I was gifted multiple Emsisoft keys (through various forums, I get keys gifted to me from people). I personally found it to be top notch but (I'm a Linux user and have no use for Antivirus on my Windows partition as it's purely for games and only rarely connects to the internet for online games) I put it on my mother's computer and she had quite a bit of trouble with blocked websites (web guard) and a lot of popups for behavioral blocking. I could have toned it down but I felt there was no need for it so I just moved back to MSE.
I would be wary about flash-tests results. The methodology is, in my opinion, very broken. It works on a set of 'stages' for malware ie: if you catch malware 1 you are tested against malware 2 and if you miss malware 2 they don't bother testing malware 3. That's not how it works in the real world.
On top of that there's no distinction between a definitive result (ie: blacklist signature/ definitive heuristics) and a user interaction (ie: This program tried to run? Block? Sandbox?). I can write a program that universally injects a .dll and intercepts all calls to the system - I've just broken every piece of malware, but it's gonna be the biggest pain in the ass to run to the point where there's no security at all. There's a fine line when it comes to HIPS.
@Thrawn,
Apparmor's wonderful. And if you're looking for an AE you can set Grsecurity to deny execution from a UserID and then simply log in from that ID (you can deny socket access etc and have a really 'least privilege' account).
@Tom,
Too true. Zero day season never ends nor will it ever.
Review of the Top Picks in 2012 0-Day Benchmarks
-
Hungry Man
- Junior Member
- Posts: 43
- Joined: Wed Oct 19, 2011 9:42 pm
Re: Review of the Top Picks in 2012 0-Day Benchmarks
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.13 (KHTML, like Gecko) Chrome/24.0.1284.2 Safari/537.13
Re: Review of the Top Picks in 2012 0-Day Benchmarks
AppArmor is basically an application boundary enforcer for your operating system. You write profiles that define the normal behavior of your applications, and deny all other activity. If you're dedicated enough to define comprehensive profiles for everything you use, then you can enforce a restrictive global policy on everything else. Very much like ABE.Tom T. wrote:Something equivalent to AppArmor looks to be far beyond the scope of the average (Win/Mac) home user, although by definition *nix users tend to a much higher tech level. Shame.
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.
True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.
True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:16.0) Gecko/20100101 Firefox/16.0
Re: Review of the Top Picks in 2012 0-Day Benchmarks
Which sounds far beyond the scope of the average (Win/Mac) home user, as said.Thrawn wrote:.... You write profiles that define the normal behavior of your applications, and deny all other activity. If you're dedicated enough to define comprehensive profiles for everything you use, then you can enforce a restrictive global policy on everything else. ...Tom T. wrote:Something equivalent to AppArmor looks to be far beyond the scope of the average (Win/Mac) home user, although by definition *nix users tend to a much higher tech level. Shame.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:16.0.1) Gecko/20100101 Firefox/16.0.1