David F. M.

  • Content Count

  • Joined

  • Last visited

Community Reputation

2 Neutral

1 Follower

About David F. M.

  • Rank

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Thank you for advice. The careful use and awareness play a significant role in the user's safety. However, my love to know and compare leads to me know the best. What can I do?! I was ransom-wared with Cerber in December so I dedicated tons of hours investigating the case, tech info on malware, security suites, products, safe browsers, etc. So when I investigated browsers I came to Safe Browser Comparisons and I found these and collected info from a few websites. As for the article entitled HTTPS interception: What Emsisoft customers need to know, I got the idea that HTTP interception tries to force this type of interception (= interference in connecting to websites) through detailed analysis of all user's web traffic leading to the encryption being not end-to-end (user-to-website) The local antivirus scan proxy has to simulate web servers perfectly down to the tiniest detail in order not to weaken the encryption chain. Here is where implementation mistakes are easily made and the security problems described in the earlier mentioned study arise. As for the paper which is attached to the article, https://zakird.com/papers/https_interception.pdf, I admit that I may not be able to read it carefully to summarize it accurately. I searched the idea and found a summary here: Study shows that poor HTTPS interception is compromising security and putting users’ data at risk https://www.egress.com/blog/study-shows-that-poor-https-interception-is-compromising-security Here are the findings of the same study you refereed to: A new study has shown that HTTPS interception, the practice of decrypting and scanning HTTPS connections to monitor traffic for security vulnerabilities, is a much more common feature in security software processes than first thought. The group of researchers behind the paper ‘The Security Impact of HTTPS Interception’ also showed that the devices and software that perform HTTPS interception also significantly reduce the protection offered by HTTPS. By terminating the existing Transport Layer Security (TLS) connection and replacing it with a weakened implementation, the overall safety of users’ data is put at risk – with potentially serious consequences. Also here: Alert (TA17-075A) - HTTPS Interception Weakens TLS Security https://www.us-cert.gov/ncas/alerts/TA17-075A I'll try to study the articles in a simple way. I am a Mozilla Firefox fan so I included it at the end of the list of specially designed ones with the extensions on which I found multiple recommendations even in the Heimdal Security Blog. makeuseof, etc. uBlock origin is my favorite. I did not use Lastpass or other free PW Manager till now. Unfortunately, some questions occurred to my mind: 1 - Does this apply to HTTPS Everywhere add-on? Does it spy and store / send on my web traffic? 2 - Does this apply to any or all of the above allegedly safe browsers? Which one is more authentic? 3 - Does HTTPS interception itself have a weak point in it without being targeted by security software or add-ons? 4 - How can as an end-user with nearly zero expertise in the field of complicated securuity measures and software comparisons to test this myself?
  2. Questions about Safe Browser First of all, hello everybody in Emsisoft. I hope you are all fine. Introduction We all know that the dangerous threats coming from unsafe browsing are beyond description these days so there are some options to choose from given by companies other than Mozilla (Firefox), Microsoft (IE & Edge) and Google (Chrome) for the sake of using a safer browser. I have collected some information about them but I want to put my questions in safe hands to find a more trusted answer. The following ones are all respectable but I seek a definite answer to the best ones, two or three ones of all, not one because it may hard to prefer only one above all the rest. My first question is about deciding the top browsers in the following ones: Which browser is safer to use than the others from Commodo Browsers, Epic Privacy Browser, Yandex Browser, Tor Browser, Maxthon Cloud, Avira Scout or Firefox with Hardening extensions? Browsers to Choose From - Commodo Broswers [Two different versions] use Comodo’s SecureDNS servers for Dragon [secure surfing] maintains compatibility with plug-ins, stored passwords, and favourites if desired incorporates a domain filtering system designed to limit exposure to problem domains of the sort used by malware - Epic Privacy Broswer [Version 55 +] Cookie Blocker. Cookies and trackers are eliminated after each session Instant Proxy. proxies all searches through the firm’s own servers (no way to connect an IP address to a search), Secure Search. attempts to prioritise SSL connections wherever possible useful for open Wi-Fi connections Built-in ad blocking. Do Not Track. does not collect data about its users and comes with excellent eschewing plug-ins , compatible with password manager LastPass. - Yandex Browser [Version 17.4.1] DNS Spoofing Protection DNSCrypt technology = Encrypts DNS traffic Ad blocking pornographic advertising Protecting Wi-Fi - Maxthon Cloud Browser [Version] - a totally new type of HTML5-compatible browser that wants to act as a straight replacement - embeds claimed protection from AdBlock Plus including the (for some) contentious ‘Acceptable Ads’ technology, AES256 encrypted synchronisation of files to its cloud services, limits employee access at its end to customer data. - Avira Scout integrates a no track functionality uses Avira's database to let you know when you’re visiting dangerous web sites make sure you’re connecting using secure connections, blocks unwanted scripts from running blocks infected and phishing websites for you - Hardened Firefox [Version 47 +] with Hardening Extensions (HTTP Everywhere + uBlock + No Script + Privacy Badger + Ghostery + Avira Browser Safety + What Else?) HTTP Everywhere = encryption of traffic uBlock = blocking all ads No Script = prevents active scripts on websites unless you grant permission to them Ghostery = blocks web trackers so that companies can’t track activity Disconnect = blocks web trackers so that companies can’t track activity Avira Browser Safety = blocks web trackers so that companies can’t track activity Privacy Badger My second question is about uMatrix Source: http://www.makeuseof.com/tag/completely-secure-11-must-have-firefox-addons-security/ uMatrix is a relative baby when compared to the rest of the addons on this list, but it’s one worth looking into if you want an edge in security. Simply put, it’s a dynamic firewall that allows you to toggle various defenses whenever you want. These firewall options show up as a colored red-and-green matrix and all you have to do is click on the features you want to toggle. It’s a bit more advanced than a straightforward blocker, but the steeper learning curve allows for more power and flexibility in the end. Thank You
  3. Yes This is a cursed Ransomware Mr Kevin I nearly deleted all the infected files Recuva or EaseUS Data Recovery Wizard did nothing at all, no traces were found Look at the above PDF and if it is clean unlike what is reported tell me
  4. Hello Gentlemen, I have this issue about a very important 35-MB .PDF. I finally could get this *.pdf file and for the first time in years I find it for free on a torrent link. If it is clean and the five results in the cloud scan are null, it is OK. I am very anxious to open it I lost a good version of it last December in the Cerber Ransomware Attack If you please send me the cleaned version via my mail to study. = If you disinfect it, thank you. = If you tell me how to disinfect it safely, thank you. = If you tell me how to use it EXACTLY and does not get infected. Upload to Google & Read on-line? Open in the Browser? Simple Virtual Machine Software? Unactivated Windows 8.1 Reader? David Fayez Test URL / Me / Today https://www.virustotal.com/en/file/a8be7ce183859a837095a8de6519aa2ed86e95ce668a3b3d23fea75ef98e8fb2/analysis/1494591017/ Transparent minds_ Narrative modes for presenting consciousness in fiction.pdf
  5. Source Via Yahoo NHS hit by major cyber attack with hackers demanding ransom Laura Donnelly, The Telegraph 15 minutes ago https://uk.yahoo.com/news/nhs-hit-major-ransomeware-cyberattack-143125715.html ========== The full scale of the attack is unknown The NHS has been hit by a major cyber attack, with hackers demanding a ransom. Hospitals are understood to have lost the use of phonelines and computers, with some diverting all but emergency patients elsewhere. At some hospitals patients are being told not to come to A&E with all non-urgent operations cancelled. Several hospital trusts and GP surgeries are reporting problems, but the full scale of the problems is not yet known. NHS hospitals across the North, East and West Midlands, and London are reporting IT failures, in some cases meaning there is no way of operating phones or computers. At Lister Hospital in Stevenage, the telephone and computer system has been fully disabled in an attempt to fend off the attack. Patients have tbeen told not to come to A&E and all non-urgent appointments and operations have been cancelled. East and North Hertfordshire NHS trust said in a statement: “Today the trust has experienced a major IT problem, believed to be caused by a cyber attack. “The trust is postponing all non-urgent activity for today and is asking people not to come to A&E - please ring NHS111 for urgent medical advice or 999 if it is a life-threatening emergency. “To ensure that all back-up processes and procedures were put in place quickly, the trust declared a major internal incident to make sure that patients already in the trust’s hospitals continued to receive the care they need.”Health officials are understood to have declared a major incident and ordered a meeting of national resilience teams. At a glance | High profile hacks NHS Digital said: “We’re aware that a number of trusts that have reported potential issues to the CareCERT team. We believe it to be ransomware.” There are reports that trusts affected include East and North Hertfordshire, North Cumbria, Morecambe Bay hospitals, Blackpool, and Barts Health in London. A number of GP surgeries also say they are also unable to use their systems. One source told Health Service Journal that multiple trusts had been affected by a suspected malware attack around 1.30pm. They said trusts had their computer systems almost entirely shut down. Services affected are thought to include picture archiving communication systems for x-ray images, pathology test results, phone and bleep systems and patient administration systems. The source added: “This will mean delays and a focus on the sickest patients. I’ve seen it once before and we relied on local trusts supporting each other. If truly widespread then that’ll not be an option.” A spokesman for North Cumbria University Hospitals NHS Trust confirmed the trust had been affected by the attack. Also affected is Derbyshire Community Health Services NHS Trust which says it has shut down all of its IT systems following a 'secure system attack'.
  6. Thank you for your excellent explanation. It is a type of securing the transmission of data between the user and the website. You also troubled me!! So if a malware source website is in HTTPS, the infection from the website into the soon-to-be-compromised system will be securely transmitted !!!!!! WOW!!! Alsom if it is a secure website, the login & use experience will be safe. That's the cool part. Here I have a question If the website and the HTTPS connection are both secure, can a hacker hack the web browser during the user's session if other open tabs are not used while using another secure one? I mean just opening the page without activity on it such as psoting, browsing, downloading, etc. I have never saw these words before and do not know what they are .
  7. WFP Does EIS has a buitt-in Traffic Filtering? Man, Heimdal Pro, the software I told you about here, is an antimalware + WF of Traffic, and System Patcher So, EIS can make us use only Heimdal Free Version which is a System Patching Tool without caring about the Traffic Filtering if what you mean is exactly what I understood and exactly the same as the Heimdal Pro Vendors mean.
  8. HTTP = HyperText Transfer Protocol HTTPS = HyperText Transfer Protocol Secure The word Secure means a type of encryption to protect the data transfer between you and the server or website you are using. This secured connection keeps your information safe from hackers. Using HTTPS, the computers agree on a "code" between them, and then they scramble the messages using that "code" so that no one in between can read them. Look at this post I found for you, I'll read it myself https://www.theproblemsite.com/ask/2016/02/http-vs-https-difference I'll give some more information on this after I return home in a few others. I will study this myself.
  9. Thank You MBAM is good but it has a bug that it may not start with all the layers turned on I thought of it not as competitive to EIS as it does not have a firewall and does not provide a full antivirus solution, only a protective sheild with RW, MW & Expliots W the main shield im EIS. It detects well, I may have it as a scanner only if this is not provided as free from Voodoosheild. They say it, Voodoosheild, works well with EIS on their website. Also, RansomeFree is free and is not an antivirus or even antimalware, just a behavior blocker of ransomware. If they say it here that the three will never conflict with each other or weaken protection, I will stick to them. What can I do, I have been destroyed by Ransomware, so I have a lot of security layers without conflicts. There is some confusion I had because I do not want to install a bundle of programs to prevent RW. CryptoPrevent Free, RansomFree, or buy I program such as WinPatrol without knowing its benefits over the first free two. The Word 'Expliot' in Java, Adobe Acrobat, Adobe Flash, etc cause me trouble, SO I loved MBAM WHEN i USED IT BEFORE KNOWING EMSISOFT PRODUCTS. EIS provide me with an excellent protection, but I am still sad I was ransomware'd like that before I knew it or knew other programs. The system was havoc, and the AV was not updated or I do not know what. I hate K & N a lot because they are very heavy and caused me problems and I wil never try them again. A-- captitalized detects a lot of false positives. I used Avt for years. I never used BD, So.., Pa.., F-S, etc All respect to all vendors, they are all eager to protect people their ways & God help them all Here in E Community, they are very generous & their products are absolutely valuable, e.g. smart, light & effective. By the way, EIS detected all possible threats without giving false positives and they did not detect better than it at all, all other threats are nearly FPs. When it was alone on the system, it was very effective and did not cause problems. One thing I wish is that they think of upgrading the EIS with additional modules and solve the crashing problem which I do not know its cause that appears from time to time.
  10. ----------------------------------------------------------------- First Two Possible Enhanced Features EIS 2017 ----------------------------------------------------------------- Hello, Sirs Consider these two features very soon Feature One Feature : Integration of Necessary MS Hotfixes by Default. Related to: Installation & Overall Functionality Personal Rating: High Value. Benefit: Error-Free Complete Installation & Prevention of System Errors. Way: Integration by the Emsisoft Developer Team with further User Involvement if possible / better. Enabling Automatic Necessary Download during Installation Process if possible / better. Other: If they are already available in the full update packages of versions, tell the users and remove the notice. Feature Two Feature : Automatic Scanning of Newly Detected Hardware. Related to: Scanning Module. Personal Rating: High Value. Benefit: Enriching Scanning Features with automaticity. Way: Addition to the Module by the Emsisoft Developer Team with further User Involvement Other: Can be unchecked by user after installation Request I hope other members share thoughts and ratings of these two features to help share them with this marvelous team
  11. Early Report on Version 2017.2 Free Notice 1 - My system is absolutely unstable and the previous versions and other installations of Avira AV [Unistalled but still on!!!], MBAM [Ended & Unistalled], EEK [Portable] & EIS V. 2017.1 [Unistalled as it shifted into Scanner] may be the cause of this havoc. 2 - Also, I did not install the full update package of the Win 64 bit 3 - VoodooSheild & RansomFree are installed and working as Free Versions only 4 - I posted it lest they are bugs Error 1 The EIS crash notice of Internal Processor Error appears No Need to take a screenshot Suggestion The so called 'KB2958399 hotfix' must be integrated into Emsisoft products to put an end to the perplexity odf the users. Contact Microsoft for integrating the two hotfixes of 32 and 64 bit versions in all of the products that match the E versions. Server for server and home for home etc. Or if you have it, integrate to Benefit: Smoother error-free Installation of the products Note It is not available as free one link without e-mails & not available as trusted if we wanted to have it for example on such a website thehotfixshare.net [I never used it] Error 2 Error in Numbers The number of detections is not consisent AS THEY ARE TWELVE NOT TWENTY. The early number was correct Error 3 Lost Log Log file is not activated as usual. I am not able to judge the 142 detections as there are 'No Risk' Flags & things I deleted Error 4 Quarantine & Deletion [If it is an Error] This is perhaps not an error as I understand it, but this to be clear in my posts. The 'Avira Traces' did not detect EIS at all. EIS Free wasa able to detect the Avira quarantined files and flaggging them but did not quarantine them, instead it sucessfully deleted them as I chose
  12. OK I do not understand you fully because know nothing about this in detail at the moment, so I'll have a try to read some basic educational material on it. Scripts work well and mblock origin is very great and works without any problems and allows what I assign using the 'Temporarliy' option. I will read again and try Ghostry. I hope them all the best of luck in all their hard tiring task and that they develop a much more robust protection techniques that come close to perfection. That silly threat aka Ransomware the hackers invented is the worst thing that came to live on the internet since it was invented. I HAVE A TERRIBLE STORY with it. God bless the malware fighters' efforts. Of course because I have nothing to do with programming, I thought that creating a module and adding it to the suite just requires writing codes very well and inserting them into the package!! Sure, testing is a prerequisite. Thank You for this compliment and that encouraged me to re-write my already written suggestions and reformulate what I want to say which best suites a very good staff like yours. I'll post the rewritten suggestions in two or three days and will inform you. I will mention this thread as well.
  13. First, Thanks for the detailed reply, man Second, your words are convincing and real, but you don't get what is behind my words. Why I say so? Third, I loved the smart unobtrusive firewall, proactive defense and light load of EIS, so I wanted to have it with other feaures that I know you can do and integrate safely. If it has a file shredder, a disc cleaner, encrypted safe feature and broswer integration with it, it will seem unparalled to me and other people. I'm going to my work now and I WILL DETAIL EVERYTHING WHEN I COME BACK. WE WILL DISCUSS THEASE AND HOW I ORGANIZE THEM ALL TOGETHER I will assume I'm using EIS & send a foused question about what I want to use But what I meant here is what they call Hardened Secure Browsing. I do not exactly that the solution secures the main default browser or it creates another secure brother. By the way, theay caused me a lot of annoyance untill I used three extensions simultaneously. OMG The buit-in ones are either weak or I do not know how to configure them. Yes, they are so numerous that I got perplexed and did not use any till now but I'm going to complete my survey and form conclusions. In this point in particular, you got me convinced. Completion not gimmick, man. A Solution that does multiple jobs from the same windows. When I said, its your yard, I MEANT IT LITERALLY. Yes, we have got Sir Fabian Wosar with his respected team. So, why they do not create a marvelous module that creates encrypted safes and encrypts individually. They can produce a a highly-secure, hard-to-decrypt, robust built-in Encryptor with file, folder, drive, safe AES encryption. What Else? That's because from the compy I respected a lot. Yes, and that's what I SEEK. The main product with some extra safe-to-use stuff and if possible one another extra protection. I will not use either of them because Kaspersky blocks my connection completely and I do know how to use the firewall and AVG Internet Security did find a lot of false positives. That's despite the fact that they have extra features. And all what I say not about better detections, I want a very secure hardened computer security all in all especially when I saw some very advanced features in MBAM such as Application Hardening, Advanced Memory & Java Protection, etc when I used it as trial. Thanks a lot for these info.
  14. I Never compared or Considered MBAM as competive with EIS, the latter is very special in my view I want a second opinion scanner not a malware scanner. No scanner found better than EIS. What other scanners detected were nearly all false positives. Also, I did not list what I want to buy [EIS] with the OTHER products WHICH ARE SECONDARY IN MY OPINION EIS = Full Antivirus + Antimalware + Antiransomware + Firewall + PC Drives Protection MBAM = Antimalware & Anti-expliot Protection Does EIS have Expliot Protection? -------- I do not understand this The "protection" you're referring to is to not run outdated software that can be exploited (via EK for instance). Do you mean not all un-updated software pose expliots?