Internet Security Warning Alert for Logos.com
My security software has locked on this twice today. FL needs to attend to this issue ASAP.
ASUS ProArt x570s Creator, AMD R9 5950x, HyperX 64gb 3600 RAM, ASUS Strix RTX 2080 ti
"The Unbelievable Work...believe it or not." Little children...Biblical prophecy is not Christianity's friend.
Comments
-
I’ve never encountered this before. What sort of OS and antivirus are you using?
WIN 11 i7 9750H, RTX 2060, 16GB RAM, 1TB SSD | iPad Air 3
Verbum Max0 -
Win 10 & Kaspersky TS
ASUS ProArt x570s Creator, AMD R9 5950x, HyperX 64gb 3600 RAM, ASUS Strix RTX 2080 ti
"The Unbelievable Work...believe it or not." Little children...Biblical prophecy is not Christianity's friend.
0 -
Third-party antivirus software is the virus.
(I realize this doesn't deal w/ the situation you're actually in, but as a piece of advice from a 30+ year technologist...)
-Donnie
0 -
ASUS ProArt x570s Creator, AMD R9 5950x, HyperX 64gb 3600 RAM, ASUS Strix RTX 2080 ti
"The Unbelievable Work...believe it or not." Little children...Biblical prophecy is not Christianity's friend.
0 -
The Antivirus is not the virus. This is an old mentality from an era (15-20 years ago) when Antivirus were bloated and did a very bad job blocking antivirus programs. Today antivirus are light and virus blocking technology is so advanced that they block nearly all viruses including zero day viruses.
0 -
Diego Lara said:
old mentality from an era (15-20 years ago)
I had carefully been staying out of this thread because I was too lazy to retrieve the details and too experienced to dismiss suggested explanations. Note I call it "experienced" not "old mentality".
I had two cases of a security warning alert for Logos.com in the last week and a half or so. They were an attempt to trick me into allowing a virus in under the ruse of protecting me from viruses. Had it persisted, I would have researched it's source further and checked international virus warnings. But I am retired and lazy.Orthodox Bishop Alfeyev: "To be a theologian means to have experience of a personal encounter with God through prayer and worship."; Orthodox proverb: "We know where the Church is, we do not know where it is not."
0 -
MJ. Smith said:Diego Lara said:
old mentality from an era (15-20 years ago)
I had carefully been staying out of this thread because I was too lazy to retrieve the details and too experienced to dismiss suggested explanations. Note I call it "experienced" not "old mentality".
I had two cases of a security warning alert for Logos.com in the last week and a half or so. They were an attempt to trick me into allowing a virus in under the ruse of protecting me from viruses. Had it persisted, I would have researched it's source further and checked international virus warnings. But I am retired and lazy.It's not your job. It's FL's job. They are the ones whose site is being targeted.
ASUS ProArt x570s Creator, AMD R9 5950x, HyperX 64gb 3600 RAM, ASUS Strix RTX 2080 ti
"The Unbelievable Work...believe it or not." Little children...Biblical prophecy is not Christianity's friend.
0 -
I work in the IT industry, so I also have experience. And based on my experience security software is essential. And why would you be the one to troubleshoot it? You work for Faithlife?
0 -
Diego Lara said:
And based on my experience security software is essential.
I absolutely agree and I depend upon it.
Diego Lara said:And why would you be the one to troubleshoot it?
So that I don't open the site, message, etc. that produced the spoofed security alert again. True, it was not as annoying as the old ploy that put the browser in a loop.but I personally prefer to avoid hackers' work. I prefer to appreciate the elegance of a logical proof rather than the elegance of a hacker's hack.
David Paul said:It's not your job. It's FL's job. They are the ones whose site is being targeted.
No, it was not FL that was being targeted; it was my machine that was targeted and I happened to navigate to FL so the security error was built to look as if their site was bad ... pretty much whatever I navigated to next would appear to have a security error. Nerdiness is a disease with a very slow recuperation rate ... so, since I can no longer simply call support on the floor below, I do it myself or call my grandson if it's a real puzzle. But I've recovered enough that I rarely pull the cover off any more.
Orthodox Bishop Alfeyev: "To be a theologian means to have experience of a personal encounter with God through prayer and worship."; Orthodox proverb: "We know where the Church is, we do not know where it is not."
0 -
MJ. Smith said:
Nerdiness is a disease with a very slow recuperation rate
[:|]
I remember getting one of the early 'smart' phones ... ATT! ... 30 years ago. You could check your stock, and watch the market crash. You had to squeeze under the table, so people wouldn't see you using it.
"If myth is ideology in narrative form, then scholarship is myth with footnotes." B. Lincolm 1999.
0 -
Such warning messages may or may not be the fault of FL.
From what I've seen of FL's websites and auxiliary content, they're clean.
0 -
David Paul said:
Would you please elaborate?
Sure. Please note that I'm not saying don't use AV software - I'm saying don't use it if it's not from the operating system vendor.
In spite of what Diego Lara stated (and I mean no offense toward him), you can do just a minimum amount of research into all of the security holes that 3rd party AV solutions introduce into your system. They are poorly implemented, security-wise - presenting new vectors of attack all on their own.
With the "protection" they supposedly offer, they must make implementation choices that make a system more insecure. One specific example is the products which supposedly protect your internet traffic in real-time. More and more sites are https by default (secure, TLS = "transport layer security" - which used to be known as SSL); and that trend will continue. TLS works because your operating system or your browser comes with a set of root certificates which are used to verify that the other end of a secure connection is who it says it is. One of the goals of TLS is to prevent man-in-the-middle attacks. Which means any other software or hardware between your browser and the web server on the other end can only see the encrypted traffic. That includes AV software.
To get around this, those AV packages install an additional root certificate - themselves - and then see the decrypted traffic and then re-encrypt it to the web server. This is a man-in-the-middle attack, even if it's supposedly benign. Do you know what they're doing with traffic that you expect to be encrypted? Worse than that, they run behind the standards. All TLS should be at least 1.2 now, 1.3 is better. Browsers and the large internet players and web servers keep very up to date on those standards and on new threats as they're identified and corrected. The AV packages don't.
So... I'm very up-to-date in this space. I've worked in network groups at large online presences. I've not used a 3rd party AV package since Microsoft introduced its first version version of Defender, 2006. I'm talking numerous laptops and PCs for myself, my wife, and my children when they were at home. So I'm putting my money where my mouth is. I use the Windows Defender and Firewall tools that come with the O.S.
I hope that answers your question.
Donnie
0 -
Donnie Hale said:
Sure. Please note that I'm not saying don't use AV software - I'm saying don't use it if it's not from the operating system vendor.
Heresy! Wait, I'm in the same club... [;)]
0
