Tag Archives: Technology

Avira

System Speedup for Windows: the whole story

Leave a comment

System Speedup is one of the most appreciated Avira products, as it has improved the speed and performance of millions of devices all around the world. Its ever growing popularity among users is one of the reasons why we decided to add some new cool features for you to enjoy in our product.

What’s new in the latest version of System Speedup for Windows?

Starting this week, users will be able to free up more disk space on their computers but also improve the battery lifespan. Here are the two main updates that our team is happy to announce to all System Speedup users:

  • Power profiles that enable users to select between performance mode, battery saving mode and balanced mode
  • An improved junk cleaner that will help users dispose of even more free disk space on their computers

Today, battery powered devices account for more than 60% of the total number of PCs sold in the world. The new Battery Booster feature in Avira’s System Speedup is there to make sure our users never run out of battery on their portables. Besides making your device run faster, our product now stops your battery draining on things that you don’t need, so that you can use your computer longer, on things that really matter.

Rediscover what a fast PC feels like

The one-click tune-up suite is able to analyze, clean and optimize your system’s performance in just 5 minutes. The results are even more impressive than System Speedup’s efficiency. To name only a few, you’ll get rid of all the junk files and obtain more space for your important data, all the while enjoying the improved battery life of your device. We guarantee you’ll be happy to rediscover what a fast PC feels like even if it’s been several months or years since you purchased your device.

Want to enjoy the System Speedup functionality on your Android device as well? We recommend you try out Android Optimizer, the equivalent app you can download for free in Google Play.

The post System Speedup for Windows: the whole story appeared first on Avira Blog.

AVG

‘Future Crimes’ – A New Book That Takes on the Future of Cybercrime

Leave a comment

“If you control the code, you control the world. This is the future that awaits us.”
– Marc Goodman

As anyone who reads this space knows, I’m a big fan of the Internet of Things, and yet equally worried about security in this brave new world.

A new book “Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It” emphasises these points and makes some suggestions.

What struck me is that many of what crimes Goodman labels as “future crimes” are already happening all around us. From the recent ISIS hack of French TV station to the epic hacks of the past year on major brands from Sony to Target, Home Depot and Chase. We’re definitely already at the intersection of connected technology and cybercrime.

“We’ve gone ahead and wired this world but failed to secure it,” Goodman said in a tweet. “We can but it’s going to be hard.”

Goodman writes about identity theft, stolen data, smartphone hacks, and speculates worryingly about the future. He sees this getting worse, of course, with the advent of smart houses, smart cars, and an increasingly wired world.

The recent wave of cybercrimes illustrates his warnings, and is one of the reasons it’s become a hit. The book was rated as Amazon’s Best Book of the Month in March and is a bestseller on the New York Times “Crime and Punishment” list.

When he writes about the future of technology, from smart pacemakers to 3-D technology, and the shadowy figures out to exploit the weaknesses of these devices, it can read like science fiction. But, as we’re fully aware at AVG, a connected future is rapidly approaching and it’s reality, not fiction.

Goodman does offer some positives, which is what made the book interesting to me: Without action this would be a litany of gloom and doom. He suggests the sharing of information between public and private sectors, something President Obama has been strongly advocating. Goodman also envisions  a “Manhattan Project” type organization combining the best and brightest from the private and governmental sector.

Goodman also says it is crucial to increase the technical knowledge of ordinary people, who use technology on an everyday basis. I think this is a very good idea. From our Clinton Global Initiative Smart User Mission to our Magda and Mo ebook series for children, at AVG we view it as part of our mission to we teach internet safety to the new generation of users coming online.  As Goodman points out, being tech savvy is only going to increase in importance.

Avira

Avira Antivirus is No. 1 in test results

Leave a comment

We have developed the very nice habit of constantly excelling in Independent Labs testing. The latest results revealed by AV-Test and AV-Comparatives confirm it, as both our Antivirus for Windows and our Android Security App receive awards for impeccable detection, performance and usability.

Avira Antivirus Security for Android strikes again

avtest_certified_mobile_2015-03The free Android version of our Antivirus has consolidated its position as the best antivirus software for Android in the most recent AV-Test round of testing. During the “Mobile Security Test” performed in March 2015, Avira obtained a perfect 13/13 score with 100 % detection of the malicious apps used to catch security vendors off guard.

In case you were wondering, the Industry average is somewhere around 99.7% so not missing any of the 3,077 samples is definitely a result worth mentioning.

Regarding its usability and performance, Avira Antivirus Security for Android proved once more that it doesn’t have any impact on your device’s battery life and it doesn’t slow it down either.

No. 1 in AV-Comparatives tests

In the March edition of the Real World Protection Test Avira Antivirus Pro incontestably conquered the first position with a perfect score: 100% detection rates and 0 false positives.

Avira Antivirus test results

Avira Antivirus also received an “Advanced” award from AV-Comparatives, following the most recent File-Detection Test. Avira detected 99.9% of the malicious files, being number one in detection.

Avira Antivirus

If you want to make sure that no corrupted file finds its way through your device, download Avira.

Tweet

It’s all about consistency

We’ve talked about detection, performance and usability as incontestable qualities the users may enjoy in our product. Let us add one more to the list: consistency, especially when it comes to receiving certificates and other types of recognition for our award winning products.

Celebrate with us our outstanding performance and Benefit from a 50% discount on Avira Antivirus Pro using the following voucher code: YE9-DDP-R8X

The post Avira Antivirus is No. 1 in test results appeared first on Avira Blog.

Avira

Avira Antivirus Security for Android – Version 4.0

Leave a comment

Previously discovered bugs have been successfully fixed in the latest version and new features have also been added to the application. You can now lock the applications you use on your mobile devices thanks to the new App Lock feature.

It’s all about performance and security

Although several improvements can be noticed in the design of the interface, most of the updates referred to internal processes and they were aimed at offering Android users the best possible protection. The latest version of Avira Antivirus Security also makes it easier for users to upgrade to the Pro version and thus benefit from a Secure Browsing experience on their Android devices.

Mobile applications secured with Avira’s App Lock

Officially released within the newest version of Avira Antivirus Security for Android, the App Lock feature enables users to protect their mobile apps against unauthorized usage by simply blocking access to them. This comes as an extra layer of protection highly welcomed for apps known to store precious data such as personal information, photos, videos or any other type of sensitive content.

“Our Mobile Development team is proud to offer Android users more than an antivirus application for their devices, an app that treats all privacy aspects equally serious. Data theft can occur under many forms and it is our duty to help the user benefit from extra layers of protection for all sensitive data. The updates in the latest Avira Antivirus Security version, such as the new App Lock feature, work exactly towards this goal: enhanced protection with no extra costs” said Cornel Balaban, Mobile Development Manager at Avira.

FREE Avira Antivirus Security for Android Version 4.0 is available for download in the Google Play Store

Tweet

Let us know what you think about the latest updates and what future changes you would like to see in our app: https://play.google.com/store/apps/details?id=com.avira.android

The post Avira Antivirus Security for Android – Version 4.0 appeared first on Avira Blog.

Avira

The voice of a user – why PUA is a misleading term

Leave a comment

In quite severe cases, not only are additional programs installed but several settings on the computer are changed too, making it behave completely differently. In the worst case, this then means that the computer can no longer be used correctly and must be reconfigured.

The topic of PUA makes the issues with free software particularly clear. If, as a user, I purchase a piece of software, then I expect to get that exact software. No more. No less. Ultimately, I am paying for the effort put into developing the software.

If I download a free piece of software from the Internet, that’s where it gets complicated – because a lot of effort has also been put into developing this software and if the software is good and up-to-date, it is being maintained by someone and is constantly being optimized and improved. This “someone” may want to or only be able to afford to do this occasionally, and if the software is distributed for free, this “someone” needs to earn money in some other way. It doesn’t matter if the developer is an individual or a company. One possible way to pay for the effort put into development is as follows: Additional applications are installed alongside the actual application, and the manufacturers of these additional applications then pay for their software to also end up on the users’ PCs.

The topic of PUA makes the issues with free software particularly clear.

Tweet

Who, then, is still interested in bundled software being installed along with other software? Download portals, i.e., the areas of the Internet where users download software, are opportune places for this. Although these portals offer a “free” service (presenting and providing software) for users, they still need to be financed somehow. It is also here where some software manufacturers are willing to pay for the distribution of their software, a possible source of revenue for the operators of the download portals. The user downloads program A from the Internet and installs it. At the same time, programs B and C are automatically installed alongside it. The manufacturers of programs B and C pay for this, meaning that their software is distributed further, whether the user had wanted it or not. From a financial perspective, this may be a good reason for software manufacturers and download portals to combine further applications with the application that was actually wanted, and install them at the same time. But what’s the picture like for those on the other side – the users?

Bernard has bought a new PC. He is quite familiar with computers, but he is by no means an expert. After a short amount of time, he has got his computer set up in the same way as his old one. Bernard loves filming and wants software he can use to edit small films. After a few searches he finds exactly what he is looking for in a download portal and it’s free! Bernard installs the software. He doesn’t understand why he has to click through lots of different windows once the software has been downloaded. Actually, he was expecting the software to install quickly and easily. But the manufacturer must think that this is the easiest way of installing the software, so Bernard clicks on “Next” several times so that he can test the software as quickly as possible. While the installation is still running, it slowly but surely fills the desktop with more and more icons. “Why does an application need so many icons?”, Bernard asks himself. Again and again, he is presented with further windows which require him to confirm something. It seems strange to him, but the supplier of the software must know why this needs to be done. After 20 minutes, the installation is finally completed. On the desktop, next to the icon for the film editing software, are seven other icons which must come from software that Bernard did not want. As Bernard opens his Internet browser, he hardly recognizes it. The usual search has disappeared, new toolbars are displayed, and everything looks different somehow. His Windows installation, which was still almost brand new just an hour ago, is no longer useable. He only has one solution: to call his son and ask for his help.
“You’ve really got yourself in a mess here”, he says dryly after a quick inspection of the computer. “All PUA”.
“PUA?”, asks Bernard. “What’s that then?”
“Potentially unwanted applications”, says his son. “Programs you don’t actually want”.
“What does it mean by ‘potentially’ unwanted applications?”, replies Bernard. “They are unwanted applications!”

As a user I would like to know what I am getting without having these things imposed on me using various tricks and ruses.

Tweet

Many years ago, the principal of WYSIWYG (what you see is what you get) was “devised”. This implies that what I see as a user is what I get. Sure, the term was introduced in a different context, but it actually suits the current discussion on PUA quite well. As a user I would like to know what I am getting without having these things imposed on me using various tricks and ruses, things which I do not want at all and need even less so. The additional software is not potentially unwanted, it IS unwanted, as long as I as the user have not explicitly agreed that I want it.

The post The voice of a user – why PUA is a misleading term appeared first on Avira Blog.

Avira

Secure your DNS to avoid losing business – Part 3

Leave a comment

What happens if someone “owns” your DNS records

The direct consequence is that suddenly when contacting domain.com and all its subdomains (www, mx, ftp, etc.), some other servers owned by the new owner (legal or attacker) answer.

This disruption in normal operation means a loss of reputation, loss of market share, loss of trust from your customers and last but not least, financial loss for your business.

dns-good
Unaltered DNS records
dns-wrong
Altered DNS records

As can be seen in the above illustration, from the moment in which the DNS records are altered, the company that owns domain.com will no longer control where the traffic goes. The new owner can set up his web server to serve www.domain.com and his email server to serve mx.domain.com. Yes, this means that he can receive all email traffic for that domain.

Owning a black-white list can have even more consequences: the new server can serve whatever fits its needs. Either block any request reporting back that the item should be blacklisted (valid web sites, emails, files, etc.) or allowing everything (marking as good any malicious website, email, file). Fortunately, in such services there are many other controls that make such a task pretty complex.

What can you do to secure your domains?

Yes, there are things which you can do to prevent an attacker from taking ownership of your domains.

Lock your domains

Domain Lock or Registrar Lock is a status which can be set to a domain. When set, the following actions are prohibited by the registrar:

  • Modification of the domain name, including:
    • Transferring of the domain name
    • Deletion of the domain name
  • Modification of the domain contact details

Renewal of the domain name is, however, still possible when this flag is set.

Unfortunately, not all registrars support this functionality. If you want more security, you should choose a registrar that supports this feature. This functionality usually doesn’t come for free, but the price is not very high (10$-50$/month) and it is worth paying, especially if you have a large website or company.

Secure your domain administration information

All registrars allow entering contact persons for various functions. For example, there are some contacts for changing the IP address or deleting the domain and some others for paying the subscription. Make sure you separate them.  Also, make sure that you have a contact email address that is not hosted at the respective domain. Otherwise, if something happens to the domain, you can’t access your email anymore. Remember that all traffic goes to the new owner, including your emails.

If you use some free email servers like Gmail, Yahoo or others, make sure to activate two factor authentication for those accounts.

Set up a good password and make sure you don’t use the address hosted on the domain you try to protect as the recovery email address.

Make it harder for the attacker to get access to your account.

If you have multiple domains, it would be better to host them at different registrars. If one goes down, you can at least use the other ones.

The post Secure your DNS to avoid losing business – Part 3 appeared first on Avira Blog.

Avira

Secure your DNS to avoid losing business – Part 2

Leave a comment

What happens when DNS doesn’t work?

Of course, having a non function DNS causes problems. We have to differentiate between two types of disruptions which have as consequence that the DNS resolution doesn’t work anymore: unintentional and intentional.

Unintentional disruption

In this case, nobody intentionally caused the issue that prevents the DNS service to function correctly. This can happen because of a configuration error or a hardware failure.  A good IT administrator can deal with it rather fast, especially if there is no change in the IP addresses or domain names (it is about restoring). If there are IP or name changes, even if the problem gets fixed on the source quickly, it takes usually minimum 24h for the changes in the DNS to propagate to enough servers so that someone can feel the difference.  Propagation is the way DNS servers exchange information between them so that as many as possible services know how to resolve a certain domain to its IP address. This delay can cause serious problems to your customers and visitors.

Intentional disruption

There are, however, cases when DNS errors are caused intentionally by persons or organizations who want to produce damages to the owner of a domain. This happened many times in the past and even some big companies where hit by this problem (Facebook, Google, Twitter, AVG, Avira, WhatsApp, etc.).

Let’s see how someone can change your DNS records.

Registrar manipulation

DNS is a service, and as any service, there has to be a service provider that offers the infrastructure that host the records (the tables that map a name to an IP address). Such service providers, usually called registrars, are all big ISPs like Comcast, 1&1, Network Solutions and so on. If one of them gets hacked then it is possible to alter the DNS records for any of the domains hosted there. In the past 12 months a couple of big registrars were hacked and this resulted in downtime for many domains.

This attack has potentially global consequences since, most of the time, authoritative DNS servers are affected.

Cache poisoning

DNS cache poisoning or DNS Spoofing, is a complex attack because it targets a certain audience. It is directed against the users that are dependent on the attacked service.  This can happen after an attacker is successfully injecting malicious DNS data into the recursive DNS servers that are operated by many other ISPs. The attacker usually chooses the DNS servers that are the closest to the targeted users from a network topology perspective. The best way to prevent this type of attack is to use DNSSec. If this is not possible, another way to protect the DNS records is to restrict their propagation to only servers that prefer to get fresher information from the Internet instead of caching an entry for a long time (in order to save bandwidth and time).

Legal DNS takeover

While related to the first case which is illegal, this takeover is completely legal (it is enforced by a court order) and it is performed by the registrar directly without consulting the owner of the domain. Recently, in an incident with domains hosting malware in the U.S., Microsoft managed to obtain legal custody of the DNS entries of the well-known service NO-IP Managed DNS. This had as consequence that thousands of innocent users who used No-IP’s service were no longer able to resolve their domains. The customers were using a form of <user-dns>.no-ip.com and several other hosts to reach their own domains. Without no-ip.com, the base domain, no subdomain worked anymore.

This can happen at any time and in any country because the laws are (still) very blurry in regards to cybercrime and what is allowed and what not.

The post Secure your DNS to avoid losing business – Part 2 appeared first on Avira Blog.

Avira

Pwn2Own: Nothing is safe

Leave a comment

Chrome got both its stable and beta versions hacked in just two minutes. Google paid $75,000 for just one buffer overflow in Chrome which allows an attacker to bypass the sandbox.

Apple’s Safari got also hit by using a use-after-free (UAF) vulnerability in an uninitialized stack pointer in the browser and bypassed the sandbox for code execution.

Internet Explorer 11 64-bit was taken out with a time-of-check to time-of-use (TOCTOU) vulnerability allowing for read/write privileges. The attacker evaded all the defensive mechanisms by using a sandbox escape through privileged JavaScript injection, all of which resulted in medium-integrity code execution.

Mozilla Firefox was hit with an out-of-bounds read/write vulnerability leading to medium-integrity code execution.

A team of researchers showed their skills against Flash by using a heap overflow remote code execution vulnerability and then leveraging a local privilege escalation in the Windows kernel through TrueType fonts, bypassing all defensive measures. They were awarded $60,000 for the Flash bug and a bonus of $25,000 for the SYSTEM escalation. Another researcher exploited Flash by using a use-after-free (UAF) remote code execution vulnerability and sandbox escape directory traversal vulnerability in the Flash broker.

Adobe Reader was exploited twice through a stack buffer overflow – once for an info leak and again for remote code execution. The researcher leveraged an integer overflow to exploit the broker, netting him a cool $60,000 USD. For the day, that brings his total payout to $90,000 USD.

The final numbers for Pwn2Own 2015 are quite impressive:

5 bugs in the Windows operating system

4 bugs in Internet Explorer 11

3 bugs in Mozilla Firefox

3 bugs in Adobe Reader

3 bugs in Adobe Flash

2 bugs in Apple Safari

1 bug in Google Chrome

————————————-

$557,500 USD bounty paid out to researchers

As with every Pwn2Own, all vulnerabilities were disclosed to their respective vendors in the  “Chamber of Disclosures,” and each vendor is working to fix these bugs through their own processes.

The post Pwn2Own: Nothing is safe appeared first on Avira Blog.

Avira

Secure your DNS to avoid losing business – Part 1

Leave a comment

What is DNS and where is it used?

What many don’t realize is that there is much more behind it than just name to IP translation (called DNS lookup) and the other way around (that is called reverse DNS lookup).

There are hidden services which are critical for the proper functionality of the Internet like mail, ftp, web  – just to name the most well-known.  All these services are used every day by billions of people, devices and online services around the world without even thinking at them. The only time when they are aware of their existence is, when they don’t function anymore. But before going into this, let’s briefly go through the most important of them: email and web.

Email

Mail transfer agents use DNS to find out where to deliver e-mail for a particular address. The domain to mail exchanger mapping provided by MX records (Mail eXchange) is another example of how DNS works. MX represents the entity (mail server) that can receive email for a domain. The MX record is used by mail servers to exchange emails and it is configured as a subdomain like mx.domain.com. For example, if a user [email protected] wants to send an email to [email protected], the two servers must communicate via their MX records (domain1.com connects to mx.domain2.com), negotiate and agree on certain parameters and then finally exchange the email message.

The first and most important thing that must happen is that the servers are able to contact each other. When trying to contact mx.domain2.com, the mail transfer agent running on domain1.com must be able to locate domain2.com (this is called A-Record). If the DNS resolution for a domain doesn’t work at all (the name to IP address translation doesn’t work) then it is impossible for that domain to receive any emails.

WWW

Ever wondered why do you have to almost always put a “www.” in front of a domain so that you can view its website? “www.“ is actually a subdomain for the main domain and it was historically chosen as an acronym for “World Wide Web” or simply said, the website of that domain. Same as for the email, if the main domain doesn’t get found, then you usually can’t see the website anymore.

Other uses of DNS

There are also other uses of the DNS which are even more hidden than the two mentioned above. Best example for such a service built on top of the DNS are white- and black-lists used to filter good and bad domains, respectively. A service makes a specially created query to a certain domain and get back an answer in form of an IP address (that’s what DNS does, right?). Many services use 127.0.0.1 for when the address is in the list and 127.0.0.2 when the address is not in the list.

Now you know exactly what DNS is used for and where. In our next part we will talk about what happens when DNS doesn’t work, so stay tuned!

The post Secure your DNS to avoid losing business – Part 1 appeared first on Avira Blog.

Avira

The mysterious OpenSSL vulnerability has been patched

Leave a comment

All users of OpenSSL 1.0.2 should upgrade immediately to version 1.0.2a. In the advisory published on their website the OpenSSL vulnerability is called “ClientHello sigalgs DoS (CVE-2015-0291)”. If a client connects to an OpenSSL 1.0.2 server and renegotiates with an invalid signature algorithms extension, a NULL pointer dereference will occur. This can be exploited in a DoS attack against the server.

According to OpenSSL’s Security Policy, a “high severity issue”  includes issues affecting common configurations which are also likely to be exploitable. Examples include a server DoS (like this one), a significant leak of server memory (Heartbleed), and remote code execution.

OpenSSL promises that such issues “will be kept private and will trigger a new release of all supported versions”. They will attempt to keep the time these issues are private to a minimum, but the goal would be “no longer than a month” where this is something that can be controlled, and significantly quicker if there is a significant risk or we are aware the issue is being exploited.

The OpenSSL vulnerability has been reported on February 26th and the fix was released yesterday (March 19th), so well within the limit.

If this was no surprise, this advisory comes with something everyone was expecting: the FREAK vulnerability, which was initially categorized as “low severity”, has been reclassified as “high severity”. This was initially classified low because it was originally thought that servers with RSA export cipher suite support were rare: a client was only vulnerable to a MITM attack against a server which supports an RSA export cipher suite. Recent studies have shown that RSA export cipher suites support is far more common.

The patch comes also with fixes for a dozen or so vulnerabilities categorized as “moderate” and “low” severity.

Our recommendation is to update to version 1.0.2a immediately. Now that the vulnerability is public, it is to be expected that cybercriminals will try to exploit it.

The post The mysterious OpenSSL vulnerability has been patched appeared first on Avira Blog.