Domain: matousec.com
Stories and comments across the archive that link to matousec.com.
Comments · 7
-
I believe in facts..
You might want to check this one out here.
Matousec Is a pretty much trusted and sought after penetration tester's group though I as an individual cannot confirm if they're legit or not (no offence Matousec) :| -
Re:Just copy the arguments you fools!
If you copy the buffers passed in by the user to another location, and then when you pass the call on, use the buffer at the protected location, then the user mode software can not replace arguments.
"The faker thread cannot modify the value of the pointer, because it is copied to the kernel stack, hence not accessible from user space. However, the pointer refers to a region in the user memory and contents of this region can be changed. If the change occurs in the right time (after the security check but before the execution of the original system service), the hook is bypassed"
-
Re:KB976036 has conflict with Comodo Firewall
Comodo is not only a firewall but an excellent intrusion prevention system (bundled with a crappy antivirus). It *is* a great product to have for free and it is not comparable to a hardware firewall. The point of Comodo is to prevent new executables from performing malware related activities (such as monitoring the keyboard) or even running without your permission. Of course its also a firewall. But Comodo, unlike the built in Windows Firewall, won't let applications change its rules without user intervention.
Really, modern firewalls are very different products to hardware firewalls... take a look here: http://www.matousec.com/projects/proactive-security-challenge/results.php
-
Solution, compare and choose
Choose your antivirus from one of these http://www.av-comparatives.org/, and firewall from these http://www.matousec.com/projects/firewall-challenge/results.php. Hope it helps
-
getting a clue.
I don't know what "the relative risks" means, but since none of my Windows machines are in a botnet
...I'd believe you if you were running some other software to monitor your network activity, but that's beside the point.
What I want from the FBI are statistics on botnet populations. How many computers are compromised and what steps were taken to secure them that failed. Michael Dell and Vint Cerf estimate that 25% of "internet connected" computers are part of a botnet. I think they have vastly underestimated the problem, that botnets are entirely Windoze driven and that most of the steps taken by people like you are ineffective. None of these things is really effective and using Microsoft's auto-update is the surest way to have your computer broken. The FBI is collecting and can provide some hard numbers to back up our assertions. If you care about truth, you want the numbers.
Maybe one of these days you'll inherit 800 million completely clueless users, and maybe then you'll call it a "Linux problem"?
Free software welcomes the people you and M$ despise, but there will be no equivalent monoculture for them and the problem will go away as it becomes increasingly more difficult and less profitable.
-
At minimum, this is VERY weird. What's happening?
Matousec, which did the testing, found that the Comodo free firewall is the best. Are Matousec and Comodo completely separate organizations? Matousec is Japanese, and English is clearly not the native language of whomever runs Comodo.
Matousec's review covered "personal firewalls", an artificial category which may eliminate products of interest. For example, Comodo doesn't recommend its own firewall, it recommends the Trustix Enterprise Firewall, which is free, also.
At minimum, this is VERY weird. I'm not saying there is anything wrong, but anyone should wonder when all the traditional companies are shown to be producing products of poor quality, and three new companies are shown to be the most trustworthy. Especially when two of those companies give their products away free.
I've thought for years that Symantec and ZoneLabs were not hiring enough people with technical knowledge; their products show that. I discovered that Sunbelt Software was doing something fishy. Certainly the major suppliers have shown many examples of bad behavior.
But, what about these 3 new companies? How can it be true that they are immediately better than all the others? -
"ZoneLabs programmers lack important knowledge..."
ZoneAlarm was tested by the company that did the leak testing.
Quote: ZoneLabs "programmers lack important knowledge needed for writing security products for Windows NT operating systems."
This fits with our experience. ZoneLabs was sold to CheckPoint Software. After that, ZoneAlarm seemed to have many, many problems.