I know the Avast & Kaspersky guys are on this forum.
You must assume that this process has also been compromised. I will say again, ONCE THE MACHINE IS INFECTED, they is nothing any product can do to create a process (like IE/ custom chrome) in a safe manner. I think these two companies are promoting dangerous behavior and putting their users at risk. Giving the users the impression that its OK to do financial transactions etc., even if they have reason to believe the machine is infected, simply becuase the "SAFE ZONE" will protect them, is VERY DANGEROUS. Yet, here we have companies like Avast and Kaspersky claiming that they can create a Safe Zone on an infected machine. Think about this - the system is totally infected, possibly with some of the most sophisticated malware like zeus, ZeroAccess, Cidox, TDS etc., many of which are capable of injected DLLs into any process they please, INCLUDING THE BROWSER. However, what Avast (and Kaspersky) are claiming, is that even if the malware bypasses the security product layers, it will still not be allowed to steal credentials (user-ids, passwords) from transacations conducted within the safe zone. They are not 100% fool-proof and never will be. Security products aim to block malware from infecting your system. However, let me explain why this is different. Cyber Security Partners is a trading group of Marketing Source Ltd a multi-award-winning integrated marketing services company and UK leader in its field. We handle sensitive data and intellectual properties from global organisations, each and every day.Very valid points. As these vulnerabilities do not exist in the Chromium base, users would have arguably been safer by not using the product at all. The protection, which exists in the original Chromium, was not present in SafeZone, making it possible for an attacker to ultimately construct a payload that can read local files on a victim’s machine. Would users be better off sticking with the main Chrome browser instead? There is, however, a greater need for transparency with 3 rd parties who build on Chromium thinking it’s automatically going to inherit the security reputation of Google’s main browser.
EXPLAIN AVAST SAFE ZONE CODE
It is their duty to identify any issues in the SafeZone code before the bad guys are able to exploit it. Chromium is a rapidly updated project and vendors such as Avast need to keep pace with the fast release cycle. There is no excuse for missing this issue. Should the firm have spotted the issue earlier? Nevertheless, this doesn’t take away from the fact that it is an avoidable issue and, as such, entirely unacceptable. A number of other companies, including Comodo and Malwarebytes, are also on the Google hit list for poor implementation on top of Chromium that has generated security flaws. Sadly, Avast is not alone in its failings.
This type of issue should have been easily flagged in product testing. Quite frankly, an IT security company like Avast should not have fallen victim to a hole in the Chromium security chain. This type of vulnerability is due to rapid release cycles and inadequate security testing. How could such a flaw have happened in a “secure” browser from an IT security company? Chris Underhill Head of IT and Security at UK-based cyber security firm, Cyber Security Partners have the following comments on the Avast SafeZone flaw.Ĭhris Underhill, Head of IT and Security at UK-based Cyber Security Firm, Cyber Security Partners: