BreachExchange mailing list archives
PC Matic… Is It As Amazing As Seen on TV?
From: inga () riskbasedsecurity com (Inga Goddijn)
Date: Wed, 2 Mar 2016 11:03:33 -0600
https://www.riskbasedsecurity.com/2016/03/pc-matic-is-it-as-amazing-as-seen-on-tv/ If you have ever been up late at night, you might have seen an infomercial about a product called PC Matic <https://www.youtube.com/user/pcpitstopvideo/videos> and been intrigued by the exceptional claims being made about the capabilities of their security solutions. PC Matic is a combined security and system performance optimization solution <http://www.pcmatic.com/> provided by a company called PC Pitstop, LLC and they claim to provide â*superior security protection over all security products, free or otherwise, on the market*â. On the security side, the product offers anti-malware and anti-adware protection along with patch management by â*automatically [closing] security holes in commonly used free software.*â Recently we were approached by a third party asking what we thought about PC Matic and suggested that we look into the product. Based on the combination of the claims made by the vendor and the negative feedback on the Internet about the company and their products we decided to further research PC Matic. The following are some of the significant points uncovered by our analysis: - PC Matic was discovered to have many serious vulnerabilities. These allow a malicious website to retrieve various information from a userâs system without the userâs knowledge or even compromise it. - PC Pitstop states that PC Matic won first place <https://www.youtube.com/watch?v=CWJj_qwxmsE> in the April 2014 Virus Bulletin RAP test and detected more malware than the competition <http://techtalk.pcpitstop.com/2014/07/31/pc-matic-breaks-virus-detection-record-virus-bulletins-rap-test/>. According to Virus Bulletin <https://www.virusbulletin.com/virusbulletin/2014/04/comparative-review-windows-7#id3161066>, due to the instability and many false positives, they stated âthere is no VB100 award for PC Pitstop this month, despite an interesting effort.â - PC Pitstop claims that PC Matic protects systems running Windows XP, so they can safely be used even if â*abandoned*â by Microsoft. However, PC Matic is not able to properly protect these systems. . - PC Pitstop claims that PC Matic closes security holes. However, the patch management capabilities were determined to be limited at best. - PC Pitstop claims that PC Matic is 100% made in USA and that they do not believe in outsourcing. While the intent of their statement may refer to internally developed code, a significant part of the functionality provided by PC Matic comes from third party components not developed internally at PC Pitstop. We have published a whitepaper which details our findings <https://www.riskbasedsecurity.com/reports/PC_Matic_-_Is_It_As_Amazing_As_Seen_on_TV_-_03-02-2016.pdf> including serious vulnerabilities discovered in PC Matic. It is intended to, hopefully, answer questions and concerns that existing and potential customers of PC Pitstop may have when evaluating, if PC Matic is the right security solution for them. At Risk Based Security we have discussed previously the concept of software liability. <http://www.rsaconference.com/videos/webcast-software-liability-the-worst-possible-idea-except-for-all-others> Most consumers and businesses are not in position to verify themselves if a product is performing the way that it has been advertised. We continue to focus on providing easy to understand ratings about vendors, how they protect customer data and the security of software products they produce. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160302/148ff4ef/attachment.html>
Current thread:
- PC Matic… Is It As Amazing As Seen on TV? Inga Goddijn (Mar 02)