LandzDown Forum

Ad-Aware is a poorly written anti-spyware program from Lavasoft. Running
it gives you a false sense of safeness. There can be done numerous attacks
against this software. I'll show some of the problems and attacks in this
write-up. Here's just a summary of the most visible problems I've run into.

1. Definition file
1.1. "Encrypted" with xor \
1.2. Packed with ZIP with simple password - trivial to intercept def
updates and change the defs
to make the malware invisible
1.3. No checksum in the def file /
1.4. Big redundancy in the def file
1.5. !!! Multiplying the number of entries in the def file with constant
1.46 to make it look it has more definitions !!!

2. Program
2.1. Poorly written checksum algo
2.2. Poorly written scanning algo (slow as hell)
2.3. CSI works only for in-memory images and is useless

You want the proofs? Read the following text ...

Read more


Your thoughts?  

Is this the same Roy Batty who lead the renegade Nexus 6 Replicants in Blade Runner?

Seriously, though, who is this author, and do they have any credentials?

  corrine, i'm confused again.
on the SPYAD site it says: "My recommendation is to use but ONE program to add sites to your Restricted sites zone. Using multiple programs to add sites to your Restricted sites zone leads only to overlap, conflicts, and confusion without necessarily increasing your level of protection."
* QUESTION: Does this current set-up protect me, or would addtional apps help?
i'm using - SPYBOT (TEA-TIMER is ON), SPYWARE BLASTER, ADAWARE, SYMANTEC FIREWALL, SYM/NORTON AV & roger karlsson's BAZOOKA. (i use HIJACKthis, too, but not regularly like the others.)
* am i right that any other REAL-TIME protection could conflict with TTimer? that any other app to add sites to RESTRICTED ZONE might cause conflicts, etc?
 * i was under the impression i had good protection with this setup, and adding to it might cause conflict issues.
 

Don't shoot the messenger    I've been using Ad-Aware for over 3 years now and wouldn't consider having a computer without it onboard. I figured I should bring that article to the staff's attention here, since you are the experts on the program.

Corrine, thanks for the links. I'm familiar with all of them except StartupMonitor. Looks like I have a new toy to play with. 


Best regards,

Windsor

real time programs can conflict
but like aaw free is NOT realtime but aaw + is you would be safe with the free

so you won't get into trouble unless you are using real time programs


now ie-spyad and spyblaster can "conflict" one will say one is a good site and the other will say it is bad so things can be removed from one list by another !

you can load your system up with so many programs to protect you , that the whole day is spent on updates !

if you use a SAFE browser and keep it current, control scripts and active X , watch your e-mail, have a few good programs you are safe ! that is on top of a  GOOD firewall and anti-virus!

i drive my car with a seat belt on and cautious driving. but if i wanted to be safer
i could get a 5 point harness, roll cage/bullet proof glass/brain bucket and be safer but is it worth all that?

the more programs you install the higher chance for a hidden conflict, and that much more to learn how to interpet what it is saying !
so if you want to be safer use firefox and "no scripts"
scumb writers want to hit as many systems so they write for IE/OE and windows systems
so i use linux/firefox/thunderbird and am safer..but the buzzword is safer !

if you want a safe computer
1. get offline,remove all ways that data can be entered to your computer ( drives,keyboard,mouse)
but how much can you enjoy your system like that?

Perhaps now though, you can ask them at their all own super-duper support forums;

http://www.lavasoftsupport.com

Steve was not with Lavasoft "in the old days" so whatever happened in the past really has nothing to do with what Steve is attempting to do now.  The forum should help the Plus & Pro license holders who have complained about the poor email support.  Note that forum support is provided by LS employees not volunteers. 

 

Check the member list -- a lot of old friends have signed up.  I think because AAW is one of the "oldies" there is a draw, rather like a magnet to the North Pole.  The point, however, is that any help provided there is not about Lavasoft or Lavasoft Management.  All help is for the users -- whether they come here, post at Freedomlist or elsewhere, it is our helping them to the best of our ability.  (Now I've got to go fix my smitRem instrutions at FL.  I was updating the instructions to S!Ri's tool yesterday and managed to close the tab -- all my work gone.)