Ad-aware, a wretched product?

http://www.securityfocus.com/archive/1/431582/30/0/threaded

 

I am very worry about that there will be more black sheep appear in the Anti-Spyware market,Lavasoft will catch more thieves who had stolen its def.

Very sadly........

 

Uhmmm... disappointing. The 'vulnerability recently discovered' they talk about is actually a very bad programming choice: they didn't implement a strong algorithm and introduced a flaw somewhere, they actually chose a VERY BAD algorithm; and apparently they lied about the definitions themselves. Not a very good reply, in my opinion.

 

This was the topic of my earlier thread (AdAware takes a hit) wherein I carelessly linked to a site that published the reverse-engineered code. I apologize for that indescretion.

I agree with Lavasoft that publishing weak code is not the way to get it fixed.

 

I see that one "policy" at their forums hasn't changed. If the subject matter is not complimentary to their product, they post the last word and immediately close the thread. No embarrasing questions allowed.
Rick

 

That's the problem with sponsored forums. Companies view them as a way to promote their products. Members rarely see it that way. It's a bad mix.

 

I'm sorry, but in the real life this is the only way!

 

This is the most important part IMO...

"This leads to another area of concern that we address to the entire security industry. It is without a doubt a fact that no one can anticipate or even design for every potential vulnerability in a given security application. Though we and our competitors do everything humanly possible to account for and provide appropriate development that will eliminate known vulnerabilities, it is true that none of us can foresee all vectors of potential attack.

With that said, independent researchers and testers are an essential part of product improvement when they find and then report potential issues. This however should be done in a responsible manor rather than to place millions of users at risk for nothing more than a sensational story.

We are appalled at the level of irresponsibility and outright apathy being shown by those who pretend to be providing essential security information and public debate. All too often these organizations and individuals do not care that their information or publication could cause damage to users world wide; rather they look only for the headlines and/or gains they could get from exposing sensitive information and sit basking in the after-glow from the destructive content they helped to develop.

Yes dear reader, this type of irresponsible behavior and lack of professional ethics helps foster new malicious code and exploit development rather than to bring about positive change or product improvements. How often have computer users been placed at risk just because someone decided it would be a good idea to publish this type of information and for what purpose; just to be first?

We call on the security news and discussion industry to stop allowing publication of vulnerabilities before developers have an appropriate opportunity to provide corrections so that users remain protected.

If you are not part of the solution you are part of the problem."


Basically, the rush to publish and the need to appear to be 'the man' puts everyone at greater risk and all this to massage someone's ego.

 

Exactly right herbalist. I find no change at all either from that same old song and dance from that camp and wouldn't expect that ever to change so long as ownership remains in the same hands it's always been in.

Shame really because Windows General was a really helpful section that saved many people headaches and wrong decisions while improving their own education into areas that better helped inform them of what they needed, and after all forums should serve a need also and not always to toot that horn which is always loud enough IMO.

 

The guy who went ahead and posted about the vulnerabilities in Adaware is akin to finding someone's left their front door unlocked and instead of telling them, you go and tell all the criminals you know.

 

No, it isn't. First of all, because Lavasoft knew about this (and if they don't that something like XOR is not good encryption, they're too incompetent to be trusted). Second, because they didn't forget "the door open", they actually sell products and get paid for them. Third, because the guy didn't "tell all the criminals" (unless you think the whole world is just a bunch of criminals), and he didn't actually "sell" the vunlerability like some actual crackers do. Fourth, because if Lavasoft actually did "multiply the signature number by 1.46 to make it appear bigger", they actually did try to fool customers and the public. Fifth, because taking this concept too far (like you're doing) would mean that a lot of the companies listed in this list (at least the ones that are not downright 'malicious') should have the right to be "mad" or even sue the author because he exposed that they can't be relied upon.

The author of the article didn't do what he should have done, I agree: he should have informed Lavasoft before. That would have been correct. And Lavasoft should have fixed all the problems. Are you sure they would have? I hope so, but I'm not so sure.

 

herbalist is exactly right in his observations and nothing is changed there whatsoever unfortunately.
One of my posts was canned without explaination.
Highly likely by that LSChris Fry character who was one of the main reasons so much distrust cropped up internally that eventually led to the closing of LS Forums in the first place.

One of my suggested entries under their FORUM SUGGESTIONS a program named Process View is old hat but efficient at displaying the day's running tally of any processes which could indicate exact times of entry of malware that slipped past Ad-Aware SE. It was simply a suggestion that was answered initially by another of the forum staff there as worth they're consideration and would be added.
http://www.lavasoftsupport.com/index.php?showtopic=120

The other was a simple question if the management specialist IAMSKINZ who actually gave me my own first start at Lavasoft might be returning or not.

I reviewed the forums today to find that one post already removed. Strange bunch over there IMO now and looks to offer nothing that's going to prove to be of any real use if they continue to censor away simple questions.

Also notice they publish a lot of suggestions for systems internals programs as an alternative to when some malware cannot be contained or removed.

Odd but not to be unexpected i suppose given one of the reasons for the animosity in the first place appears firmly in charge of their forums, so really nothing new at all in that.

 

ad-aware deleted some of the settings for my apps. haven't used it since

e e e w i d o o ooooo

 

I had this problem occassionally, as well. After a nice, clean startup, ad-watch would popup alert after alert saying that tons of keys in hkey-classes-root had changed. The first time I got such alerts, I naturally blocked the changes, thingking that spyware had done something to them. After a reboot, I discovered the horrible truth: ad-watch had replaced vital file association keys in hkey-classes-root with invalid entries or simply deleted them. This basically disabled all programs and files from functioning on the machine and caused me to devote many, many hours to get things back to normal. Needless to say, I stopped using ad-watch after that.

Such blatant flaws in the supposedly professional version of their software are suggestive to me of a truly flawed codebase. To think they actually had the audacity to release a firewall....

 

While I haven't used the latest version of AAW, all the previous versions alerted on the registry entries for Script Sentry.On more than one occasion I mentioned this at their old forums. Their answer was to add it to the ignore list. While that's fine for my system, it doesn't address the problem and sure doesn't help other users who don't know that it's a f/p. Alerting on a registry change without checking on what changed it or why is sloppy at best. It's not like Script Sentry is new or unknown to them. IMO, this is more indicative of a problem with how the reference files are maintained than with AAW itself. Could easily be exempted from detection. Maybe the new version does, but I've lost confidence in them as a company and don't intend to install it again to find out.
Rick

 

What do you think will be the effect on F-Secure Anti-Spyware, which is based on Lavasoft Ad-Aware? Is F-Secure Anti-Spyware also a wretched product? How many users do you think are aware of this relationship?

Certainly F-Secure entered into this relationship with there eyes fully open. F-Secure is a "rock-solid" company.

bktII

 

They (LS) have reserved for their detections for quite some time now the warning about a compromise with Script Sentry a target for detection which makes no sense since it is been a very popular and now long time protection addition to intercepting VBS and many other extensions that can release virus formulary files.

 

Nothing seems to have changed so far as that add-on to Adaware-SE. It's been suggested to the management for years to completely rework it after numerous complaints over it for the longest time but then who waits for years for changes when alternative safe and effective protection is made public and available that works without issue.