Tag Archives: avira

Avirans know how to party

An event to remember

Several hundred employees and their families gathered Friday evening for this year’s Schrebergarten-themed event. (‘Schrebergarten’ is a garden style named after the late Dr. Daniel Gottlob Moritz Schreber.) Live music, wafting aromas of grilled meats and vegetables, an open bar, gnome-themed photo opportunities, table tennis, a play area for the children, and other mini-gatherings made sure that there was something for everyone.

20150710_181722_resized20150710_212034_resized

Not only did the party warmly welcome all of our ‘newbies’ hired within the last few months, but it was also a special treat to have so many of our Avira colleagues join us from the Romania office. Normally, they celebrate with their own summer party in Bucharest, but this year brought a couple dozen folks to Tettnang for a long-awaited Avira vs. Avira football game that occurred the day before.

20150710_231138_resized

The region’s charm

Founded iiPhone 003n Tettnang (first mentioned in 882 AD), Avira’s headquarters is surrounded by hundreds of acres of rolling hills that produce a very fine beer hop. Less than 10 kilometers away, Lake Constance (German: Bodensee) offers sunbathing, swimming, boating, and other water sports (which more than a few Avira employees took advantage of the next day after the party). And Friedrichshafen, beside the lake, offers shops and creative art displays, with enough cultural presence that a Russian ballet company from Moscow is on the schedule in coming weeks. It’s no wonder that Avira is one of the region’s biggest employers … I mean, who wouldn’t want to live and party here?!

iPhone 062 iPhone 120

Check Avira job postings for Tettnang and other locations.

The post Avirans know how to party appeared first on Avira Blog.

Avira’s Secure Browser: Plans and Tactics (Part 1)

The Gordian knot

In order to have a secure browser, security issues have to be fixed in a certain time frame. This sounds logically, right? For us that’s only a few days after we get to know about them. Chrome fixes vulnerabilities with every release, so we are also forced to release in sync with the Chrome releases. But every change we make in the Chromium source code causes merge conflicts. When changes made by us (and which are Avira specific) and changes made by Chromium developers overlap our tools cannot combine them together. After about 150 changes we had one conflict per week. This meant spending hours untangling code.

The sword to slice through the knot: We will not introduce differences to the Chromium code.

Let’s see the browser more like a Linux distribution (Ubuntu, for example). We select the best tools. Combine them. Maintain them. Optimize them.

Open Source Extensions

There are awesome security extensions for browsers out there. Let’s just invest some man-years, copying their features. We can make closed source versions of those extensions which are almost as good as the original – but OURS!

… just kidding …

We decided to say ‘hello’ to the communities and explained our plans to them. We already started to contribute and will contribute even more (we struggled with the foundation for the browser longer than expected, so we are a bit behind the original time frame – but more about that in another post). The first extensions are integrated, more are upcoming and planned. Efficient engineering. A win-win situation.

Contributing to Chromium

Only code differences between our browser and Chromium cause issues. If we want a security feature and contribute the code to Chromium we do not have differences nor merge conflicts. We accidentally protect more people than we have to, but nobody is perfect. 😉

We already did contribute a stash of changes that allow simpler branding (see below). But the HTTPS-Everywhere guys alone have a wish list of 2-3 large Chromium code changes. Our next steps will be to extend the extension programming interface (API) because we want more information available in the extensions. For example right now the encryption details (used cypher suite, Certificates) cannot be seen from an extension. That means that something like Calomel cannot be written for Chrome so far.

Contributing to 3rd party code

Chromium contains more than 100 third party libraries. They can contain vulnerabilities, bugs and flaws. When we find something we fix it and send the patches upstream (= to the authors). We are currently experimenting with the best way to release as many fixes per week as possible. As soon as we have figured out a good solution, we will inform you via another blog post.

Our own extensions

Of course we already integrated ABS (Avira Browser Safety) and our Safe Search. This is a no brainer. So let’s just move on.

Our external tools

Right now we plan on integrating our AV scanner into the browser. We already scan with the WebGuard, but the future of the internet is encryption (more HTTPS, o/). Webguard is a proxy, and scanning encrypted traffic with a proxy causes lots of crypto-headache. Luckily the browser does decrypt the data (it has to) as soon as it gets there: Scanning the content of the decrypted data packages directly inside the browser solves said crypto-headaches.

As of now WebGuard is fine. But of course we already plan for the future. When the future is here we will be ready – with scanning abilities in the browser.

This above are only about 50 % of what we plan on doing. Stay tuned for two more and rather advanced tactics that we plan on using and which will be described in the next blog post!

TL;DR:
There is so much we can do to improve the browser. Without touching the core.

Halfway down the Rabbit Hole. Time for a break.
Thorsten Sick

The post Avira’s Secure Browser: Plans and Tactics (Part 1) appeared first on Avira Blog.

We Focus on Customers, Others Play Dirty Tricks

Our blogpost from a few days ago, NSA and GCHQ Have Been Spying on Antivirus Companies, contained our response to recent revelations that the NSA and GCHQ had been targeting antivirus vendors located outside the US and UK. The original story was published by The Intercept, and contained an image from a PowerPoint presentation listing all the potential targets which included Avira, AVAST, and AVG, among others.

We then issued our blog post indicating that our role as a security company is to keep intruders out – even if they might be governments. So far, so good.

Yesterday though, it was brought to our attention that a German website had published an article telling readers that Avira has been attacked by the NSA and that they should instead download AVAST, AVG, or G-Data, because they are more secure. This in itself is not an uncommon tactic and definitely no reason to go ahead and write a blog post – if it would have ended here. Which it didn’t:  both AVAST and AVG have been removed from the list of targets (we’re not sure why, but perhaps to give the article more gravitas …)

Can you spot the difference?

Spot the difference - AVAST and AVG missing

Original from The Intercept (left) / Falsified image from freeware.de (right)

As you can see in the version reported by freeware.de, only Avira has been carefully encircled, while both AVG and AVAST have been removed.

Who is behind this? We are not sure, but we want our customers to be aware that this information presented is false.

The post We Focus on Customers, Others Play Dirty Tricks appeared first on Avira Blog.

NSA and GCHQ Have Been Spying on Antivirus Companies

While not the main target of the operation, Avira was nonetheless mentioned together with several other antivirus and security firms as being at least a target of interest (It’s noteworthy that none of the targets were US or UK companies). Since the revelation we have received various requests vis-à-vis our position and capabilities regarding this affair. We are of course more than happy to share our thoughts with you.

“Avira has frequently seen efforts by governments to write malicious software that attempts to prevent, circumvent, or disable our software from protecting our users. The goal is always the same: installing their programs on the computer users’ systems without detection. These tactics are used by malware authors of all kinds, not just governments.

We at Avira are constantly improving our defense and detection mechanisms to avoid such manipulation. We also use various other systems and utilities to detect such efforts, outside of our own products. Whether a government-funded malware writer, mafia, friend or enemy, the exploitation of applications is something that we are determined to prevent from happening,” says Travis Witteveen, Chief Executive Officer of Avira.

Let’s also not forget that Avira is a founding member of IT Security made in Germany and we pride ourselves in committing, among other things, to:

  • Exclusively provide IT security solutions no other third party can access (no backdoors!).
  • Offer products that do not cause the transmission of crypto keys, parts of keys or access recognition.
  • Eliminate vulnerabilities or avoidance methods for access control systems as fast as possible once detected.

Avira will always strive to keep those commitments, be it against your run-of-the-mill malware or attempts by governments to obtain information.

The post NSA and GCHQ Have Been Spying on Antivirus Companies appeared first on Avira Blog.

Avira Threats Landscape: Visualizing threats for you

Every day, thousands of different malicious programs are trying to infect as many devices as possible. The goal is the same for all of them: Get your data and if possible your money as well.

We have always been the firsts to learn about the threats that loom over every owner of a PC, Mac, tablet, or smartphone, but us having all the insights is not enough. While studying threats, keeping an eye on where they appear, and adapting our programs accordingly makes sure we keep our users as safe as possible, it’s still complicated to explain to the rest of the world why being protected is that important.

Sure, one reads about the newest threats, but only other people are affected by them, right? Especially big companies or governmental institutions seem to be the targets, so why bother at all. And that is where people are wrong. While the media most often talks about high profile cases, everyone else is at risk just as well! Every day there are millions of threats which have only one goal, namely to infect your devices. Be it your smartphone, laptop, Mac or PC – each and every one of them is at risk. Just think about the latest iOS and OS X exploits or the different ways cybercriminals try to gain control over what’s on your computer.

Check out the Avira Threats Landscape to find out where danger is lurking. #cybersecurity

In order to make our point we decided to share our insights with you in form of an interactive map. Our Avira Threats Landscape allows you to not only see which countries are the top targeted ones but also which threats are popping up the most and how many threats were detected in your country. Take a look at it, you won’t regret it. And when you see just how far reaching and widespread those threats are, make sure to warn your family and friends as well.  The most important thing though: Stay protected!

The post Avira Threats Landscape: Visualizing threats for you appeared first on Avira Blog.

Alton Towers Facebook Scam

Following an accident at Alton Towers – a theme and water park in the United Kingdom, a Facebook scam has emerged that purports to show video footage of the accident. Beware: this is a scam, which we shall now dissect for you.

Step 1: The hook

Alton Towers - step 1 the hook

This teaser Facebook post is supposedly taken from the accident (it is not). If you click on it with the (macabre) hope of seeing a video of the crash, you will be taken to a website that has been designed to look just like YouTube.

Step 2: The fake look-alike

Alton Towers fake youtube

Once on that page, you will be asked to post a link to the video on your Facebook timeline…

Step 3: The redirect

Once you accept to post the video to Facebook, you will be redirected to another website, where you will be told that to finally see that video, you need to download a video player update…

Alton Towers - step 3 the redirect

The downloaded file contains adware, that display advertisements and collects information about your browsing habits. The crooks almost certainly make money by getting a percentage of all sales on these third party ads you will be seeing in your browser.

If you see this Alton Towers scam on Facebook, avoid it. If you click on a post that tells you to download a plugin or update to watch the video, exit the page immediately. And for additional security, use Avira Free Antivirus, which blocks adware.

The post Alton Towers Facebook Scam appeared first on Avira Blog.

The dummies guide to hacking Whatsapp

WhatsApp – the super popular messaging app (800 million users), acquired by Facebook for $20 billion, has done it again… After a bug that exposed restricted profile pictures, data encryption that can be breached in 3 minutes, and the use of IMEI (International Mobile Equipment Identity) as a cryptographic key (it’s like using your Social Security Number as a password), WhatsApp is yet again in the headlines for privacy concerns…

The latest story – hacking Whatsapp. As reported by The Hacker News, anyone can hack your WhatsApp account with just your number and 2 minutes alone with your phone…

This video, posted on YouTube, shows how a hacker answers an authenticating call, intercepts a secret PIN, and uses that to access a WhatsApp account he just created on another phone.

This is not tied to a bug or loophole – it is the way that WhatsApp was built.

Bottom line? Please be very careful whom you lend your phone to, and make sure you don’t leave it lying around. Even locked, a garden-variety hacker can access your WhatsApp account in 2 minutes.

The post The dummies guide to hacking Whatsapp appeared first on Avira Blog.

Give your PC some superpowers

So now that I got this out of the way, here are two important observations by Captain Obvious:

#1: This blog post is about shameless self-promotion.

#2: You’ll be safer (and perhaps mildly amused) after having read it.

So here’s the newsflash: we’ve just launched a superhero campaign that’ll unleash your PC’s superpowers: www.avira.com/en/try-superpowers

The campaign offers our free Antivirus software, as well as free trials to premium software. Take a look at the short descriptions for your PC’s new superpowers:

STRENGTH

Wield superior PC protection, forged deep within the A.V.I.R.A. labs. The process of forging summons otherworldly code, to withstand attacks from any breed of alien forces

SPEED

Be one with an accurate, effective weapon – able to navigate and propel you with supersonic speed through cyberspace. Your PC will be faster, your boot up time—shorter, your streaming—smoother, your PC—cleaner and you’ll even free up space on your hard drive.

STABILITY

Control and stabilize your PC’s elements, with a driver updater tool that’s forged from the remnants of a star. Your hardware will run smoother, your gaming will be faster and it will help prevent system freezes and crashes.

And of course, the page gives you the option at the bottom to share it with your friends and family – just in case you don’t begrudge them your new-found superpowers….

The post Give your PC some superpowers appeared first on Avira Blog.

Avira Team Gears Up

The Avira Fitness Studio

Logo Avira GymA few months ago we decided to equip our offices in Tettnang with fitness facilities for employees who want to do some sports just before or after work hours. For those wishing to continue their sport routine during the weekend, the Studio’s doors are open 24/7. The Fitness Studio comes as a perfect service to offer our employees together with the in-house catering service and the (already famous) coffee place, our dear Chocavira.

We have acquired modern equipment and tried to organize the space by type of activities so that people can enjoy a professional workout environment. Personal trainers are also available at specific times, making sure that people are making the best out of their fitness sessions. Other logistics have also been taken care of: showers, personal lockers and towels being at our employees’ disposal.

On the Activities menu:

  • Traditional Workout
  • Yoga
  • Spinal + Stretch Workout
  • Pilates
  • Functional Circuit
  • Cycling

Besides being a great place to engage in physical activities, our two months old Fitness Studio has proven to be also a social catalyzer for our employees. It’s fun to see that colleagues of yours share your passion for cycling or yoga and join you for the classes that are being organized on a weekly basis.

In the past couple of months, not only have we come to realize that the Avira gym is an amazing boost for employees’ health and well-being, there are in fact a lot of benefits to be discovered once a company decides to build a workout space for the employees.

What’s the best thing that happened with the Avira Fitness Studio opening in our Tettnang HQ? We simply made our employees happy. How? By showing them their voice matters and we actually do our best to make their wishes come true and transform the work place into a friendly environment. Happy employees contribute to an overall happy atmosphere in the office so we can issue an official warning:

Watch out, viruses! We’ll be coming a lot stronger at you!

The post Avira Team Gears Up appeared first on Avira Blog.