IE9 blocks 99% of social engineering malware

Discussion in 'other anti-malware software' started by funkydude, Dec 14, 2010.

Thread Status:
Not open for further replies.
  1. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    http://news.softpedia.com/news/IE9-Blocks-99-of-Socially-Engineering-Malware-172650.shtml
     
  2. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,710
    Sounds good to me, thanks.
     
  3. Kernelwars

    Kernelwars Registered Member

    Joined:
    Aug 12, 2010
    Posts:
    2,155
    Location:
    TX
    yep..Very good to know:D
     
  4. Kid Shamrock

    Kid Shamrock Registered Member

    Joined:
    Apr 3, 2007
    Posts:
    207
    Yes, IE9 is even smarter than you are!!! lol :eek:
     
  5. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
  6. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    We'll see how effective IE9 is...;)
     
  7. Athletic

    Athletic Registered Member

    Joined:
    Jan 21, 2009
    Posts:
    90
  8. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    How else do you get a company to test your browser without paying them? :cautious:

    Did you even read the detailed and full 20 page long report or just see that Opera got 0% and dismissed it like the usual anti-MS people?
     
  9. malexous

    malexous Registered Member

    Joined:
    Jun 18, 2010
    Posts:
    828
    Location:
    Ireland
  10. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    The only valid thing i could fetch out of that was why they used Chrome 6 instead of 8. You could say 8 was recently released, so why wasn't 7 used?

    Opera 10's results are because Opera 10 has no form of malware blocking, the AVG stuff was added in later versions.

    It was critisized for "not displaying the URL's used". Err, dooes AV-C ever display every single file used? No. Unreasonable request. How the test is performed though, is described.

    "According to the description, the test only investigated URLs where a link directly lead to an infected file being downloaded – sites containing exploits for drive-by downloads were apparently omitted." -Last I checked, this test was for socially-engineered malware, not exploits. So I'm not sure how that's a problem.

    So again, the only valid thing is the old versions of the browsers. Which is a real concern, as I'd like to see IE9 compared to the latest and greatest.
     
  11. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,819
    Location:
    Innsbruck (Austria)
    We usually send all URLs/files which were not blocked (=the "misses") to the tested AV vendors so they can verify our dynamic test results.
     
  12. Bambo

    Bambo Registered Member

    Joined:
    Dec 10, 2006
    Posts:
    194
    Funkydude, those 99% are as valid as any other 99% you will see when published for easy reading the internet - with pdf file to back it up of course. If we did not have that backing up we would have to think for our self and question the whole setup right?
     
  13. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    Really? That's pretty cool, then maybe they should send the links over to Google?

    On the other hand, unlike malware which can still be persistent, aren't these links usually dead within a few days, making such a process pointless?

    Not entirely sure what you're getting at here.
     
  14. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,819
    Location:
    Innsbruck (Austria)
    no, some remain alive for quite some time, anyway, there are also other additional ways to provide data (proxy-data, binaries, screenshots, logs, etc.).
     
  15. Bambo

    Bambo Registered Member

    Joined:
    Dec 10, 2006
    Posts:
    194
    I thought you were questioning what was valid or not, like Google complaints. I would say that if you believe 90% hitrate for IE8 and 99% for IE9 it is you who should present valid info - and here comes the pdf link? Which means you eat every word testing organization have decided you should read and pass on. If I am wrong, good :)

    Dynamic, real life tests of "internet" are bullocks by nature I think.
     
  16. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    Bit OT: Will we ever see one of these tests from AV-C? I realize it goes against the very name of the organization, but yeah...

    Thanks for explaining :) But this isn't your usual run-of-the-mill shove some info into a PDF and have it done. It's a very detailed report, including how it's done.

    From what I understood on the Google link, they questioned the version number tested and why they received no malware links. The former which I already agreed with, the latter which IBK states should be happening.
     
  17. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,819
    Location:
    Innsbruck (Austria)
    not sure what you mean. i was refering as an example to our whole-product-dynamic tests (but all testers usually provide some sort of info to the tested parties in order that the results can be at least partially verified; from what i read, this is maybe not the case with the browser test mentioned above).
     
  18. Bambo

    Bambo Registered Member

    Joined:
    Dec 10, 2006
    Posts:
    194
    Well I have read report from their first test, IE8=83% or something, and it is easy to find weak spots. They use terms like pre-screening or pre-scanning, like little sandboxes inside their sandbox setup where stuff is evaluated before test moves on. Basically you have no idea what they talk about :) This being about executables from "internet" should tell they must have some sort of source material. What? Who helped with that? Anything than 100% transparent tests is open for critique, here also anti-MS just because IE look great (they beg for it), but apart from deals and agreements nothing keep them from explaining ;)

    History and time will tell what is up and down. Always does.
     
  19. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    Sorry for not clarifying, I meant a browser test such as this.

    Good points.
     
  20. Athletic

    Athletic Registered Member

    Joined:
    Jan 21, 2009
    Posts:
    90
    I'm not sick to read 20 pages of ~ Snipped as per TOS ~.

    Internet Explorer is slow like it's already malware inside it compared to other browsers... thats all truth about that malwareproof test.
     
    Last edited by a moderator: Dec 18, 2010
  21. iravgupta

    iravgupta Registered Member

    Joined:
    Dec 17, 2009
    Posts:
    605
    For me the ultimate test of the goodness of a software is if it inspires enough confidence to install it on my parent's PC, which is in another continent altogether. So far the default browser on their PC is IE8. During my time with IE9 I feel it is definetly going to be their next browser. I have my personal issues with IE9 but for them I think it's the safest one.
     
  22. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    Nice contribution to the thread. :eek: Was a bigger waste of time posting that spewing nonsense than reading those 20 pages and learning something. It always amazed me how people will only look at results and jump to conclusions. :rolleyes:

    This is the ultimate test. I once tried to switch my dad over to Opera, boy that didn't go too well. He's addicted to Firefox and it's layout. Something tells me he isn't going to enjoy the Firefox 4 layout change :p
     
    Last edited by a moderator: Dec 18, 2010
Loading...
Thread Status:
Not open for further replies.