An acknowledgement to the Avast Practical Jokes Department

The bombardment by ‘helpful’ Avast messages reaches new heights. These messages seem timed to create maximum distraction just when I am performing on-line banking operations and my concentration needs to be at its most intense. My vulnerability to scams can only be increased by these distractions.

I do not regard VPNs as any more trustworthy than my internet connection through my fibre connection direct through my ISP. I ensure encryption with the use of HTTPSEverywhere (Encrypt All Sites Eligible is ON) and NoScript is set to block all active contect except on the web pages received through my bank’s domain name. My DNS resolver (OpenDNS) is defined for each network connection in each PC. I logon to an account on my PC reserved solely for online banking. The browser configuration on that account is tightly locked down. Other accounts are inactive (i.e. logged out) during this.

Microsoft is similarly at fault in this. Its ‘helpful’ reminders to backup data also seem to timed for maximum distraction.

;D

What messages are you talking about? I’ve not seen any.

Hi Bob. I will have to post some screen shots for your delectation. The messages include warnings of the dangers of the exposure of my IP address, the benefits to privacy of using a VPN, the possible hijacking of my web cam and microphone (the drivers for which are disabled or the web cams unplugged), among other things. Now that senility is approaching, I need distraction protection too!

I have thought about such hazards over many years and the practices that I have evolved seem to be successful in achieving their objectives. Maybe Avast knows something about my surfings that I don’t.

;D

Sales pitches. Adjust your settings unless you’re using the free version then you may have to put up with those useless and sometimes totally incorrect messages.

Avast reports that EMET552 is slowing my computer (Windows 7 x64). I use EMET552 to enforce mandatory ASLR because this is how it has to be done with Windows 7.

This is bonkers.

Not really bonkers. EMET552 is known to slow down Windows 7.
https://social.technet.microsoft.com/Forums/ie/en-US/ef778e3e-89f0-4127-aea8-cef59036c480/emet-552-windows-7-sp1-eaf-and-performance-degradation?forum=emet

Thanks Bob. Apart from mandatory ASLR, all that EMET 5.52 does on my system is to enforce DEP and SEHOP for non-opted-out processes. No other process mitigations take place.

Additional thanks Bob. You set me on a path to eliminate EMET from my Windows 7 system. It seems that uninstalling EMET 5.52 leaves intact the registry settings associated with mandatory ASLR that were set using EMET.

There is always something new to learn, especially from one more senior and wise than me.

Deep respects :slight_smile:

Always happy to help. Hope the system is now faster.

Yup! It certainly feels livelier. I am a very grateful for the information you put before me.

It does me no harm to be reminded from time to time that there are many things that I do not know as well as I thought I did.

You aren’t alone. Only God knows everything.

Bruce Schneier has written an interesting article on VPNs.
https://www.schneier.com/blog/archives/2021/06/vpns-and-trust.html

Much of the pushing by Avast of its Free users is to do with its VPN. I choose to rely on browser enforced end to end encryption for my privacy. It is not possible to be able to totally trust any VPN. I never use public Wi-Fi, instead using an Android smart phone as a mobile wireless connection point if absolutely necessary.

All this pushing of features caused a friend, whose Windows 10 PC I support, to phone me because she was puzzled that a ‘secure browser’ had been pushed onto her by Avast. I said that she had nothing to worry about but asked her if she really wanted to use a different browser from Firegox ESR. The upshot was that I talked her through uninstalling the unwanted browser. This episode highlights my concern that Avast is so frenetic in its pushing of ‘extras’ that it distracts and bamboozles users. I am not a fan of being suddenly distracted when doing online banking where user vigilance is key. Even forcing myself to ignore Avast distractions puts me at elevated risk of dropping my guard at a crucial moment. At my age, memory and concentration are less reliable than they once were. Now then, what day of the week is it?

All this distraction weakens our vigilance and so also our defences so Avast actually makes us less secure from the dangers of social engineering (which is what the Avast naggings are, kind of). I am happy to be a beta tester and put up with the adverts, within reason. Did the Avast 21.5 email problems also affect the paid for versions? If only the Avast Practical Jokes Department was able to exercise even a modicum of self-control.

Panda Security must have a different business model. Panda Dome does not feature any ‘encouragements’ in its free version.

Be in no doubt that I believe Avast to be the best antimalware software suite, bar none. The bombardment of Free users by ‘feature notifications’ and cries of Wolf! tends to tarnish the gleaming reputation that the quality of Avast so richly deserves. By all means draw our attention to features which we ought to be aware of but please do not weaken our personal alertness against social engineering attempts by criminals. Personal alertness is the last line of defence against social engineering.

I guess that users of the Free version provide Avast with enormous extra amounts of feedback information with which to further improve the quality of its products. Users of the Free version likely expose their systems to different risks from business users and so will widen the range of feedback information to Avast.

Free users are guinea pigs and have much to offer Avast both in usage data and in drawing attention to problems because Avast is deeply embedded in systems and so there is great potential for obscure issues which need to be addressed for overall product quality. We guinea pigs together comprise a vast and valuable resource for Avast.

Just to clarify, the willing guinea pigs are those of us that run their Beta Software Releases.

+++1 :slight_smile:

Yes Bob and Asyn. I appreciate the significance of the distinction you are making between Free users and Beta testers. You are right and I apologise.

Yes Avast. My TLS-only web connection is encrypted because HTTPS Everywhere is installed, enabled and Encrypt All Sites Eligible is ON on all my web connections. Like the WebCam alert on PCs where the camera/microphone drivers have been disabled, Avast is not checking the real situation. How am I to believe what it tells me? This calls Avast’s credibility into question which is a shame because I place full faith in this magnificent product for my protection.

I will say two final things and then I will be forever silent on the matter. It is objectionable that the popups do not time-out after, say, 30 seconds. By all means draw the user’s attention to paid-for features but this is coercion.

Which popups aren’t timing out?

They take too long which gave me the impression that the timeout was indefinite.

I have yet another grumble. Avast Free 21.5 kept requesting that a new (free) licence period needed to be begun on a friend’s Windows 10 PC. These requests were endlessly repetitive inspite of many attempts to act on them and the only way to eliminate them was to uninstall and reinstall Avast. This was successful and the behaviour now seems to have ended. Is Avast attempting to self-harm its reputation with this nonsense?