{"id":3603,"date":"2017-06-26T14:56:22","date_gmt":"2017-06-26T14:56:22","guid":{"rendered":"http:\/\/gadgets.itwriting.com\/?p=3603"},"modified":"2017-06-26T14:56:22","modified_gmt":"2017-06-26T14:56:22","slug":"f-secure-sense-a-success-and-a-failure-and-why-you-should-not-rely-on-your-anti-virus-software","status":"publish","type":"post","link":"https:\/\/www.itwriting.com\/blog\/3603-f-secure-sense-a-success-and-a-failure-and-why-you-should-not-rely-on-your-anti-virus-software.html","title":{"rendered":"F-Secure Sense: a success and a failure (and why you should not rely on your anti-virus software)"},"content":{"rendered":"<p>I am in the process of <a href=\"http:\/\/gadgets.itwriting.com\/3586-f-secure-sense-firewall-first-look-a-matter-of-trust.html\" target=\"_blank\">reviewing<\/a> F-Secure sense, a hardware firewall which works by inspecting internet traffic, rather than scanning files on your PC or mobile device. This way, it can protect all devices, not only the ones on which an anti-malware application is installed.<\/p>\n<p>I get tons of spam and malware by email, so I plucked out a couple to test. The first was an email claiming to be an NPower invoice. I don\u2019t have an account with NPower, so I was confident that it was malware. Even if I did have an account with NPower, I\u2019d be sure it was malware since it arrived as a link to a website on my.sharepoint.com, where someone\u2019s personal site has presumably been hacked.<\/p>\n<p>I clicked the link hoping that Sense would intercept it. It did not. Here is what I saw in Safari on my iPad:<\/p>\n<p><a href=\"http:\/\/gadgets.itwriting.com\/wp-content\/uploads\/2017\/06\/image12.png\"><img loading=\"lazy\" decoding=\"async\" width=\"185\" height=\"244\" title=\"image\" style=\"margin: 0px; display: inline; background-image: none;\" alt=\"image\" src=\"http:\/\/gadgets.itwriting.com\/wp-content\/uploads\/2017\/06\/image_thumb12.png\" border=\"0\"><\/a><\/p>\n<p>(Wi-Drive is a storage app that I have installed and forgotten about). I clicked More and saved the suspect file to Apple\u2019s iCloud Drive.<\/p>\n<p>Then I went to a Windows PC, and clicking very carefully, downloaded the file from iCloud Drive. The PC is also connected to the Sense network.<\/p>\n<p>Finally, I uploaded the file for analysis by <a href=\"https:\/\/www.virustotal.com\/\" target=\"_blank\">VirusTotal<\/a>:<\/p>\n<p><a href=\"http:\/\/gadgets.itwriting.com\/wp-content\/uploads\/2017\/06\/image13.png\"><img loading=\"lazy\" decoding=\"async\" width=\"604\" height=\"318\" title=\"image\" style=\"display: inline; background-image: none;\" alt=\"image\" src=\"http:\/\/gadgets.itwriting.com\/wp-content\/uploads\/2017\/06\/image_thumb13.png\" border=\"0\"><\/a><\/p>\n<p>Well, it is certainly a virus, but only 4 of 58 scanning engines used by VirusTotal detect it. You will not be surprised to know that F-Secure was one of the engines which passed it as clean.<\/p>\n<p><a href=\"http:\/\/gadgets.itwriting.com\/wp-content\/uploads\/2017\/06\/image14.png\"><img loading=\"lazy\" decoding=\"async\" width=\"604\" height=\"344\" title=\"image\" style=\"display: inline; background-image: none;\" alt=\"image\" src=\"http:\/\/gadgets.itwriting.com\/wp-content\/uploads\/2017\/06\/image_thumb14.png\" border=\"0\"><\/a><\/p>\n<p>Note that I did not try to extract or otherwise open the files in the ZIP so there is a possibility that it might have been picked up then. Still, disappointing, and an illustration of why you should NOT rely on your antivirus software to catch all malware.<\/p>\n<p>Now the good news. I had another email which looked like a phishing attempt. I clicked the link on the iPad. It came up immediately with \u201cHarmful web site blocked.\u201d<\/p>\n<p><a href=\"http:\/\/gadgets.itwriting.com\/wp-content\/uploads\/2017\/06\/image15.png\"><img loading=\"lazy\" decoding=\"async\" width=\"604\" height=\"299\" title=\"image\" style=\"display: inline; background-image: none;\" alt=\"image\" src=\"http:\/\/gadgets.itwriting.com\/wp-content\/uploads\/2017\/06\/image_thumb15.png\" border=\"0\"><\/a><\/p>\n<p>While that is a good thing, 50% of two attempts is not good \u2013 it only takes one successful infection to cause a world of pain.<\/p>\n<p>My view so far is that while Sense is a useful addition to your security defence, it is not to be trusted on its own.<\/p>\n<p>In this I am odds with F-Secure which says in its <a href=\"https:\/\/www.f-secure.com\/en_GB\/web\/home_gb\/sense\/faq\" target=\"_blank\">FAQ<\/a> that \u201cWith F-Secure SENSE no traditional security software is needed,\u201d though the advice adds that you should also install the SENSE security app.<\/p>\n<p><a href=\"http:\/\/gadgets.itwriting.com\/wp-content\/uploads\/2017\/06\/image16.png\"><img loading=\"lazy\" decoding=\"async\" width=\"604\" height=\"141\" title=\"image\" style=\"display: inline; background-image: none;\" alt=\"image\" src=\"http:\/\/gadgets.itwriting.com\/wp-content\/uploads\/2017\/06\/image_thumb16.png\" border=\"0\"><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>I am in the process of reviewing F-Secure sense, a hardware firewall which works by inspecting internet traffic, rather than scanning files on your PC or mobile device. This way, it can protect all devices, not only the ones on which an anti-malware application is installed. I get tons of spam and malware by email, &hellip; <a href=\"https:\/\/www.itwriting.com\/blog\/3603-f-secure-sense-a-success-and-a-failure-and-why-you-should-not-rely-on-your-anti-virus-software.html\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">F-Secure Sense: a success and a failure (and why you should not rely on your anti-virus software)<\/span> <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1140,75],"tags":[1258,810],"class_list":["post-3603","post","type-post","status-publish","format-standard","hentry","category-f-secure","category-security","tag-f-secure-2","tag-security"],"_links":{"self":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/posts\/3603","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/comments?post=3603"}],"version-history":[{"count":0,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/posts\/3603\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/media?parent=3603"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/categories?post=3603"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/tags?post=3603"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}