalled or the HTTPS scanning option in the software disabled.

Also add such verbage to Eset's help documentation.

This will help in resolved issues with SSL protocol scanning in the Forums.

A beta version of Adguard was released that fixed the compatibility issue with ESET.

https://www.wilderssecurity.com/threads/adguard-ad-blocker.342850/page-81#post-2648358

" [Improved] WFP driver was updated to fix compatibility issues with KIS and ESET #1497

Previously, it was not unusual at all that Adguard would have compatibility issues with some antiviruses, and KIS and ESET being the most common ones. The workarounds existed but were far from ideal - you had had to sacrifice some parts of functionality on either Adguard or antivirus side. With updated WFP driver these conflicts will be no more, allowing users to run Adguard alongside with KIS and ESET. "

 

Share this post


Link to post
Share on other sites
On ‎2‎/‎2‎/‎2017 at 0:22 AM, Azure Phoenix said:

A beta version of Adguard was released that fixed the compatibility issue with ESET.

https://www.wilderssecurity.com/threads/adguard-ad-blocker.342850/page-81#post-2648358

" [Improved] WFP driver was updated to fix compatibility issues with KIS and ESET #1497

Previously, it was not unusual at all that Adguard would have compatibility issues with some antiviruses, and KIS and ESET being the most common ones. The workarounds existed but were far from ideal - you had had to sacrifice some parts of functionality on either Adguard or antivirus side. With updated WFP driver these conflicts will be no more, allowing users to run Adguard alongside with KIS and ESET. "

 

My comment in regards to Adguard is do you really want it intercepting and decrypting SSL traffic? Eset's SSL protocol scanning is already doing that and examining such traffic for malware.

Adguard in the past has not properly performed SSL scanning as noted here:

Different certificate, same key

The first thing I did was to install Adguard two times in different VMs and look at the root certificate that got installed into the browser. The fingerprint of the certificates was different. However a closer look revealed something interesting: The RSA modulus was the same. It turned out that Adguard created a new root certificate with a changing serial number for every installation, but it didn't generate a new key. Therefore it is vulnerable to the same attacks as Superfish.

I reported this issue to Adguard. Adguard has fixed this issue, however they still intercept HTTPS traffic.

I learned that Adguard did not always use the same key, instead it chose one out of ten different keys based on the CPU. All ten keys could easily be extracted from a file called ProtocolFilters.dll that was shipped with Adguard. Older versions of Adguard only used one key shared amongst all installations. There also was a very outdated copy of the nss library. It suffers from various vulnerabilities, however it seems they are not exploitable. The library is not used for TLS connections, its only job is to install certificates into the Firefox root store.

Ref.: https://blog.hboeck.de/archives/874-More-TLS-Man-in-the-Middle-failures-Adguard,-Privdog-again-and-ProtocolFilters.dll.html
 

Share this post


Link to post
Share on other sites

I'm sorry to say, I went with another AV software this year.  I have used ESET forever.  But two things bothered me with this 2017 software:  1) Too many choices, none of which met my needs (or maybe something did, but it was too ambiguous) - I want the best software, and I want 5 licenses that span across all my devices.  Now, maybe that exists, maybe it doesn't.  But it's not clear.  There were too many different flavors, and some had this and some had that.  Maybe they all had everything and I just didn't understand.  But it doesn't matter.  IMO, the choices need to be simplified.  Offer your best software across multiple platforms and give a choice for # of licenses you need.  Period.  I'll come back!  I like ESET.  But not this year.   2) Since when do I need to renew my licenses through MicroCenter?  No offense, I like MicroCenter and I like ESET.  But I don't like the renewal process this year.  And, now I know why MicroCenter pushes ESET so hard - there's obviously a strong marriage between the companies.  But, I guess it bothers me (for no good reason) that I have to renew through MC.  Thanks, but I'll pass.  And actually it kind of sours my opinion a bit of MC, since I always viewed them as the place to go to cater to everyone's individual desires... apparently that doesn't apply for AV software since they really really REALLY push ESET at the expense of many other major brands that they don't even keep on their shelf).  So, I'm taking the year off from ESET and MicroCenter.  I'll check back next year to see if ESET has simplified things, and if MC has decided to return to selling 'everything.'  (I don't plan on monitoring this and I'm not looking for feedback - I'm just letting you know why I left).

Share this post


Link to post
Share on other sites
2 hours ago, pgdudley said:

Since when do I need to renew my licenses through MicroCenter?

You don't. You can get a new license directly from Eset or any one of its authorized distributors.

Share this post


Link to post
Share on other sites
3 hours ago, pgdudley said:

1) Too many choices, none of which met my needs (or maybe something did, but it was too ambiguous) - I want the best software, and I want 5 licenses that span across all my devices.  Now, maybe that exists, maybe it doesn't.  But it's not clear.  There were too many different flavors, and some had this and some had that. 

Before v10 you could choose from ESET NOD32 Antivirus, ESET Smart Security and a Multi-device security pack for 4 users. What has recently changed is that ESET Smart Security has been replaced with ESET Internet Security (ESS without Anti-Theft) and a new product ESET Smart Security Premium has been added. On page https://www.eset.com/int/home/smart-security there's a list of products for home users along with an overview of features that particular products offer.

 

Quote

2) Since when do I need to renew my licenses through MicroCenter?  No offense, I like MicroCenter and I like ESET.  But I don't like the renewal process this year.  And, now I know why MicroCenter pushes ESET so hard - there's obviously a strong marriage between the companies.  But, I guess it bothers me (for no good reason) that I have to renew through MC.  Thanks, but I'll pass.

As I was informed by colleagues from the US:

"You do not have to renew through them, it just defaults that way if you originally purchased there. What you can do is call in and let sales know you want to purchase directly through ESET and that is okay."

Share this post


Link to post
Share on other sites

Please let us disable notifications when certain parts of ESS are disabled.

When I disable something, I do it for a reason, and I do not need to be told not to do it. In fact, I feel somewhat insulted by this. I paid money for this product and I want to use it however I want.

With the permanent big red exclamation mark that's showing because I consciously disabled certain features I actually can't be notified about real problems when something happens.

 

P.S. Window dimensions are STILL not being saved. I'm seriously thinking about not renewing my licence next time. There are way too many annoying things about this program, and noone cares to listen.

Edited by Octopuss

Share this post


Link to post
Share on other sites
1 hour ago, Octopuss said:

Please let us disable notifications when certain parts of ESS are disabled.

When I disable something, I do it for a reason, and I do not need to be told not to do it. In fact, I feel somewhat insulted by this. I paid money for this product and I want to use it however I want.

This has been there since v9. Open advanced setup and navigate to User interface -> Application statuses.

Quote

Window dimensions are STILL not being saved.

Do you mean the window that opens when you click the "Open in a new window" icon?

Share this post


Link to post
Share on other sites

Good! I didn't know about that.

By window dimensions I mean every and any program window that can be resized. For example, the advanced setup window. When you close it (by pressing ok obviously) and open again, it's back in the default size. This is especially painful with windows with lots of settings, like firewall rules window. And it applies to columns width as well. The end result is really crappy user experience, and changing anything is extremely annoying and generally pain in the butt.

Edited by Octopuss

Share this post


Link to post
Share on other sites

Following the thread: 

My suggestion are:

1.Make a setting in EIS to let us disable this "accessibility" feature that permits an inbound or outbound connection when an accidental "enter" or "space" key is hit in the interactive firewall popup window. I consider this a major security issue of the product.

2. Let us change the default action of the pop-up window from "Allow" to "Deny", so that when an accidental "enter" or "space" key is hit, the connection is denied. However it would be more useful that enter and space keys are disabled in the popup window (suggestion 1), and let the user choose depending on the situation.

Thank you.

Share this post


Link to post
Share on other sites

In regards to the recent publicized Cybellum bypass of AV vendors self-protection mechanisms, I will state this won't be the last attempt by Next Gen AI startups to discredit the establishment AV vendors.

What I suggest is Eset add a new detection category along the lines of the existing PUA/PUP detection. The category will be for potentially unwanted system utility applications i.e. PUS. This should cover all Windows system utilities that are not installed by default and not applicable to retail versions of Windows. This includes not only Application Verifier but apps like PsExec, etc..

I envision this as an optional GUI setting like the existing PUA setting is. Operation would also be identical in that if the system utility was detected by hash, an alert would be generated where the user could allow or deny its execution. If denied, the utility would be removed from the system.

Since these system utilities might be employed in commercial environments, I see this option applying to retail versions of Eset only.  

Share this post


Link to post
Share on other sites
On 25. 11. 2013 at 8:33 AM, nishadrox said:

1. Less talkative HIPS

Already there. It's called Smart mode.

Quote

2. Sandbox with full virtualization

Files are run in a virtual environment to determine the behavior.

Quote

3. Non-explorer GUI

Not sure what you mean.

Quote

4. Ability to clean detected malware on scan completion windows without using the option "Scan and clean"

Not sure what you mean. By default, detected malware is automatically cleaned without asking the user.

Quote

5. Sound alerts on detection

It's been there for ages but only for the on-demand scanner. We don't plan to extend it to web/email/real-time protection as the computer could been every while.

Share this post


Link to post
Share on other sites

Posted (edited)

How about adding a HIPS profile option?

One thing that I dislike about the HIPS is it lacks features like Comodo's Defense+ where options like Windows Update and Trusted Installer modes are provided. One can easily switch to those modes when doing like activities thereby preventing existing user HIPS rules from interfering with these processes activities.

It dawned on me that the same could be accomplished in Eset, I believe fairly easily, by allowing for like profiles for the HIPS to be created. A profile in its simplest form could be just to specify Eset default HIPS rules. The user could then just switch to this profile via HIPS GUI option prior to performing Win updating and then switch back to his existing HIPS rules profile upon completion of Win updating activities. Ideally, the HIPS profile option could be specified on the Eset desktop icon GUI selection options.  

Edited by itman

Share this post


Link to post
Share on other sites

Posted (edited)

Hi,

I'd like to request :

1) Built-in anti-malware, if not auto scan then atleast a built-in tool that can be manually run

2) PC tuner which will will delete obsolete files and registry such as left over after installing/uninstalling softwares, files and registry no longer in use or linked to any program, other junk such as cookies, temporary internet files etc

3) A manual tool to restore default host file, clear prefetch files, clear proxy settings in case they are set by a malware, clear page file / hibernation file. 

4) Boot time / native scan where the system is scanned for viruses after post but before operating system is completely loaded. This will help to eliminate infections that cannot be removed when the operating system is running.

I understand so many features may convert Eset to a heavier software while at the moment it is light weight. But I trust the developers will handle this.

Edited by PCdoc

Share this post


Link to post
Share on other sites
2 hours ago, PCdoc said:

Hi,

I'd like to request :

1) Built-in anti-malware, if not auto scan then atleast a built-in tool that can be manually run

2) PC tuner which will will delete obsolete files and registry such as left over after installing/uninstalling softwares, files and registry no longer in use or linked to any program, other junk such as cookies, temporary internet files etc

3) A manual tool to restore default host file, clear prefetch files, clear proxy settings in case they are set by a malware, clear page file / hibernation file. 

4) Boot time / native scan where the system is scanned for viruses after post but before operating system is completely loaded. This will help to eliminate infections that cannot be removed when the operating system is running.

I understand so many features may convert Eset to a heavier software while at the moment it is light weight. But I trust the developers will handle this.

Isn't a virus a type of Malware? I know as well as viruses Eset finds things such as potentially unwanted programs (PUPS). As for a PC Tuner, it's been asked for before and I doubt we will see it for exactly the reason you hinted at. Eset is a security suite and should really focus on that. For cleaning and stuff there are great free programs aka CCleaner.

Share this post


Link to post
Share on other sites
3 hours ago, PCdoc said:

Hi,

I'd like to request :

1) Built-in anti-malware, if not auto scan then atleast a built-in tool that can be manually run

2) PC tuner which will will delete obsolete files and registry such as left over after installing/uninstalling softwares, files and registry no longer in use or linked to any program, other junk such as cookies, temporary internet files etc

3) A manual tool to restore default host file, clear prefetch files, clear proxy settings in case they are set by a malware, clear page file / hibernation file. 

4) Boot time / native scan where the system is scanned for viruses after post but before operating system is completely loaded. This will help to eliminate infections that cannot be removed when the operating system is running.

I understand so many features may convert Eset to a heavier software while at the moment it is light weight. But I trust the developers will handle this.

Just in case Eset should consider this. I request that it be add it to a Premium type version and leave the Eset Internet Security version in it's present light weight state. It's hard to beat the protection and ease of use at under, right now, 55 MB of RAM and 0% CPU.

That way if people want the additional tools they can support it by purchasing the "Super Premium" version at an additional cost. I have no interest in more bells and whistles. All I want Eset to do is protect my systems and it does that exceptionally well right now.

Share this post


Link to post
Share on other sites

Description: The ability to change quick links
Detail: Not sure if I've mentioned this on here but it would be really handy if you could change the quicklinks that you see when you right click the eset icon in the taskbar.

For example some people will never use the gamemode but for people who game a lot being able to add that option to the quick link would make it far easier to turn on/off. Same with other options.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.