Exactly. Just because those OLD vulnerabilities in question have by now been fixed, it doesn’t mean new ones don’t exist. In fact, it’s pretty much a certainty that they do.
For example … Right now regular people, as evidenced by the discussions here in these forums, are finding a myriad of bugs in the current avast version — avast 17. Just imagine what a CIA could do! :o
To be more accurate,the bugs reported to the forum are in regards to stability and other non-security related.
The bugs that CIA reports are old and need additional work to make them usable.Many antivirus firms dismissed the bugs by saying they were fixed long ago and the vulnerability was found in AVG not in avast and vlk already mentioned that it is not something that is major and would need additional work to get around AVG.But that wouldn’t be a issue considering the current state of AVG operations.
My thinking / wondering out loud angle is: If there are this many bugs with seemingly regular aspects, or as TrueIndian put it, “stability and other non-security related” areas of avast, why would it be incomprehensible to accept the possibility that there can be vulnerabilities hidden away in some deep areas of avast and that as of yet, no one from avast and no one who frequents tech forums has happened upon them?
Example #1: If say a software like Windows (ALL versions to date) could somehow be designed and developed to where now it was possible to make it be absolutely 100% SAFE today and from this point on, there would have never been the need for the perennial Update Tuesday. True, not all updates are to fix vulnerabilities, but many are.
Example #2: Say you have hired a contractor to build you a house. You periodically go check out their work progress. Say you see various cases of unsatisfactory workmanship in areas that are easily obvious. Wouldn’t it make you wonder what workmanship is hidden behind the sheetrock in the walls and under the floor concrete, etc.? Just because we can’t see a problem, it doesn’t mean it isn’t there.
Example #3: Say your vehicle had some serious issue that necessitated a recall campaign to fix it 2 years ago. Just because that was an “old” issue and was fixed by the recall, that does not mean there cannot be another serious issue pop up that requires another recall next month or next year or in 2 years. Maybe even various more issues necessitating recalls.
Anyway, don’t worry. I like avast. I’m very happy with it. We can’t ignore though that it’s been said on these very forums time and again, " No anti-virus can find ALL malware."
We might not know for a fact that the CIA is better than the avast Devs … but we don’t know for a fact that they aren’t either.
And NOTHING is to say that the info that was leaked on WikiLeaks is complete as to what ALL they know about how to get around all the various anti-viruses. It could very well be just sample tidbits.
Heck, it could all be misdirection.
Anyway, that said, avast is great. I’m not gonna freak out by the WikiLeaks info and go searching for some other anti-virus.
They don’t say which versions. They might as well be talking about versions prior Behavior Shield, DeepScreen and avast!'s cloud. Because with all this, whatever they use, it’ll eventually come in front of a malware analyst. Or it’ll just be captured by the system automatically.