Bitdefender Antivirus Free - English GUI

They're working on it but sure taking their time. They probably won't release a new version just for that feature.

 

I got curious and looked at their forums for BD Free just now. It seems they're working on the next program update which should change the default behavior to quarantine suspected files instead of deleting, and also a restore function for items in quarantine. I'm not sure about exclusions, but I would guess they'd need that to prevent a restored file from being repeatedly quarantined in the future... No time frame for the update was given, but let's hope it's soon... If they implement the above, I will consider using it again..

 

That's excellent news.

Based on the full BD it seems that some files can be ignored, while other can not be ignored which is annoying.

 

I wonder what idiot thought such design would be a great thing to use in the first place!?

 

A bit harsh when describing someone who designed a FREE product don't you think?

 

Problem with software design and development is that the focus narrows down to such an extend the team becomes blind for the consequences of their choices.

Another problem is when you are developing software you don't allways have time or the opportunity to ask these design questions to real users (either there are no users or the project plan urges to go ahead to meet the delivery date)

I have a proven solution for all development teams in such "rush" situations:

Think of a simular situation in real life. What is the procedure followed, what are the checks and balances?
Deleting a file from your PC = simular to executing the death penalty


What are the checks and balances for this non-reversable death penalty decision?

1. The penalty is not executed immediately, but the prisoner is placed in death row

2. Prisoner has a right to 'appeal', to ask another court to check whether the correct decision was made

3. Prisoner has a right to 'Habeas Corpus' let a higher court decide whether the imprisonment is legal and whether the correct procedure was followed.



In terms of AV behaviour

1. Put the file in quarantine

2. Check the file by uploading it to the central servers for further analysis (cloud check)

3. Inform the user and provide an option to overrule the decision (or postpone removal until central server confirms)

 

They have the same thing in all of their products (even paid for). And frankly, even if it's free, that doesn't change the fact that it's just plain idiotic. Hars or not, that's the reality. No other vendor that i can think of does this kind of thing. So, there is the answer by itself.

 

Also in BD Forum:

Bitdefender Forum > English > Home & Home Office Protection > Bitdefender Antivirus Free Edition:
Report Here False Positives And False Negatives For Websites And Files

 

You'll have a huge surprise next week

 

Can't wait, thanks for mentioning.

 

Bear with me: there is no capital punishment or Bitdefender UK free in the Netherlands

Bare with me: I am not using an Antivirus since 2010

 

You can install Bitdefender Free in the Netherlands if you use a vpn like Hotspotshield during download and install

 

I'll be waiting....

 

Post #26

-----------------
Post #36

http://forum.bitdefender.com/index.php?showtopic=40732&st=20

 

This thread has already received 813 postings more than any other discussion about any AV and is still going strong.
That magical word - BitDefender and it's free.
Obsession.

 

Meanwhile, Bitdefender's website gets hacked and zero discussion. Maybe obsession is right.

 

And where are you getting the information that the website is hacked? I'm on it right now, and it's not only up, but clean as a whistle according to every security measure I have in place.

 

It's clean and sterile as in an Intensive Care Unit because of life-threatening illness. Let's hope it won't expire. (It's a joke).

Nobody has seen or heard from Christian or anybody else from BitDefender in many days.

 

Running BD free. Some around here forget that the design objective is to minimize user interaction. The problem with PUP's is that not all of them are dangerous. These things find their way into AV databases as a result of software publishers trying to protect their revenues.

I would prefer that the signature database be right in the first place. Default behavior should be to quarantine with the default behavior for releasing a file from quarantine being ignore in the future. That ought to be enough to keep the power users happy.

Yeah, I am back, in case anyone remembers who I am or was, or whatever.

 

I posted a link yesterday but nobody was interested.

Multiple Vulnerabilities in BitDefender website
A Security Researcher from crackhackforum.com, Rynaldo, has discovered multiple Vulnerabilities in one of the Biggest Antivirus company called "BitDefender".

The researcher claimed that he sent several emails to BitDenfender's team, butthey haven't responded nor fixed the vulnerabilities neither.

"The website is having several reflected XXS vulnerabilities and the CSRF
vulnerability. Also I have found a way to cause DOS attack on the local
server to take BitDefender temporarely down." Rynaldo said.

CSRF attack : https://my.bitdefender.com/en_us/my/#page=account.index hacker is able to perform CSRF attack to change the details on the user's profile.CSRF tokens aren't implemented and password isn't required to change information on the profile.

http://www.ehackingnews.com/2013/01/...tdefender.html

BTY - just because a website is working now doesn't mean it hasn't been hacked.

 

I'm sure it's one of billions of web sites that someone can label as vulnerable.

 

They were able to view and change user personal details.

 

Exactly. Another problem with detection of PUP's is that many people assume that becuase they have been detected they are malicious - they don't realise they are being detected because they may be unwanted - not due to being harmful.

Sadly too, some affiliates of antivirus/antispyware software try to make money off the detection of PUP's - they have a page with removal instructions for the PUP which highly encourages you to purchase the product they are an affiliate of to remove it. Despite the fact that the PUP is more than likely harmless, and will be able to be uninstalled from Add/Remove Programs. They make no distinction between rogue software which often is problem and can be hard to remove and harmless PUP's.

Also true, but unfortunately, I have doubts about the ignoring of quarantined threats after they are ignored, based on the full BD.
I installed Outpost Security Free last night and if you set it to prompt for action when a threat is detected - it gives you the option to ignore the file detected, or to ignore all future detections of the same threat. A really nice feature, maybe one day BD will implement this.

 

Roger, I honestly don't see any kind of fine grained control coming to an AV where the design philosophy is to minimize user interaction. As for PUP's many are software piracy enablers that are only harmful to the software publisher who managed to get them into the AV signature database. I suppose we should not be using such things, but I find it destroys the credibility of AV software to include these. It gets a bit more complicated when an AV pics up an exploit that is harmless to a Windows PC but is intended for use in rooting a mobile phone. Such programs could be used for other exploits.

 

DrBenGolfing -

Back on December 24, I have an entry in this thread about my clicking on the account activation URL I received in an email from Bitdefender, and being taken directly into somebody else's account. Clicked on it twice, went into two different customers' accounts. By all appearances, I had full read/write privileges.

At the time, I had a PM exchange with the BD representative here, he passed my findings to the website team, and I thought it had gotten fixed. (At least it seems to work for me now, whereas for a while during the holidays I couldn't even access it all.)

I did see your other posting, and found it a little troubling that perhaps a different vulnerability has emerged in the my.bitdefender website. Hopefully a BD representative can respond to this new report, and say whether it was erroneous, or was correct and has been fixed.