Trusteer Rapport Security Software

Discussion in 'privacy technology' started by nord1, Oct 11, 2011.

Thread Status:
Not open for further replies.
  1. nord1

    nord1 Registered Member

    Joined:
    Dec 1, 2010
    Posts:
    116
    My bank is offering this new security software (free) as an addon to my browser for secure financial transaction. Never heard of it. I'm running MalwareBytesPro and Avast 6.0.1125 at the moment. Do I need this stuff or?

    Much thanks.
     
  2. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,279
    Location:
    UK
    If you are concerned about identity/data theft from undetected malware that may be already be running on your system then it's a good idea. If you are reasonably sure that the machine is clean, and you are sure that your security measures are enough to keep it that way, then maybe not.
     
  3. nord1

    nord1 Registered Member

    Joined:
    Dec 1, 2010
    Posts:
    116
    pegr,

    Always concerned, seldom compromised with reasonable precautions. However, would like to hear if anyone, anywhere has heard of this piece of software my bank is touting and whether or not it is any good.
     
  4. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Trusteer Rapport has been around for a while and there are other threads here where it has been discussed (sorry, can't provide links at the moment). It protects against key and screen loggers, DNS spoofing, etc. Here's a list of features from the developer's website:

    http://www.trusteer.com/product/trusteer-rapport

    I tried it on a couple of machines and found it slowed down browsing somewhat, but that wasn't true for everyone. I'm not sure if Avast and Malwarebytes Pro together cover all of the same areas. I would recommend trying TR and see how it behaves on your system.
     
  5. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    855
    In dealing with the problem of malware - there's Prevention, Detection, Disinfection, then lastly Mitigation (reducing the effects of something).

    I put most of my effort into prevention, followed by detection. I only need to bother with disinfection on other people's computers. I can't imagine a situation where I'd be happy with reducing the harm of an infection on a computer.

    Trusteer Rapport will mean putting a lot of resources into Mitigation, i.e. reducing the risk of harm on an already infected PC. "Yes you're infected M'am, but I put Trusteer Rapport on so you can bank safely!"

    This is the same approach used by many Western healthcare systems - expensive drugs over someone's lifetime designed just to manage the symptoms of diseases instead of actually treating them. The focus is just wrong, all IMO.

    Rapport does have a noticeable effect on system performance, at least on every non-quadcore i7 system I've seen it used on. There are better approaches that use less resources.
     
  6. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    It's possible the banks think about it this way since they have no control over the security (or lack of it) on customers' computers. But I believe an argument can be made for conscientious users using Rapport simply because zero day malware are real and malware is getting better at hiding even from the best scanners.

    One approach is to dedicate a browser exclusively for online banking and install added security, such as Rapport, only in it. That way it doesn't impact other browsers or the system generally.
     
  7. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    855
    Yes I can see that point of view - they want to encourage internet banking (reduces the cost of business for the bank), but they want a secure platform from their end all the way to the customer. The weakest link for them is going to be the computer they don't control, so Trusteer Rapport gives them that control.

    I've looked briefly - but haven't seen how to install Rapport so it only runs when you use a certain browser. Do you mind explaining further?
     
  8. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    It's been a while since I tried TR and since you asked I thought I'd better reinstall. I stand corrected - it doesn't appear possible to install for a specific browser. TR installs a system driver. One option would be to turn it off for general browsing (settings are available by clicking the icon in the address bar) and turn it back on just for banking if it creates some overhead. Anyway, sorry for the incorrect information.
     
  9. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    855
    No problem, thanks for following up.
     
  10. sun88

    sun88 Registered Member

    Joined:
    Aug 27, 2009
    Posts:
    66
    I would like to hear more about these better approaches.

    In my experience, TR only slows things down at the time when you are logging in to a protected site. I don't mind waiting while it sets up protection from crimeware.
     
  11. sun88

    sun88 Registered Member

    Joined:
    Aug 27, 2009
    Posts:
    66
    Major banks and Paypal and eBay endorse Trusteer Rapport and offer it to you for free. It's one of a handful of tools that can actually protect you from crimeware even if your PC is already infected, and it's the only one that's free. Unless you are certain you don't need it, only twisted logic would stop you from using it.
     
  12. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    One of the best passive defence against keyloggers.

    But I will make sure I have a clean system if I do online banking etc.
     
  13. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    This is my take on it. And, I'm just generally speaking.

    Generally speaking, most people won't know whether or not their systems are infected. For all they care, their systems are clean.

    Do their banks offer/suggest a security solution? That's great, IMHO. Why? If a piece of malware does get the credentials, then the user can blame the bank, because the security application they suggested/offered didn't work! :D

    If the user declines the security solution, and if malware gets the bank credentials, then the bank will say Well, we did offer this security solution to protect you, and you declined it. It's not our fault, now is it?. :argh:

    Which side to pick? lol
     
  14. 1chaoticadult

    1chaoticadult Registered Member

    Joined:
    Oct 28, 2010
    Posts:
    2,248
    Location:
    Chaotic Land
    Neither side lol..
     
  15. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,279
    Location:
    UK
    It has been tested several times and has been found to work to protect the browser against banking trojans, keyloggers, screen grabbers, etc, which is not to say that it's bullet proof. Nothing is invulnerable but browser protection utilities like Rapport can definitely help as part of a layered security setup.

    I have experimented with Rapport, on and off, for quite a long time (I get it from my bank) and on my Windows XP system it hasn't slowed down browsing, but it does use quite a lot of memory for what it does.

    My experience of Rapport is that it isn't especially tolerant of other security software though so you will need to experiment to see if it works well with your setup. On the occasions I have experienced performance issues with Rapport, it has been due to conflicts with other security applications.

    If using a light virtualization application such as Returnil or Shadow Defender to keep the system virtualized for normal use then the argument in favour of using a browser protection utility like Rapport is weaker, as a reboot to remove any live malware that may be running prior to engaging in online banking or shopping should be all that is required (providing of course that the real system was clean prior to entering the virtual system).

    Light virtualization has the advantage of being highly compatible with other security applications, and is the approach I personally favour, but I realise it doesn't suit everyone.
     
  16. nord1

    nord1 Registered Member

    Joined:
    Dec 1, 2010
    Posts:
    116
    I run MalwareBytesPro and Avast 6.0.1125. I do my banking from within Avast's sandbox and for overkill use DropMyRights. A system driver separate from individual browsers, eh. As I have an old laptop (XP PRO SP3) with only 768 megs ram, system resources are at a premium. I will install it using InCtrl 5 and then Revouninstaller if it doesn't work out. Will post back after a trial run.

    Much thanks to everyone for all your posts.
     
  17. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    855
    Don't get infected in the first place.

    Plenty of discussion on how to achieve that here.
     
  18. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    In all fairness, you can't just think inside the box. You also need to think outside the box.

    A user's system may be clean, but a cybercriminal may hijack the connection between the user and the bank's server, diverting the connection to his own server, and act as a middle man.

    I'm not saying it would be able to protect against all kinds of MITM attacks, but it would provide protection against most common type of attacks.

    I believe tools like Trusteer Rapport use triangulation to detect wether or not the user is in fact communicating with the bank's servers.
     
  19. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    if you have avast internet security then trusteer is not needed.... avast safezone will more than take care of the safety of online banking or shopping...
     
  20. treehouse786

    treehouse786 Registered Member

    Joined:
    Jun 6, 2010
    Posts:
    1,388
    Location:
    Lancashire
    i liked it until it started blue screening on me
     
  21. nord1

    nord1 Registered Member

    Joined:
    Dec 1, 2010
    Posts:
    116
    am963,

    Didn't get a graph on the resources used, but subjectively it was slower than before on my old T40 Thinkpad. Report was sketchy at best: found 3 cookies it didn't like and blocked (didn't ask), but no info about what cookies and which browser it used. Only use IE6 for windows update and my bank won't use that anymore. Firefox 3.6 is supported, so FF 3.6.23 was my testbed, but no mention of FF 7.0.1, which is what I generally use. A couple of other browsers (K-Meleon and Iron) are not supported.

    The report can't be copied anywhere for further analysis and you can't see any details, guess it is a dumbed down interface.

    Removed it with Revouinstaller with zero problems.

    As you said, Avast does enough, along with MalwarebytesPro and of course, standalone apps for emergencies (and a Linux Knoppix CDR with F-Prot).

    Tks.
     
  22. 1chaoticadult

    1chaoticadult Registered Member

    Joined:
    Oct 28, 2010
    Posts:
    2,248
    Location:
    Chaotic Land
    i liked it until it started crashing my browsers and freezing my laptop.
     
  23. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA


    Actually a very serious question - it would be important to find out if your bank, by virtue of offering Trusteer Rapport and/or other security software is waiving responsibility for any losses incurred while using the online banking service. A friend of mine had his bank account emptied via a "banking trojan" and the bank replaced all of the funds. That was some time ago though, and I don't know that all banks replace lost funds as a matter of policy.
     
    Last edited: Oct 13, 2011
  24. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Screenshots of Avast Safezone remind me of SafeCentral. I wonder if it's SafeCentral rebranded?
     
  25. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Yes, it's important to understand that malware on the local system is not the only attack vector. The connection has to be protected/verified all along the way. For instance I believe TR (and others such as Prevx SafeOnline and SafeCentral) protects against DNS poisoning. There's some information here:

    http://www.trusteer.com/product/trusteer-rapport

    Unfortunately it's not very technical, but perhaps there's an in-depth PDF somewhere...
     
Loading...
Thread Status:
Not open for further replies.