Prevx - 64 bit banking security test

[vitorio]

Hi:

According to MRG Offitas, June 2011 online banking security test:

Quote:

All of the applications which failed on the 32 bit Windows also failed on the 64 bit version. In addition to this, Prevx, which had passed the test on the 32 bit operating system, failed to protect the system when run on the 64 bit version.

Is it fixed? Please let me know the status.

Thanks

Vitorio

[PrevxHelp]

This is a duplicate post from: http://www.wilderssecurity.com/showthread.php?t=300856 and is fixed in the beta http://www.wilderssecurity.com/showthread.php?t=300981

[vitorio]

Hi:

I am planning to buy Prevx 3.0 with free Hitmanpro 3.5.8 for 64 bit machine that is for sale in www.hitmanpro.com, under shop.

What I want to know is, If for this Prevx 3.0 64 bit, specifically the one I planning to buy, the problem is fixed, please? Or just wait a little longer?

Thanks

Vitorio

[PrevxHelp]

The 64bit issues in Prevx 3 are due to PatchGuard and can't be fixed in the 3.0 architecture, however, this only affects a subset of the protection (just some elements of the information protection, not the antimalware protection).

[vitorio]

In your opinion, I can continue with my plans to buy prevx 3.0 + hitmanpro 64 bit 3.5.8 free offer, since I will be have a good security cover, even if I used online banking frequently.

The antivirus I have in my pc now is Norton Antivirus 2011.

Thanks for your help.

Vitorio

[PrevxHelp]

Yes, that's more than enough. If you'd like us to analyze your scan log to be sure your PC is clean, feel free to send it to report@prevxresearch.com by clicking Tools - Save Scan Results.

Thanks!

[fasteddy2020]

I just found this from MRG:

"We received our invitation to test Webroot AntiVirus Beta today (Prevx 4 Beta) and can confirm it still fails against our simulator on Windows 7 64.

Best regards,

Chris Pickard"

Evidently this issue has not been fixed. Any response to this Joe?

[Dave53]

I guess this is Webroot's response. Here's the latest from the MRG forum:

"At the vendors request, we have removed all mention of Prevx 4 / Webroot SecureAnywhere test results from our forums.

Best regards,

Chris Pickard"

If they stifle test results how will you know if you're protected?

[Cutting_Edgetech]

Quote:

Originally Posted by Dave53

I guess this is Webroot's response. Here's the latest from the MRG forum:

"At the vendors request, we have removed all mention of Prevx 4 / Webroot SecureAnywhere test results from our forums.

Best regards,

Chris Pickard"

If they stifle test results how will you know if you're protected?

It is still in beta stage. Can't blame them for not wanting it tested to be held accountable at this point. It has not been released yet. Would you want something you was working on, and had not completed yet tested against completed products? That's just unreasonable.

[Triple Helix]

I think it's very Professional that MRG removed the results it shows they are willing to cooperate with vendors!

TH

[Dave53]

Quote:

Originally Posted by Cutting_Edgetech

It is still in beta stage. Can't blame them for not wanting it tested to be held accountable at this point. It has not been released yet. Would you want something you was working on, and had not completed yet tested against completed products? That's just unreasonable.

They invited MRG to test the beta against their simulator. Maybe Chris shouldn't have reported the results yet. I don't know - that's between them. However, I presume most people would like transparency in the process. Since this version was supposed to fix the vulnerability, I would think that the 64-bit beta testers would like to know that it is still an issue before conducting any banking transactions. I'm totally fine with them needing more time to resolve this issue, but rather than suppressing unfavorable results just communicate what you are doing about it.

Is that unreasonable?

[PrevxHelp]

Quote:

Originally Posted by Dave53

They invited MRG to test the beta against their simulator. Maybe Chris shouldn't have reported the results yet. I don't know - that's between them. However, I presume most people would like transparency in the process. Since this version was supposed to fix the vulnerability, I would think that the 64-bit beta testers would like to know that it is still an issue before conducting any banking transactions. I'm totally fine with them needing more time to resolve this issue, but rather than suppressing unfavorable results just communicate what you are doing about it.

Is that unreasonable?

We've worked with MRG today on reviewing the test results and the initial determination of Prevx 4 not passing the test was correct in some cases but in several others, it actually protects against the threat. However, they have suggested some improvements and we've made those improvements now which will be included in the next beta cycle.

[Knighthood]

Thank you for letting us know about you reviewing the result and the up coming fixes. For the Online Security is the number one AND only reason why I got this product. The window 7 pro 64 bit version protection is very important to me.

[Triple Helix]

Quote:

Originally Posted by Knighthood

Thank you for letting us know about you reviewing the result and the up coming fixes. For the Online Security is the number one AND only reason why I got this product. The window 7 pro 64 bit version protection is very important to me.

As it is to all of us!

TH

[Dave53]

Quote:

Originally Posted by PrevxHelp

We've worked with MRG today on reviewing the test results and the initial determination of Prevx 4 not passing the test was incorrect in all cases as it did actually protect against the threat. However, they have suggested some improvements and we've made those improvements now which will be included in the next beta cycle.

Thanks for the clarification!

Dave

@ Dave53

Hmm .. I don't know if you want to qualify what you have read from PrevxHelp ..

Quote:

We've worked with MRG today on reviewing the test results and the initial determination of Prevx 4 not passing the test was incorrect in all cases as it did actually protect against the threat.

(btw .. giving you little hints here .. that's the one *always* (!) and *by all means* (!) denying *any* (!) Prevx/WSA problem like for example compared to competition way (!) to much false positives etc.)

.. -> still as 'clarification' once you have read what the other side has to say to this statement above of PrevxHelp, may I quote the site admin of MRG-Forums, 'Chris':

"This is completely untrue."

Hmm .. dilemma you say?
Well, I know *exactly* who I'd trust more in this until this is hopefully explained further. - Question is .. do you? *blink*

[Dave53]

Thanks for the alert guest! I actually read the discussion over at MRG before coming back to this thread. Very interesting!

[PrevxHelp]

I was unclear in my initial post and have edited it to reflect that.

[Defenestration]

I wouldn't take MRG seriously, but you can make your own mind up...

http://www.wilderssecurity.com/showthread.php?t=251113
http://www.wilderssecurity.com/showp...6&postcount=25
http://forums.comodo.com/news-announ...7346#msg417346

[Scoobs72]

Yes, I do make my own mind up and so do Prevx, which is why they've worked with MRG on fixing the issues identified. Everybody makes mistakes in the past and people deserve forgiveness if they can subsequently prove their worth. MRG's test have been discussed significantly on these forums over the past 12 months and the general consensus appears to be that the work they are doing is very positive. But there's always someone who has to drag up the past isn't there? What you should be saying is "Thanks MRG for identifying this bug/issue in the new Prevx/Webroot Beta, so that we'll all be better protected". Hope you're pleased with yourself.

[Saraceno]

People have made their minds up - that's old news. They've done a lot of positive work since 2009.

[Triple Helix]

Please lets not make this about MRG and the past, at least they removed the results from there forum and is willing to work with the Webroot (Prevx) Team to make SecureAnywhere the best for online protection and credential security!

TIA,

TH