64-bit systems and anti-malware software

Discussion in 'other anti-malware software' started by ssj100, Aug 6, 2009.

Thread Status:
Not open for further replies.
  1. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    for me it doesnt matter at this moment i will remain using 32 bits for now:)
     
  2. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    So what will he do? Create something else? Quit the malware business entirely?
     
  3. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    this is something the developers has to decide;)as for me just stay with the 32 systems:thumb:
     
  4. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    Indeed, but Id still be interested in his thought process, as to how he plans to deal with the situation, if hes willing to share it off course.:p
     
  5. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    not sure how gentlesecurity is going to handle this patchguard situation but i am not supporting any 64 bit systems:thumbd:
     
  6. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    Man if there was only some we could force MS to back down from this!
     
  7. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    wooo hahaha for the first time i agree with you in something:D
     
  8. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    yes indeed:thumb: :argh:
     
  9. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    NEVER!!!!!
     
  10. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    And under a different product name, so the defensewall brand would not be affected?
     
  11. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    Hehe, Ilya won't be "Ilya" - he will go incognito on a secret mission. :D
     
  12. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,614
    Location:
    Milan and Seoul
    I can only refer to what I've been reading around, and it's not a matter of being allowed or not to do anything.

    http://www.microsoft.com/whdc/driver/kernel/64bitpatch_FAQ.mspx

     
  13. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    I hear what your're saying man. Its just annoying though. At some point we will all probably have to switch, and when it happens I might not have my favourite security apps or I might have them in a weakened form. If thats the case I may as well use apple imo. Atleast its beautiful!

    Im seriously considering getting a mac with Snow Leopard when it comes out instead of win 7 x64.
     
  14. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    So basically Kernel Patch Protection will prevent legitimate security software from installing, but some malware can still find a way right?
     
  15. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    So what will you do once x64 becomes the industry standard?
     
  16. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    Ive got a question for those who are more technically inclined than me? Why is M$ adding patchguard to only x64 systems? Why not do it for x32 as well?

    Also what is the added advantage of 64bit computing other than access to more than 4 gigs of ram?
     
  17. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    No way. If I know the defense is broken by design, I will never use it.
     
  18. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    Not from installing, but from properly doing its job as MS doesn't have all the features requires for proper sandboxing with their kernel-level filtering API.
     
  19. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    Will sue MS.
     
  20. MagisDing

    MagisDing Registered Member

    Joined:
    Jan 6, 2009
    Posts:
    41
    It depends on the behaviors of malware. Some malicious application don't install drive even replace the kerenl drive, they just modify files or registry keys to accomplish their nasty goals.
     
    Last edited: Aug 7, 2009
  21. Julian

    Julian Registered Member

    Joined:
    Sep 14, 2008
    Posts:
    103
    I don't buy it anymore when developers of smaller projects like Sandboxie or DefenseWall say it would be impossible to have good proactive protection on x64. KIS and Outpost HIPS' are very strong on Vista 64 and improved much over time. So give it time, I bet when 64 bit will be highly spread we won't have many disadvantages there.

    Also KIS has a sandbox on x64. It is not as compatible as the 32 bit version but maybe it will improve with critical fix 2 (already announced) and later versions.
     
  22. OnSeeker

    OnSeeker Registered Member

    Joined:
    Jul 27, 2009
    Posts:
    12
    I must say that my security solution BitDefender, has support both on 32 and 64 bits and the new one 2010 is even greater :p :) So happy to have it! (BETA testing)
     
  23. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    Oh yeah, really? From the Agnitum developers I know they are using user-mode hooks in security purposes and can't be considered any "strong". KIS's sandbox is officially limited and can't be considered as a strong security solution too. More examples?
     
  24. Julian

    Julian Registered Member

    Joined:
    Sep 14, 2008
    Posts:
    103
    At least Matousec SSTS doesn't unhook Outpost's user mode hooks so they must be secured in some way.
    Of course you are the developer and not me so please tell me why secured ring 3 hooks are nonsense.
    As long as malware doesn't slip through I don't see any problem. And the KIS sandbox isn't that bad, no problems with sandboxed Firefox on Vista 64 for me.

    Btw: Are there any kernel mode driver rootkits for Vista and Seven x64?
     
  25. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    No, because of digital signatures, not because of the PatchGuard.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.