I can confirm that we at the Virus Lab “love” product specifications and documentation. My recent experience shows a discrepancy between MSDN and the real behavior of VirtualAlloc.
I’m currently revising and tweaking the memory management inside one of the emulators used in the avast! antivirus engine. The goal of my effort is to bring this emulated environment closer to the real world environment, thus I decided to make the memory management conform precisely with MSDN. But after doing that…. suddenly….. about a sixth of my test set (around 400 malware families in total) refused to emulate deep enough (as usual). And the problem was in VirtualAlloc emulation:
You’ve probably seen applications for generating passwords. For those who have not, this is how the process actually works:
- application for generating passwords is downloaded
- user runs the application and presses the “generate” button
- a string appears that looks something like this: I8kjH9s&ER1()G
- this string is used as a password for his Mail / Facebook / Twitter / …
And now, the user has two options:
- he’ll forget his new password immediately
- to ensure that the new password is not forgotten, he’ll write it down on a sticker and put it on the computer monitor. If the user has other computer-generated passwords, he will place this “my email” sticker on top of the existing stickers.
So what’s the deal? Why am I telling you this? Because in a moment, we’re going to learn how to create secure passwords – and you’ll see that you are going to change passwords more often than you have previously. Because creating passwords can be fun.
There’s a groovy discussion in the world of Apple about the security of Mac OS. I’ve seen this kind of discussion many times and in most cases it had a quite similar scenario. We won’t go through this entire scenario (although it could be fun), we’ll just summarize the core of it with one phrase that pops up in all these debates: “There are no viruses for Mac OS.”
Let’s take a short excursion through the history of Mac infections.
Half of all avast! users are running an older versions of Adobe Reader on their computers that are vulnerable to a variety of malware attacks.
The avast! Virus Lab found that 49.41% of avast users were using the older Adobe Reader versions as of end-April. The number was also surprisingly stable, dropping by around five percentage points from the early March level of 55.71%.
“The numbers were a surprise to us,” said Jiri Sejtko, head virus analyst. Read more…
avast! Virus Lab… I once went to their floor accidentally, thinking it was my floor – it was dark and scary, and so I quickly turned and ran out. These folks are like mad scientists, practicing alchemy in white laboratory coats that are stained with hard-drive smoke and smell of burnt ones & zeros. They’re mostly nocturnal – like cyborgian vampires – and yet they’re always awake, online and available for ‘chat’ or email, even in daylight.
Or at least that’s partly the stereotype I had when I started at AVAST. After meeting and talking with a few “virus guys” at a company party, I realized they’re like every other department here… but just a little more reclusive… and thus maybe a ‘typical’ IT crowd. See here for yourself, as this interview is with a guy whose blog posts get a lot of traffic (even though someone of my IT ‘capabilities’ rarely understands anything he writes about). –Jason Mashak
1. You started at AVAST about 6 years ago, while still attending university – what was it like already working for a top antivirus provider while still a student?
I was a young chemistry student (which seems removed from IT, but even AVAST co-founder Pavel Baudis studied the same subject, at the same university :)) with no previous job experience or references. Most of the aspects of IT (including reverse engineering, programming in various languages, cryptography, etc.) were my hobby, and thus it was no problem to work for ALWIL [former name of AVAST Software, until 2010]. I had no clue what the business was about – it took me roughly a year to fully understand how a two-person project could become a successful company Read more…
You’ve been asking for it… so here it is: As of the latest update to our avast! 6.0 series (earlier this week), avast! WebRep is now available in the Google Chrome browser.
avast! WebRep is based on information received from the global avast! user community related to the content and security of visited websites. Read more…
Virus definition update 110411-1 contained an error that resulted in a good number of innocent sites being flagged as infected. Generally, all sites with a script in a specific format were affected.
Our virus lab staff discovered the problem quickly after releasing the bad update and immediately started working on a fix. The fix was released about 45 minutes after the problematic update and has version number 110411-2. Anyone who still has this problem is kindly asked to manually update the definitions to the latest version, e.g. by right-clicking the avast taskbar icon (the orange (a) ball), and selecting Update -> Engine and Virus Definitions.
We sincerely apologize for the inconvenience. As this typically only affected remote sites (and not local files), simply updating to the latest definitions should completely solve the issue (no local files have been quarantined).
I don’t know much about Lukas, other than that he is respected and liked by his colleagues (or they wouldn’t have suggested him as a potential interviewee). On facebook, I discovered he has an interest in photography. In communicating with him for this interview, I found him to be unassuming, communicative, and laid-back. Considering I’m no software developer (and only a very amateur kind of geek), I would say that those are qualities that have contributed well toward the avast! software we all use and love. –Jason Mashak
1: You’ve been at AVAST since there were only a few handfuls of employees… what, for you, are some of the more memorable moments in the company’s history since you’ve been here?
I joined AVAST seven years ago  when there were around 20 employees. Some of the core team members of today were still at university, studying along with their work. You would see them in the office only once or twice a week. This was a big difference from the 140-something we have today, when we hardly fit into any room all at once. For example, there used to be a habit to celebrate birthdays together in the offices. But as the number of employees grew, we would have to celebrate almost every other week. And we also started to have problems fitting into any one room, so the tradition was abandoned over time.
Moving into a new building, the one we are now in, was also quite exciting. We watched it being built, visiting it several times before it was finished. One of the last things moved were our company servers Read more…
Recently we took pleasure in hosting journalists at our Prague HQ. Among them were Wojciech Kowasz and Jakub Pawlak from dobreprogramy, Poland‘s most popular download site. avast! Free Antivirus is Poland‘s top downloaded software, with over 14,000,000 downloads!
While visiting us in Prague, Mr. Kowasz and Mr. Pawlak recorded a video interview with our CTO, Ondřej Vlček. Mr. Vlček introduced new features of avast! 6.0, explaining how they differentiate avast! from other AV products. If you’ve ever wondered how the AutoSandbox works, what SafeZone is, or how can you rate a website using avast! WebRep, check it out. Mr. Kowasz and Mr. Pawlak also asked about everyday’s life in our HQ in Prague, how the virus lab works, and how we detect viruses. Read more…
The AV-Comparatives Security Survey 2011 (pdf) released by AV-Comparatives.org in mid-March reveals that, from a list of 70 well-known security solutions, avast! ranks second in terms of which products respondents wish to continue to see reviewed.
Notably, 5 of the top-7 requested brands are based in Central and Eastern Europe. Read more…