MSE reviews

[brucey034]

Why is it that every recent review site I have looked at slates microsoft security essentials.
No zero day protection etc, etc.
Would someone with some more knowledge kindly put my mind at rest.

 

[Blue160]

There's a sticky at the top of the forum for AV questions.

 

[Craiig]

I have also heard a lot of mixed opinions regarding MSE,
but Comodo seems to be good to me currently

 

[brucey034]

There's a sticky at the top of the forum for AV questions.

oops forgot about that.

 

[Destination]

What products claim zero day protection?
By its nature it is hard to see how any product could protect against an unknown exploit, being eploited before anyone knows about it, and before anyone can do anything to stop it?

 

[stoneman]

What products claim zero day protection?
By its nature it is hard to see how any product could protect against an unknown exploit, being eploited before anyone knows about it, and before anyone can do anything to stop it?

This is as good as it gets IMHO Defensewall
http://www.softsphere.com/

 

[KIA]

Shareware, 30-days full-functional trial.

 

[StringJunky]

From what I've read MSE, Avira and Avast all have their own strengths and weaknesses and is dependent on your own wants and system which is best...all three of these are good. I would say choose one of these for real-time protection with SuperAntispyware and Malwarebytes as on-demand scanners (free versions) for weekly scanning or as required.

SpywareBlaster, which puts killbits in the registry in virus-vulnerable places for Internet Explorer and Firefox, is good to add as well...it doesn't actually use any resources.

Rapport, which is standard amongst a lot of UK financial institutions for their customers, stops Key-logging and screen-logging when you exchange information.

Last but not least, I think the most important defence is to have a good backup strategy for when everything fails. I use Macrium Reflect Free to make images periodically of my system. This last technique covers your possible “zero day” events.

The answer is not to have a single solution but a complementary suite of tools, like I’ve just mentioned.

 

[brucey034]

Personally I use MSE, Malwarebytes and Superantispyware and have never had any issues apart from the odd tracking cookie etc.
But my original question was why do a lot of reviewers give MSE such a bad rap ?
I do think a lot of it is Microsoft hate.

 

[nightmare99]

Rapport, which is standard amongst a lot of UK financial institutions for their customers, stops Key-logging and screen-logging when you exchange information.

This is a terrible software product that I find really slows machines down, also it provides little protection and can be easily bypassed. There is a really funny video on youtube where a security expert shows how to bypass the rapport keyboard encryption.

 

[StringJunky]

Personally I use MSE, Malwarebytes and Superantispyware and have never had any issues apart from the odd tracking cookie etc.
But my original question was why do a lot of reviewers give MSE such a bad rap ?
I do think a lot of it is Microsoft hate.

You are probably right as I can't see anything to dislike about it personally. It doesn't get in your face or nag you if everything's ok which is a big plus for me. I've used it exclusively from day 1.

This is a terrible software product that I find really slows machines down, also it provides little protection and can be easily bypassed. There is a really funny video on youtube where a security expert shows how to bypass the rapport keyboard encryption.

I beg to differ, just checked in Task Manager > Processes that it's only using 20MB of memory.

If there was a loophole, I'll bet a Pound to a Dollar that it's been long since closed. These banks use it for example:

Bank of America, INGDirect, HSBC, NatWest, The Royal Bank of Scotland, CIBC, Ulster Bank, First Direct, Santander, Standard Bank of South Africa, Scotiabank, BMO,[4] and The Co-operative Bank, NatWest.

At the end of the day it's just one facet of a multi-layered approach. Hopefully, with as many bases covered as possible, you are safer...the emphasis is on relative protection rather than absolute which is impossible because the situation is constantly evolving.

 

[theheyes]

You're right in saying a multi-layered approach is best, but a spade is a spade and rapport is ****.

In regards to MSE, it's not the outright best at detection but it's good enough for a lot of people. I prefer MSE to an alternative that grinds the system to a halt during a scan and gives false positives every now and again.

 

[StringJunky]

but a spade is a spade and rapport is ****.

Can you support that view with any qualified links that I can look at? What anti-kelogger/screenloggers do you know of that are more secure?

 

[nightmare99]

Can you support that view with any qualified links that I can look at? What anti-kelogger/screenloggers do you know of that are more secure?

I have come across many computers that have been completely nobbled by rapport.

 

[theheyes]

You can find plenty of rapport horror stories with a quick Google, so I thought I might just pick at Trusteer's own literature for grins.

Rapport is a lightweight security software solution that protects web communication between enterprises, such as banks, and their customers and employees.

My first encounter with Rapport was when somebody brought a domain laptop to me with concerns that it might have malware on it. I was inclined to agree when I saw IE locking up, a modified address bar and generally running like molasses.

Rapport implements a completely new approach to protecting customers and employees. By locking down customer browsers and creating a tunnel for safe communication with the online website, Rapport prevents Man-in-the-Browser malware and Man-in-the-Middle attacks. Rapport also prevents phishing via website authentication to ensure that account credentials are passed to genuine sources only.

Um, SSL and trusted certificates?

Rapport’s unique technology blocks advanced Trojans including Zeus, Silon, Torpig and Yaludle without the need to constantly update and chase the different variants of these Trojans. Its proprietary browser lockdown technology simply prevents unauthorized access to information that flows between customer and employee websites regardless of whether these attempts were generated by new or known Trojan variants.

That is a bold, bold claim. In their own words, Rapport blocks advanced Trojans without the need to constantly update and chase the different variants of these Trojans. It seems every other security software vendor is using the wrong model. But wait...

Advanced automatic update mechanisms allow Trusteer to react immediately to new threats.

So.... which is it? Column A or column B?

Trusteer’s technology protects the weakest link in the online banking security chain – the browser.

Says Trusteer, and almost nobody else. The browser is a security concern but it's nowhere near the top of the list.

Rapport is based on... proprietary security technologies that can easily scale to protect customers and employees against the rapidly growing threat of malware and online fraud. Its lack of dependence on heuristics or signatures ensures this scalability.

Oh, so maybe it is column A after all.

Rapport locks down all programmatic interfaces to sensitive information inside the browser while it is connected to a protected website. Additionally, Rapport protects the browser's memory and prevents any pieces of code injected into the browser's memory from capturing or modifying sensitive information.

Only after it has encouraged a user to install a piece of software they didn't ask for off the internet with admin rights, otherwise you just get the watered down user land variant.

If running Rapport makes you feel safer and causes you no issues, then by all means carry on. To be fair, I hardly get problems specifically with Rapport these days so maybe they have sorted out some of the stability issues.

However, in my opinion, the concept itself is so flawed I couldn't honestly recommend it to anybody.