Cloudflare launched their new free public DNS service yesterday (yeah, funny date to make product announcement on April 1st). But this is no joke. They actually launched this product. In a nutshell, it’s a service like OpenDNS or Google DNS, except it’s the fastest of them all and cares about user privacy.
As you can see from DNSPerf webpage, it’s resolving the fastest for basically entire world and their privacy policy is also very strict, meaning they do not track or store any user data and they also don’t sell any data to anyone.
It is yet unknown if Cloudflare DNS provides any other security features like cache poisoning protection, anti-phishing and malware blocking. Still waiting for their reply on this one, will update as I receive more info.
I’ve also included it on my public DNS list where I feature all DNS services that matter.
Took me a while, but when Google fired James Damore for his memo, that was a tipping point for me. It was also a day when I entirely dropped Google Search. And also a day when I decided to start using more and more “independent” alternative services that are more privacy focused. Some are easier to switch to, some are not. But let me tell you, it’s worth it when you realize how these mega corporations are just straight up evil. From their fucked up internal politics to endless meddling with politics worldwide to how they handle our sensitive private info with next to no regard for anything or anyone. Sure, they offer services for free in exchange for our privacy, but there will be a point when you’ll ask yourself, is my private info and data really worth so little that I trust it to Google instead of paying a relatively small subscription for a secure encrypted private mailbox with nearly same features as found on GMail? It takes some time to realize that, but take some time and think about it.
To make final decisions easier afterwards, here are some tips on what services to use in order to break free from mega corporations mining your personal data…
* For now there is no evidence that Cloudflare could pose an immediate risk to privacy. They claim they are private and they also do external audits to have their claims verified.
* Alternative search engines to big corporate ones like Google, but have slightly questionable privacy statements. They do allegedly convert your searches into charity support…
StartPage removed after it was taken over by Privacy One Group which is a targeted marketing company.
* FastMail is not on the list because it’s an Australian company and Australia has recently (December 2018) passed an encryption bill that demands companies to hand over backdoors or master encryption keys to Australian government. I wouldn’t trust any such company or government for that matter even if “I don’t have anything to hide”.
StartMail removed due to questionable ownership by targeted advertisement company Privacy One Group.
Wire removed due to weird ownership, HQ location and operation changes. People also raised concerns over communications encryption which is apparently severely flawed.
* While not open source or anything, it’s not owned by corporation like Google and it has certain features that are very useful in securing your access to services that you own and pay for. What good is all security if you can’t access your stuff…
Company country doesn’t always mean they absolutely fall under their jurisdiction only. For example, some companies have HQ in Switzerland, but host data elsewhere, like for example pCloud which hosts data in Texas, USA. Others like ProtonMail have HQ and hosting in same country. Do further research if that is important for you.
Summary
After long hours of research and investigation, I’ve dug up these services that are highly focused on privacy and security, are mostly located in countries with most rigorous privacy laws or they are designed in such a way no one can even force them to uncover your data, because only you have the decryption keys. They may not be free, but can you really put a price tag on your privacy when you think about it? Some services cost a bit more a year, others less. Some are even free but with certain limitations like e-mail storage space and less features which kinda forces you to upgrade. But you can evaluate them cost free this way and decide which ones you like.
Suggestions?
If you know any other services that you feel they need exposure here, leave them down below in the comments and I’ll check them out. If I feel they are worthy, I’ll include them on the list above.
We all know ransomware is on the rise and it’s one of the most annoying types of attack in recent years. I mean, in the past systems got infested with various junk that was hard to clean, but essentially, you could always just start over by reinstalling Windows. Ransomware changed that, because it attacks stuff that’s irreplaceable. User files like documents and photos. You can’t just stat over by reinstalling Windows.
Now, the only 100% protection is backup of your data, but reality is, it’s really annoying to constantly make backups by hand and if you have it automated, we’ve already seen malware and ransomware which ruins your backups as well. So, I personally prefer prevention, rather than remedy or backups to the whole thing.
There are various tools and protection systems of which some can be found here. One tool however stands out a bit, for two reasons mostly and that’s because it’s free and provides very high generic protection against known and unknown ransomware and they are continuously improving it. It is called…
Cybereason RansomFree
Like anything, nothing is ever 100%. But if you can dramatically decrease the chances of getting hit by ransomware, I’m sure anyone would take it. It’s like with real vaccines. There is always small chance it still won’t be effective against one specific strain of flu, but if it can protect you from 95% of it, wouldn’t you take the “chance”?
I’ve made a test of it recently and you can see for yourself how effective it is.
When out of several strains only 3 types got past RansomFree defenses, I’d say that’s pretty damn good or something that’s free and consumes nearly no resources.
And today I’ve even received news about new version 2.1.1 which also addresses the mentioned issues of not protecting non-system partitions as well as potential other improvements thanks to our tests that showed the flaws. If they can figure out Petya strain, that would be also awesome. But they are already doing a good job as it is and I can only recommend this software to everyone who value their personal files.
This antivirus has actually been around for quite a while, but it hasn’t really interested me because the old interface was a bit clumsy and the scanning reliability was rather poor.
But that has changed quite dramatically with version 4.4 (I’m reviewing 4.4.1). The interface is now incredibly pleasant to use, has a logical layout and most importantly, they seem to have resolved scanning reliability as well. Universal AV is fast and reliable now and they have also replaced VirusTotal multi-engine online scanning service with Jotti, which is an older service with a bit less scanners, but it seems to be a lot faster and reliable. I do hope VirusTotal will one day return to assist Jotti scanner, but it’s still very good as it is right now.
Main SecureAgePlus InterfaceSecureAgePlus Settings panel with few of Universal AV engines listed
Universal AV
This antivirus is a bit special. It uses local antivirus of your choice or you can also use integrated one (ClamAV, very basic, but it works), but its special sauce lays or shall I say floats in the cloud in form of two services. One is Universal AV which depends on several antivirus engines running on SecureAPlus servers, placing ZERO load on your system. All is done through intelligent fingerprinting, you only have to submit whole EXE to their server for analysis if no fingerprint is found on their server to match the potential malware on your system. After few seconds, results are returned to you and you can decide what to do if found to be potentially malicious.
Second line of defense from the cloud is Jotti’s service, again with multi-engine scan service which at the moment boasts 19 different antivirus scan engines.
In theory, not even two such services can deliver absolute 100% protection, but with so many engines, chances of malware evading all of them becomes very slim. And given you don’t experience any slowdowns on your system, the more engines there is, the better.
Multi-layered Protection
Another good thing about it is that you can use it along with your favorite existing antivirus. I personally don’t trust ClamAV all that much, so I’m using avast! instead of ClamAV. They can run both together without problems. I had to exclude avast! main folder in SecureAgePlus because it was asking about one avast! file, but after I’ve done that, it seems to work fine.
Whitelisting
To even further extend the security, SecureAgePlus also relies on whitelisting and certificates to lower false positives as well as give you more clues whether you should trust a file or not. Unfortunately it is not possible to disable whitelist, which makes it tiny bit annoying if one wants to only use it as a pure second opinion antivirus and nothing else.
SecureAgePlus Whitelisting Panel
Licensing model
SecureAge is using an interesting Freemium licensing model. In a nutshell, it’s free for initial 1 year and it can be free beyond that if you’re willing to invest some time into promoting it. Either by posting about it on social media, writing testimony, review (like this one) and simply spread a word about it. If you’re not willing to do all this, you can also decide to support it directly with a Premium license. If you want to give it a try, make sure to use my referral link below and help me out receiving points so I can extend my Freemium license.
Like I’ve said, on install you get 1 year free and fully functional antivirus, so you don’t have anything to lose really and you help me out at the same time. Give it a try and see for yourself how it works and how effective it is.
Few minor dislikes…
After all the praising, there always comes that “but”. Luckily, it’s nothing major really. Only things that are a bit annoying is that you can’t install ClamAV directly from within SecureAgePlus interface if you’ve deselected it during initial installation. You have to run installer again and check it there. Would be a lot more convenient if there was an option for that already inside interface. Next thing I don’t like it a bit is the fact that you can’t disable Application Whitelisting service entirely and use SecureAgePlus only as a second opinion scanner, you can only adjust it to be more permissive. You always have to deal with whitelisting dialogs if some new app isn’t yet whitelisted. Can be a bit annoying sometimes. there is also no On-Demand scan option within main interface, other than Full System scan. You have to use Explorer context menu to scan individual folders. And lastly, initial scan takes VERY long even on top of the line system with very fast SSD as it’s main and only drive. I’m guessing it has to hash all files on the drive for Whitelisting to work, so be prepared to leave system on for SecureAgePlus to finish this first scan. After that is done, all consecutive Full System scans are done in few seconds.
Pros:
multi-engine scanning
very high detection rate
very small performance footprint despite multiple engines
very nice and logical interface
functional with other security software with minimal effort
Free for 1 year plus option for free extension
Cons:
very long initial scan even on top end system
a bit clumsy later installation of optional local ClamAV scan engine
no On-Demand scan options other than context menu scan and Full System scan
cannot disable Whitelisting part entirely and only use it as second opinion AV only
still giving user a final word whether to trust or block a file despite scan verdicts (may be risky with some users who don’t understand scan results)
Verdict
All in all, it’s a very interesting and effective security software. It’s not flawless, but the flaws it has are very minor despite making a “Cons” list rather long. I’m pretty sure they’ll fix or improve most of these in the future. And even if they don’t, I can safely assume most people wouldn’t mind if these remain as they are just things I personally disliked a bit. They probably won’t even bother most users. Give it a try and decide for yourself. I really like it now and I think I’ll keep it as second line of defense next to avast!. 🙂
Wow, I just received info about AVAST Software (makers of avast! Antivirus) buying AVG Technologies (makers of AVG Antivirus). This news was a bit of a shock for me since I wasn’t expecting it at all. avast! bought few smaller developers in the past, but nothing this big. These are two largest Czech software companies and if the whole thing goes through well, we are going to be looking at European security powerhouse. Both companies have well over 200 million active users, assuming all AVG users will stick with avast!, their userbase will extend to massive 400-500 million users. That’s almost half a billion users. Mind blowing numbers. It’s hard to say how things will change for the future, but there are certainly technological benefits from this purchase, from protection features as well as knowledge. Not really expecting large changes within software till 2017, maybe even 2018, but they might surprise us.
Official statement from AVAST Software CEO, Vince Steckler:
As many of you know, there are two security companies that often get confused: Avast and AVG. Shortly after I started as CEO almost 8 years ago, I remember giving a presentation to a large audience about Avast. About an hour later, a gentleman walked up to me and complimented me on how good the presentation was and how he enjoyed hearing about AVG. That was my first lesson in how easy the companies are to confuse.
This confusion is because the companies are so very similar. Both company names start with the letters “AV”. Both started in the late 1980s and were amongst the first few companies formed to fight the viruses and malware nearly 30 years ago. Both are historically Czech: Avast was founded in Prague and is still based there while AVG was historically in Brno, the two largest cities in the Czech Republic. Both pioneered the free distribution of top quality security products (although to be honest, I must admit that AVG was first and we followed). Both make great security products. Both are innovators with world class R&D teams. Both have most of their users outside of their home Czech market. Both have had similar user bases for many years: about 200M each. And most importantly, both treat their users with respect and consequently each has a large and loyal user base. One slight difference though is that while Avast is a private company, AVG is public and listed on the New York Stock Exchange.
In spite of this one difference, these companies are so similar that it is only natural that they be combined and that is what we are now planning on doing. Under an agreement signed with AVG, Avast will be making an offer ($25 per share or about $1.3 billion in total) to buy all shares of AVG’s stock which AVG’s board is recommending their shareholders accept. If the AVG shareholders do accept, following the various governmental regulators approvals, AVG will become part of Avast and we will jointly work on a great future together. We expect this to take a few months. Now this process is much more complex than this simple description and there are a lot of rules and regulations about the process and what we can say, etc. As a result, at the bottom of this blog entry you will find a page of important disclosures that you should read if you are a shareholder, contemplating being a shareholder, or are just curious.
The process does not allow us to talk a lot about how we would operate after combining, etc. so I can just say a little. I do think this combination is great for our users. We will have over 250 million PC/Mac users enabling us to gather even more threat data to improve the protection to our users. In mobile, our combined 160 million mobile users will be used to improve protection as well as to provide an important stepping stone into the Internet of things. Additionally, we will be gaining some exciting mobile technology designed to protect families on line. In SMB, we will be better able to support our business users with a larger geographic footprint, better technical support, and the best technologies from our two companies.
Our website (and AVG’s) contains a lot more information about this transaction—the press release, FAQs, etc. As we are allowed during the process, we will convey to you, our users and customers, all the information that we are allowed. Most importantly though, I assure you that we value every single Avast and AVG user and will do our best in the future to keep you protected and to keep your trust.
Forward-Looking Statements
This communication contains forward-looking information that involves substantial risks and uncertainties that could cause actual results to differ materially from those expressed or implied by such statements. These risks and uncertainties include those related to, among other things: general economic conditions and conditions affecting the industries in which Parent, Buyer and the Company operate; and the parties’ ability to satisfy the conditions to the contemplated tender offer and consummate the transactions described in this communication; and the Company’s performance and maintenance of important business relationships. These forward-looking statements speak only as of the date of this release, and neither Parent, Buyer nor the Company assumes any obligation to update or revise any forward-looking statement, except as required by law.
Additional Information and Where to Find It
The tender offer referenced in this communication has not yet commenced. This communication is for informational purposes only and is neither an offer to purchase nor a solicitation of an offer to sell any ordinary shares of the Company or any other securities. The solicitation and offer to purchase ordinary shares of the Company will only be made pursuant to an Offer to Purchase, a related letter of transmittal and certain other tender offer documents. At the time the tender offer is commenced, Parent and Buyer will file a tender offer statement on Schedule TO, including an Offer to Purchase, a related letter of transmittal and certain other tender offer documents, and the Company will file a Solicitation/Recommendation Statement on Schedule 14D-9, with the SEC, each with respect to the tender offer. The Company’s shareholders are urged to read the tender offer statement and Solicitation/Recommendation Statement, as they may be amended from time to time, as well as any other relevant documents filed with the SEC, when they become available, carefully and in their entirety because they will contain important information that holders of the Company’s securities should consider before making any decision regarding tendering their securities. The Offer to Purchase, the related Letter of Transmittal and certain other tender offer documents, as well as the Solicitation/Recommendation Statement, will be made available to all holders of ordinary shares of the Company at no expense to them from the website maintained by the SEC at www.sec.gov.
Apparently i’ll have to make a blacklist of all the webpages with fuckin lazy admins. Last time i was ranting over idiotic Adobe login security measures because they were limiting password length, this time it’s apparently time to rant over WorldCommunityGrid webpage managers.
Password Format Requirements:
– 6 characters minimum (alphanumeric: A-Z, a-z, 0-9) – OK
– 15 characters maximum – WHY!?
– No “special” characters (!@#$%^&*_+=:;, etc…) – WHY!?
Why the fuck do they have to limit passwords to max 15 characters and exclude basically everything that usually makes passwords strong. Is this some kind of new fetish for webpage admins or what!?
Why not make a freakin requirement that the password can be max 15 characters long and the only letter that you can use is capitalized letter “A”. I mean seriously, dafuck is wrong with these ppl!?
We, the security aware ppl have been ranting over such stuff for years and companies still pull stunts like this in this time and age. It just makes no sense…
Angry Sheep Blog 