Skip to main content
  1. Home
  2. Computing
  3. News

Google security pro Tavis Ormandy calls Verizon’s anti-virus certification “meaningless”

By

Hacker
hamburg_berlin/Shutterstock
Verizon-affiliated certificates for anti-virus are “meaningless,” according to Google security expert Tavis Ormandy, who claims that the awards fail to recognize “low hanging fruit” flaws in AV products.

In a blog post last weekend, Ormandy criticized ICSA Labs, an independent division of Verizon, for rewarding Comodo’s anti-virus software its 2016 Excellence in Information Security Testing Award despite the fact that he had discovered vulnerabilities in the product.

Recommended Videos

Comodo’s senior vice president of engineering Egemen Tas said ICSA accreditation was “an important third-party validation of Comodo’s leading security capabilities and technologies.”

Ormandy on the other hand claimed that he was able to find “hundreds of critical memory corruption flaws” in the software when analyzing it. These flaws have all been fixed, but he said it’s evidence that more and more flaws in anti-virus products aren’t being caught in a timely fashion.

Ormandy points out that he’s not focusing on just Comodo as he has found several vulnerabilities in big name AV products including Kaspersky Lab, AVG, and Avast.

He added that ICSA’s methodology for testing AV products wasn’t rigorous enough. “These are the meaningless tests that antivirus vendors will actually scramble to pass. Perhaps the first step in improving the situation throughout the industry is making sure these certifications actually test something worthwhile,” he said.

“I’m trying to clean up some of the low hanging fruit that is endangering billions of users worldwide. I don’t think the antivirus industry is going to make even a token effort at resolving these issues unless their hand is forced.”

Along with Comodo, the organization awarded certificates to several other anti-virus and security companies including Palo Alto Networks, Imperva, and D-Link Huawei.

ICSA have yet to respond to a request for comment on Ormandy’s remarks.

Ormandy has made a habit out of publicly chastising security and anti-virus software makers for their mistakes and pushing for better practices.

I get asked constantly what av to use. You're missing the point; av creates more problems than it solves, and we're overdue an av slammer.

— Tavis Ormandy (@taviso) March 12, 2016

Last month he found a bug in Avast’s SafeZone browser that left passwords in danger. That same month he found a vulnerability in Malwarebytes that made users susceptible to man in the middle attacks while in December he discovered an AVG Chrome plug-in was potentially exposing the data of nine million users.

Topics
Jonathan Keane
Jonathan Keane
Former Digital Trends Contributor
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
Trying to buy a GPU in 2023 almost makes me miss the shortage
Two AMD Radeon RX 7000 graphics cards on a pink surface.

The days of the GPU shortage are long over, but somehow, buying a GPU is harder than ever -- and that sentiment has very little to do with stock levels. It's just that there are no obvious candidates when shopping anymore.

In a generation where no single GPU stands out as the single best graphics card, it's hard to jump on board with the latest from AMD and Nvidia. I don't want to see another GPU shortage, but the state of the graphics card market is far from where it should be.
This generation is all over the place

Read more
HP printers are heavily discounted in Best Buy’s flash sale
The HP - OfficeJet Pro 8034e Wireless All-In-One Inkjet Printer on a desk with a smartphone.

There’s good news in store if you’re looking to land a new printer at a discount this weekend. Best Buy is having a 48-hour flash sale on HP printers, with several that can compete with the best printers seeing some good prices. HP is almost always one of the best laptop brands, and it’s one of the same when it comes to printers. So if you’re looking for a new home or office printer, read onward on how to save on an HP printer at Best Buy.
HP DeskJet 2755e — $60, was $85

The HP DeskJet 2755e is a good entry-level printer. It’s got you covered if your printing needs are pretty basic, or if you don’t need to print in mass. This is a color InkJet printer, which makes it good for almost all uses. It can also make copies and scan in color, and it has mobile and wireless printing functionality. You can get set up quickly and easily with the HP Smart app that guides you through the setup process, and you can also use this app to print, scan and copy documents from your phone.

Read more
This tiny ThinkPad can’t quite keep up with the MacBook Air M2
Lenovo ThinkPad X1 Nano Gen 3 rear view showing lid and logo.

While the laptop industry continues to move toward 14-inch laptops and larger, the 13-inch laptop remains an important category. One of the best is the Apple MacBook Air M2, with an extremely thin and well-built chassis, great performance, and incredibly long battery life.

Lenovo has recently introduced the third generation of its ThinkPad X1 Nano, one of the lightest laptops we've tested and a good performer as well. It's stiff competition, but which of these two diminutive laptops stands apart?
Specs and configurations

Read more