It’s frustrating enough for any IT pro or tech support guru to find out that consumers aren’t safeguarding their computers with strong anti malware protection, but a new study from Concordia University has uncovered some very troubling findings. The antivirus and parental control software that a lot of consumers have finally learned to rely on may actually be exposing their computers to hackers.
Researchers analyzed fourteen different popular and commonly available antivirus titles and found vulnerabilities, mainly based in the way the software coordinates the security certificate of each website. The software was found to be granting its own certificate to the browser, an error in the way the software functions. Unfortunately, some of the compromised software was in the ad-blocking genre, a very popular add-on for internet users who despise pop-ups and flashing sidebar ads.
As for parental control software, the same issue is at the heart of the problem. By attempting to verify the certificate, the software makes the computer think it has the authority to give the go-ahead, even though it’s not a certification authority.
So what are consumers and concerned parents supposed to do? It’s been drilled into their heads that antivirus software is important for protecting both their hardware and their identities, and of course no one wants to leave kids unattended on the Wild West that is the internet. First, while antivirus software is still important, it’s also crucial to keep your browser up-to-date and install any patches or updates that come along. That does far more good than a security certificate, and browsers themselves are already built to seek out authentication. And if parents are concerned about their kids’ internet activity, there are two major steps that can help: the first is almost too obvious, and that’s to stop letting your kids connect online when there’s no one around who can see what they’re viewing, but the other, more technical solution is to use apps and software that allow parents to block specific domains instead of keywords.