Virus/spyware definition update process

[Chankama]

Quick question guys. When we update the definitions of Ad-aware, spybot, avg, avast, etc., what are the issues wrt security.

As in, are the updates done over an insecure channel which is suspectible to attacks or is it done over a secure channel between the client and the product server. For example, using SSL.

Anyone have any details/links, please post away. Of course, I am talking about all the "free" versions of the above mentioned products. Thank you.

 

[MicroBell]

Most updates are done through the programs secure servers to prevent any interuption from anything infecting the file or getting an infected file.

Again...we are talking about a LEGIT programs and not something like SpySherrif...or another bogus so called AntiSpyware utility as they are already infected. Since most of the updates take place on the products own server address it's unlikely you'll ever download an infected file from there.

 

[Chankama]

Again...we are talking about a LEGIT programs and not something like SpySherrif...or another bogus so called AntiSpyware utility as they are already infected. Since most of the updates take place on the products own server address it's unlikely you'll ever download an infected file from there.

I am actually speaking of any potential attacks that might take place while the update data is in transit over an insecure network. For example, I am on an untrusted LAN ( atleast IMO ). I am not talking about "non-legit" programs. Assume I have a trusted program. I am just questioning the method of "auto-update".

The only way you can be "sure" of getting "good" data is if there is end-to-end security on the channel (integrity and authentication).

I couldn't really find this info readily available for the products I mentioned.