Tag Archives: Technology

Avast

GrimeFighter is now Avast Cleanup

Leave a comment

Optimize your PC with Avast Cleanup’s advanced scanning features.

Change is good, especially when it pushes us forward and encourages us to improve. We’ve recently made a change that will benefit our users and make their experience using our products even better. Our PC optimization product formerly known as GrimeFighter has now emerged as Avast Cleanup. In addition to the name change, there’s more to this transition that Avast users can be excited about. In Avast Cleanup, we’ve got a bunch of great benefits for you to enjoy:

  • Rid your PC of up to 5x more junk. Avast Cleanup continues to search for junk files, unnecessary app processes and system settings that slow down your PC’s performance. The amount of issues detected by Avast Cleanup have been improved fivefold, ensuring that your PC is cleaned as thoroughly as possible.
  • Keep it clean, keep it fast. Avast Cleanup’s quick and easy scan is 10x faster, now capable of transforming your PC in minutes or even seconds. As always, exact scan times may vary due to Internet connection or amount of issues found.
  • Win precious space back with new, advanced scanning features. Even a new PC can be loaded with unnecessary apps. Avast Cleanup checks when you update a program or uninstall an app, ensuring that any unnecessary leftover files don’t take up space on your PC. Since you’re immediately informed if unneeded files are discovered, you can save more space on your device than ever before.
  • Organize Avast Cleanup to work around your agenda. You can schedule a daily clean, select which programs you want to load upon startup, and choose what you clean in a scan. What’s more, Avast Cleanup discreetly runs in the background while you go about your daily activities.

Avast Cleanup helps you store more of what you actually want and to accomplish it in just a few minutes. Don’t let your PC become a test of your patience — try Cleanup for yourself. Here’s how:

  • For licensed users, all you need to do is install the latest version of Avast. Your GrimeFighter will then be automatically updated to Avast Cleanup. You’ll receive a notification letting you know that the update was successful.
  • For users who have updated to the latest Avast version but haven’t yet purchased Avast Cleanup, you can do so either from our website or, better yet, directly through the program by navigating to the store link on left menu of the interface.
  • For users who haven’t updated, you can also buy Cleanup within Avast. For now, you’ll still see it as GrimeFighter and you’ll need to do an update to the latest version of Avast in order for it to work.

Avira

Avira’s Secure Browser: Plans and Tactics (Part 2)

Leave a comment

The goal with the browser is to create an easy-to-use, secure and privacy respecting browser. These are the more advanced tactics we will be using:

Our Cloud DBs

Adding cloud features to file scanning was a large success. The detection quality of malicious files went straight up. Short:

On the client there is a behaviour detection kind of pre-selection. If a file is suspicious the cloud server is asked if the file is already known

If unknown:

  • An upload is requested
  • The file is uploaded to the server
  • There we have several detection modules that cannot be deployed on the customers PCs (an AI with a large database, sandboxes for behavior classification, etc. ). They scan and classify the file
  • The database is updated
  • The results are sent back, you are protected

We built incredible databases covering malicious files during the last years. We should have something similar for the browser and use our large knowledge base and server side classification tools for web threats as well.

It should look something like that:

  • The browser detects something strange (“behavior detection”), this is called pre-selection
  • It asks the backend database if this is already known
  • If not: relevant data (URL, file, …) is uploaded for inspection
  • Our server based tool (and our analysts) will classify the upload and update our databases
  • The result is sent back directly (within milliseconds. Yes, the tools are that fast. We will try to improve our analysts 😉 )
  • You are protected
  • We are improving our “evil parts of the internet” map.

To get there we will have to improve the signal-to-noise ratio. We are only interested in malicious pages. If the pre-selection in the browser is too aggressive and sends non-malicious pages to us, it‘s a waste of CPU cycles and bandwidth. With millions of users as a factor, even minor slips will be expensive and annoying for everyone involved.

We will also remove private data before sending it (we are not interested in user data. We are spying on malware). Personal data is actually toxic for us. Servers get hacked, databases stolen, companies gag-ordered. Not having that kind of data on our servers protects us as well as you. I mean just think of it: Some web pages have the user name in the URL (*/facepalm*). I do not think we can automatically detect and remove that trace of data though. But maybe we could shame the web pages into fixing it …*/think*

The parts in the source that collect the data and prepare them for sending are Open Source. Here I am asking you to NOT trust us and review the code! :-)

I hope we find a simple solution to display the data being sent to us before sending. The only problem is that it could have a negative impact on your browsing experience. Having a modal dialog when you expect a page to load …

One option could be to at least offer a global configuration to switch cloud requests off (always, in incognito mode only, never) and show you in logs what got sent.

Advertising
We are selling libraries and databases covering malicious files and web pages.

You want your own AV? Or protection technology in your Tetris game to make it unique? Just contact our SI department and make a deal.

Other companies have thousands of web-crawlers simulating user behavior to identify malware.

Millions of real Avira users are our scouts and sensors.

Some branding

We need some branding. That would include Avira specific changes in the browser (names, logos, some other texts). But also links. This is not only relevant for brand-awareness but also to keep our users away from Chrome/Chromium support to avoid confusion (“Which Chrome version do you have ?” … listens … “we never released that, can you please click on “about and tell me the version number” … listen … “WTF?!?” => Confusion) and direct them to our support – who actually CAN help.

Hardening

We will always improve the build process. There are compiler switches for features called Position Independent Executable (PIE), Fortify Source, etc. that we should enable on compilation (many are already enabled). Most time here will be spent on ensuring that they do not get disabled by accident, are enabled on all platforms, and do not slow down the browser. This task can start simple and suddenly spawn nasty side effects. This is why we need TestingTestingTesting.

TestingTestingTesting

Google added the Hotwords feature to Chromium and Chrome. It’s a nice feature. But it switches on the microphone and “spies” on the user (this is a convenience feature many users want). For our secure and privacy respecting browser this crossed a line though. This is the reason why we will have to verify that no “surprise !!!”-Extensions get installed by default. One more task for our testers that add verification tasks to the browser to handle our specific requirements. Keep in mind: Chrome and Chromium already have very good unit-tests and other automated test cases. We just need some extra paranoia. That’s the job for our testers in the team.

More transparency

We will write blog posts covering all the features. The attacks they block, their weaknesses, what we did and will be doing to improve them. We will offer you a guided tour Down the Rabbit Hole. Go with us as far as you dare.

TL;DR:
There is so much we can do to improve the browser; without touching the core.

We reached the bottom of this specific Rabbit Hole.

Thorsten Sick

#content .entry-content
.bq{width:100%;border:1px
solid #dde5ed;margin-top:0px;margin-bottom:25px}#content .entry-content
.quest{margin:0px;font-weight:bold;font-size:16px;text-shadow:0px 1px 0px #f8fafb;padding:6px
11px;background:#eaeff5;border-top:1px solid #f4f7fa;border-bottom:1px solid #dde5ed}#content .entry-content
.text{line-height:19px;margin:0px;padding:10px;font-size:14px;background:#f8fafd;color:#758fa3}#content .entry-content .text
p{line-height:19px;background:#f8fafd;font-size:14px;color:#758fa3}

The post Avira’s Secure Browser: Plans and Tactics (Part 2) appeared first on Avira Blog.

Avira

A Workshop with Avira Beta Community Members

Leave a comment

We were excited to welcome in Tettnang Beta testers from USA, Italy, Germany, Greece, China & Malaysia.

The members we invited to this workshop are the most active beta testers in our Antivirus for Windows Beta project and they were chosen based on the quality of their feedback and the number of forum posts or bug reports they provided.

Although they contribute to the Avira Beta Community out of their own interest, most of them are also our customers, making the information exchange even more interesting.

What happened during the 2 days?

We offered the participants a detailed tour of the Avira Protection Lab, giving them the opportunity to meet the people behind our products. In order to provide them with a technical overview as well, our experts showed them how we are visualizing the digital threats in real time. They even had the chance to hear everything about our vision as company directly from our CEO, Travis Witteveen, and meet the company founder, Tjark Auerbach.

Throughout the workshop, most of the discussions were carried around the Avira products, the current threat landscape, but we also focused on global privacy and security topics.

We collected feedback from our guests and placed them under several categories of which Features, Usability, Product ideas and also Problems resolution were the most discussed ones.

While we were happy to discover that all participants agreed that the anti-malware technology used by Avira is one of the best in the world, they seem to think we still have some work to do to improve the product usability.

ConsiderinGarden Party Photog the number of photos shared on social media, our guests seem to have enjoyed the Avira experience. As for us, we have our To Do list before the next Beta Testing Community Workshop we are looking forward to organize next year.

Thinking about joining the Avira Beta Testing Community? Click here to register now.

The post A Workshop with Avira Beta Community Members appeared first on Avira Blog.

Avira

Avirans know how to party

Leave a comment

An event to remember

Several hundred employees and their families gathered Friday evening for this year’s Schrebergarten-themed event. (‘Schrebergarten’ is a garden style named after the late Dr. Daniel Gottlob Moritz Schreber.) Live music, wafting aromas of grilled meats and vegetables, an open bar, gnome-themed photo opportunities, table tennis, a play area for the children, and other mini-gatherings made sure that there was something for everyone.

20150710_181722_resized20150710_212034_resized

Not only did the party warmly welcome all of our ‘newbies’ hired within the last few months, but it was also a special treat to have so many of our Avira colleagues join us from the Romania office. Normally, they celebrate with their own summer party in Bucharest, but this year brought a couple dozen folks to Tettnang for a long-awaited Avira vs. Avira football game that occurred the day before.

20150710_231138_resized

The region’s charm

Founded iiPhone 003n Tettnang (first mentioned in 882 AD), Avira’s headquarters is surrounded by hundreds of acres of rolling hills that produce a very fine beer hop. Less than 10 kilometers away, Lake Constance (German: Bodensee) offers sunbathing, swimming, boating, and other water sports (which more than a few Avira employees took advantage of the next day after the party). And Friedrichshafen, beside the lake, offers shops and creative art displays, with enough cultural presence that a Russian ballet company from Moscow is on the schedule in coming weeks. It’s no wonder that Avira is one of the region’s biggest employers … I mean, who wouldn’t want to live and party here?!

iPhone 062 iPhone 120

Check Avira job postings for Tettnang and other locations.

The post Avirans know how to party appeared first on Avira Blog.

Avira

In Memory of One of Gaming’s Greatest Figures

Leave a comment

Avira would like to offer our condolences to the family, friends, and colleagues of Nintendo CEO Satoru Iwata. He began with Nintendo as a director in 2000 and in 2013 was appointed CEO of Nintendo of America Inc. He passed away on 11 July 2015, after helping to bring joy to the hearts of millions of gamers around the world.

The post In Memory of One of Gaming’s Greatest Figures appeared first on Avira Blog.

Avira

Avira’s Secure Browser: Plans and Tactics (Part 1)

Leave a comment

The Gordian knot

In order to have a secure browser, security issues have to be fixed in a certain time frame. This sounds logically, right? For us that’s only a few days after we get to know about them. Chrome fixes vulnerabilities with every release, so we are also forced to release in sync with the Chrome releases. But every change we make in the Chromium source code causes merge conflicts. When changes made by us (and which are Avira specific) and changes made by Chromium developers overlap our tools cannot combine them together. After about 150 changes we had one conflict per week. This meant spending hours untangling code.

The sword to slice through the knot: We will not introduce differences to the Chromium code.

Let’s see the browser more like a Linux distribution (Ubuntu, for example). We select the best tools. Combine them. Maintain them. Optimize them.

Open Source Extensions

There are awesome security extensions for browsers out there. Let’s just invest some man-years, copying their features. We can make closed source versions of those extensions which are almost as good as the original – but OURS!

… just kidding …

We decided to say ‘hello’ to the communities and explained our plans to them. We already started to contribute and will contribute even more (we struggled with the foundation for the browser longer than expected, so we are a bit behind the original time frame – but more about that in another post). The first extensions are integrated, more are upcoming and planned. Efficient engineering. A win-win situation.

Contributing to Chromium

Only code differences between our browser and Chromium cause issues. If we want a security feature and contribute the code to Chromium we do not have differences nor merge conflicts. We accidentally protect more people than we have to, but nobody is perfect. 😉

We already did contribute a stash of changes that allow simpler branding (see below). But the HTTPS-Everywhere guys alone have a wish list of 2-3 large Chromium code changes. Our next steps will be to extend the extension programming interface (API) because we want more information available in the extensions. For example right now the encryption details (used cypher suite, Certificates) cannot be seen from an extension. That means that something like Calomel cannot be written for Chrome so far.

Contributing to 3rd party code

Chromium contains more than 100 third party libraries. They can contain vulnerabilities, bugs and flaws. When we find something we fix it and send the patches upstream (= to the authors). We are currently experimenting with the best way to release as many fixes per week as possible. As soon as we have figured out a good solution, we will inform you via another blog post.

Our own extensions

Of course we already integrated ABS (Avira Browser Safety) and our Safe Search. This is a no brainer. So let’s just move on.

Our external tools

Right now we plan on integrating our AV scanner into the browser. We already scan with the WebGuard, but the future of the internet is encryption (more HTTPS, o/). Webguard is a proxy, and scanning encrypted traffic with a proxy causes lots of crypto-headache. Luckily the browser does decrypt the data (it has to) as soon as it gets there: Scanning the content of the decrypted data packages directly inside the browser solves said crypto-headaches.

As of now WebGuard is fine. But of course we already plan for the future. When the future is here we will be ready – with scanning abilities in the browser.

This above are only about 50 % of what we plan on doing. Stay tuned for two more and rather advanced tactics that we plan on using and which will be described in the next blog post!

TL;DR:
There is so much we can do to improve the browser. Without touching the core.

Halfway down the Rabbit Hole. Time for a break.
Thorsten Sick

The post Avira’s Secure Browser: Plans and Tactics (Part 1) appeared first on Avira Blog.

Avast

Welcome to the Team, Remotium!

Leave a comment

I’m glad to announce that we have acquired Remotium, a leader in virtual enterprise mobility, headquartered in Silicon Valley. Remotium’s award-winning and patent-pending technology, the Remotium Virtual Mobile Platform (VMP), provides enterprises with secure access to business-critical applications from anywhere and from any mobile or desktop device. With this product, corporate mobile users have all their personal data and apps resident on their mobile (iOS or Android) while all their corporate data and apps reside and execute on a server and are only displayed on the mobile. This is the perfect fit for bring-your-own-device (BYOD) environments.

Remotium‘s mobile solutions address the needs of modern enterprises. As more and more companies support BYOD policies, the question of how to implement these policies efficiently and securely is top of mind for everyone. As people bring their own devices to work, the lines between business and private data become blurry. In a study, IBM found that millions of people use dating apps on company smartphones, which could expose themselves and their employers to hacking, spying and theft. Out of the 41 dating apps analyzed by the researchers, 26 had medium or high severity vulnerabilities.

With Remotium’s technology, companies have the visibility and security needed to ensure data integrity and corporate compliance. At the same time, users enjoy increased privacy, as well as apps that look and feel consistent across mobile and desktop platforms. Remotium was named “Most Innovative Company” at RSA® Conference 2013 and won the Best of Show award at Interop Tokyo in June 2015.

With this acquisition we are expanding our mobile offerings into the enterprise space. Although our near-term approach with Remotium is to make the products successful in the enterprise market, we also see a tremendous opportunity to leverage this innovative technology within our traditional consumer and SMB markets.

We are pleased to add the Remotium staff to our team of more than 600 Avast employees – together we will further accelerate Remotium’s growth and expand its capabilities across enterprise mobility platforms.

Avast

Avast Browser Cleanup removes unwanted browser add-ons

Leave a comment

Most Internet users are familiar with this problem all too well: After downloading a video player, Java, Flash updates or other software, the browser has suddenly changed. New buttons and icons in all colors and sizes along with an URL entry bar take up valuable real estate on your browser. The browser runs noticeably slower – and the results look different. Most annoying is that the advertising becomes more prominent.

Our free utility gets rid of annoying toolbars and restores hijacked searches.

Over the past two years, Avast Browser Cleanup has identified more than 60 million different browser add-ons which are often bundled with other free software, such as video players, Java and Flash updates. These toolbars typically occupy the horizontal space below a user’s browser and can include buttons, icons, and menus. Despite removing and re-installing a browser, toolbars will often remain, which is a behavior similar to malware.

 “We’ve entered the decade of unwanted add-ons — Google is now cracking down and removing ad-injecting toolbars from its Chrome store. Avast detects these toolbars and many more and is focusing on helping users battle browser toolbars that are one of the biggest consumer security outbreaks since spyware,” said Vince Steckler, Chief Executive Officer of Avast.

While not malicious per se, browser add-ons that come as toolbars can hijack and switch a user’s search preferences and can be extremely difficult to remove once installed. Avast Browser Cleanup removes these unwanted toolbars from Google Chrome, Mozilla Firefox, and Internet Explorer and lets users restore their search engine preference. Previously available as a feature in Avast Free Antivirus, Avast Browser Cleanup has now been made available as a new, free stand-alone product.

The new version of Avast Browser Cleanup includes improved browser compatibility, support of the latest browsers, more homepages to choose from when resetting the browser, and more aggressive detection of toolbar protectors that make removal difficult. Additionally, Avast Browser Cleanup now runs in the background, notifying the user when it detects a potentially unwanted or malicious toolbar.

Are you an Avast user? You already have Avast Browser Cleanup.

Avast Browser Cleanup is integrated in all Avast antivirus security products, including the free version.

Use another antivirus product? You can use stand-alone Avast Browser Cleanup.

If you don’t use Avast as your antivirus protection, Avast Browser Cleanup can be downloaded as a free stand-alone software.

Avast

CryptoWall joins forces with click fraud botnet to infect individuals and businesses alike

Leave a comment
Newest CryptoWall variant enters systems through a click fraud botnet.

Newest CryptoWall variant enters systems through a click fraud botnet.

Earlier this year, we told you about the return of CryptoWall, malware that encrypts certain files in your computer and, once activated, demands a fine around $500 as a ransom to provide the decryption key. These kinds of financial fraud schemes target both individuals and businesses, are usually very successful and have a significant impact on victims. The problem begins when the victim clicks on an infected advertisement, email, or attachment, or visits an infected website.

Recently, a click fraud botnet with ties to CryptoWall has been discovered. The malware, nicknamed ‘RuthlessTreeMafia‘, has been being used to distribute CryptoWall ransomware. What first appears as an attempt to redirect user traffic to a search engine quickly mutates into an alarming threat as infected systems begin to download CryptoWall and system files and data become encrypted, rendering them useless by their owners. Click fraud and ransomware are two types of crimeware that are usually quite different from one another and typically don’t have many opportunities to join forces; therefore, the result of this unlikely yet powerful collaboration can be detrimental to its victims.

In a public service announcement issued on June 23, the FBI warns of the continued spread of this variant of CryptoWall that has the potential to affect not only individuals, but also government entities and businesses. The report reads:

“Many victims incur additional costs associated with network mitigation, network countermeasures, loss of productivity, legal fees, IT services, and/or the purchase of credit monitoring services for employees or customers. Between April 2014 and June 2015, the IC3 received 992 CryptoWall-related complaints, with victims reporting losses totaling over $18 million.”

The uncovering of this most recent CryptoWall variant also goes to show just how creative cybercriminals can be when coming up with ways to get their malware onto people’s systems. A simple click fraud botnet compromise can now lead to a potentially serious ransom attack.

How to stay safe against infection

  • Go with your gut. Don’t click on any emails or attachments that appear as suspicious or unfamiliar to you.
  • Enable popup blockers. Popups are a popular way for hackers to spread malware. To eliminate the chance of accidentally clicking on a popup, it’s best to prevent them from appearing in the first place.
  • Educate employees about the dangers of malware. It’s crucial that SMBs teach their employees about the risks that malware pose to their business. Hold regular workshops to educate employees about common malware attacks, such as phishing emails, and how they can stay safe against them.
  • Always use antivirus software and a firewall. It’s crucial that you download and use antivirus software to best protect yourself against malicious attacks. For the highest level of protection, regularly make sure that your software is updated to the latest version.

 

Avira

Shopping via Selfie is the next thing …

Leave a comment

Now the favorite past time of some (namely taking selfies!) might actually become a legit payment method for MasterCard users. The company is experimenting with a feature called ID Check, which would scan your face (or your fingerprint, depending on what you choose) in order to approve an online purchase. Basically they are trying to go full blown biometric.

Ajay Bhalla, the MasterCard executive who’s in charge of the new payment methods told CNN: “The new generation, which is into selfies … I think they’ll find it cool. They’ll embrace it.“

Why MasterCard would do something like that? Definitely not only to please us youngster, but also to cut down fraud, it seems. The US trial is supposed to start very soon with a limited customer base of 500. The launch will follow sometime after that.

If you’re afraid that you’ll need a selfie stick in order to make payments with your MasterCard in the future, don’t worry too much: The way the system is described you’ll just install the MasterCard app, purchase something, and once you want to pay a pop up appears. Now you can choose to complete the payment with a fingerprint scan or via said selfie. According to CNN “you stare at the phone — blink once — and you’re done. MasterCard’s security researchers decided blinking is the best way to prevent a thief from just holding up a picture of you and fooling the system.” Easy peasy, right?

Well, let’s see how it will work out and what’s next: Bhalla also said that MasterCard is experimenting with voice recognition and approving transactions by recognizing your heartbeat …

The post Shopping via Selfie is the next thing … appeared first on Avira Blog.