AppGuard 1.4.7.0 is out

[AvinashR]

Quote:

Originally Posted by 1000db

AG doesn't protect against memory injection, man-in-the-browser, or cross-site scripting attacks etc. I think that is why AG only claims 90% protection. Such threats are outside the scope of AG apparently.

Its really good to see this. No Bogus commitment !!

[Eirik]

Quote:

Originally Posted by bellgamin

Hmmm... AG is using ring 3 then, right?

No, AG is not using ring 3. Good question though!

I'm afraid I don't have any more detailed information.

Cheers,

Eirik

[Eirik]

Quote:

Originally Posted by 1000db

AG doesn't protect against memory injection, man-in-the-browser, or cross-site scripting attacks etc. I think that is why AG only claims 90% protection. Such threats are outside the scope of AG apparently.

man-in-the-browser (correct, AG does not)

cross-site scripting attacks (correct, AG does not)

The above are due to our "Prime Directive" (hello Star Trek folk), forbidding interference in the internal affairs of the software applications our products "guard".

inter-process monitoring (If I infer Pegr's implication correctly, AG probably does not. There may be an exception but I cannot recall the terms. "I picked a bad day to quit sniffing modeling glue!")

memory injection (perhaps a future feature, albeit, in our minimalist/clean-cut manner.)

Cheers,

Eirik

[Greg S]

Any news on the next Update?

[Eirik]

Quote:

Originally Posted by Greg S

Any news on the next Update?

We're working out details, news coming next week on our short-term plans/releases.

Cheers,

Eirik

[Greg S]

Quote:

Originally Posted by Eirik

We're working out details, news coming next week on our short-term plans/releases.

Cheers,

Eirik

OK thanks, ...

[Greg S]

After the latest Win 7 updates, AppGuard no longer functions properly.

[Eirik]

Quote:

Originally Posted by Greg S

After the latest Win 7 updates, AppGuard no longer functions properly.

Attachment 219215

Attachment 219214

Hi Greg,

My initial suspicion regards the licensing code. Some situations like this are resolved by restarting the PC. And, if that fails, the restart sometimes 'outs' the licensing code because the user may be prompted to re-enter the activation code or is told their trial period is over. Would you please restart and share the results with us (appguard@blueridgenetworks.com)?

BTW, barring a last minute 'bug', we'll begin a 64 big Win 7 beta the first week of July. The final release of the next AppGuard, 64 bit included, is scheduled for the end of July. There are one or two features I'm awaiting go/no-go status information. When that is resolved, I'll post something on new features.

Cheers,

Eirik

[Greg S]

Quote:

Originally Posted by Eirik

Hi Greg,

My initial suspicion regards the licensing code. Some situations like this are resolved by restarting the PC. And, if that fails, the restart sometimes 'outs' the licensing code because the user may be prompted to re-enter the activation code or is told their trial period is over. Would you please restart and share the results with us (appguard@blueridgenetworks.com)?

BTW, barring a last minute 'bug', we'll begin a 64 big Win 7 beta the first week of July. The final release of the next AppGuard, 64 bit included, is scheduled for the end of July. There are one or two features I'm awaiting go/no-go status information. When that is resolved, I'll post something on new features.

Cheers,

Eirik

Info has been sent

[Greg S]

My situation has been solved thanks to Eirik and the fine staff at Blue Ridge!

[Habakuck]

Quote:

Originally Posted by Eirik

Hi Greg,

My initial suspicion regards the licensing code. Some situations like this are resolved by restarting the PC. And, if that fails, the restart sometimes 'outs' the licensing code because the user may be prompted to re-enter the activation code or is told their trial period is over. Would you please restart and share the results with us (appguard@blueridgenetworks.com)?

BTW, barring a last minute 'bug', we'll begin a 64 big Win 7 beta the first week of July. The final release of the next AppGuard, 64 bit included, is scheduled for the end of July. There are one or two features I'm awaiting go/no-go status information. When that is resolved, I'll post something on new features.

Cheers,

Eirik

That is wonderfull!

You will keep us up to date if the beta is released? =)

I am waiting for this moment sice last year....

PS: One Question: Is AppGuard compatible with Norton IS 2011? (Download Insight, SONAR and so on) Or will i get trouble using them both?

[Greg S]

I've come to the conclusion that AG's Privacy Mode is just not worth it. I still have my doubts as to it's real effectiveness but when put on the scales, the nuisance factor outweighs the supposed security that it offers for me. I'm not trying to be harsh, I'm just stating how it is for me and my setup. Here's only one of many scenarios. I installed Windows Live Mail on Windows 7. In trying it out all works well except for the Stationery feature of WLM. I've spent four days trying to figure out why the Stationery feature did not work. Here's why it wouldn't work, WLM is set by default on the initial selection of More Stationery to automatically open the My Stationery in a Users Documents. I didn't know this of course and natuarlly assumed since the WLM directory in Program Files has the Stationery folder containing WLM stationery that it was going there first and not to My Stationery in Users Docs. When the AG popup alert was appearing, I'm thinking this is another in my opinion useless AG privacy mode warning like I get when right clicking on a file and selecting properties. Not the case this time, I was locked out but didn't know it at the time,lol. I finally decided to Suspend All Protections(four days later), click the WLM More Staionery option and of course I could access the stationery in My Stationery User Docs. After it opened to the default My Stationery, I browsed to the WLM Stationery folder in Program Files, selected a stationery from there. The last used location was/is remembered, in this case Program Files so Privacy Mode can be re-enabled for WLM but now I'm still gonna get the AG privacy warning popup since the search for stationery starts in User Docs and moves on to Program Files which was the last used location. So, is Privacy Mode feature worth it? For more than many, I'm sure that it is but for me a single user who stores pretty much nothing in the Documents area, No. But I have to ask the question, If I turn off Privacy Mode for all the apps that I have it enabled on and taking into account what I just said about not storing anything in Documents, does AppGuard still provide ample protection? I'm sure that it does but someone re-assure me,lol.

[Eirik]

Quote:

Originally Posted by Greg S

I've come to the conclusion that AG's Privacy Mode is just not worth it.

with AppGuard 2.0, we change the default setting for privacy mode where the private folders are no longer defined as all of My Documents, containing both valuable and worthless content. Instead, AppGuard will create a single folder at installation, leaving it to the user to place valuable content and folders within it. Users may still customize privacy mode as they wish.

On privacy mode, I've always struggled with how it's application to all of My Documents contradicted our security principle regarding prioritization. AppGuard places only highly exposed, at-risk applications under guard, not all executables. All kinds of junk exists within My Documents.

Security is often accompanied by inconvenience, which is a form of cost. So, to protect worthless junk comes (from sophisticated attacks so concerned for stealth that they avoid tripping an alarm that might sound by NOT attempting to implant persistent malware by altering a protected resource) at some cost. So if the cost of inconvenience in practice is so low, why not? But, if otherwise, it's more prudent to only protect content of value.

So, we're making the chane.

Cheers

Eirik

[pegr]

Quote:

Originally Posted by Greg S

I've come to the conclusion that AG's Privacy Mode is just not worth it.

I posted on this a long time ago, suggesting that AppGuard would benefit from more granularity in its approach to policy restriction, similar to the way Sandboxie works. See post #577 in the following thread: http://www.wilderssecurity.com/showt...rd#post1551855

As a workround, I only have Privacy Mode enabled for web browsers. It's not a perfect solution but it does cover one of the main risk areas; and I would think that most people don't need their web browser to have access to private data.

[Greg S]

Quote:

Originally Posted by Eirik

with AppGuard 2.0, we change the default setting for privacy mode where the private folders are no longer defined as all of My Documents, containing both valuable and worthless content. Instead, AppGuard will create a single folder at installation, leaving it to the user to place valuable content and folders within it. Users may still customize privacy mode as they wish.

On privacy mode, I've always struggled with how it's application to all of My Documents contradicted our security principle regarding prioritization. AppGuard places only highly exposed, at-risk applications under guard, not all executables. All kinds of junk exists within My Documents.

Security is often accompanied by inconvenience, which is a form of cost. So, to protect worthless junk comes (from sophisticated attacks so concerned for stealth that they avoid tripping an alarm that might sound by NOT attempting to implant persistent malware by altering a protected resource) at some cost. So if the cost of inconvenience in practice is so low, why not? But, if otherwise, it's more prudent to only protect content of value.

So, we're making the chane.

Cheers

Eirik

Again, very well put Eirik! I'm always reluctant to post my personal opinions because it can look like I'm trying to dis-credit a particular feature, which is not the case. I like the Privacy mode and like being able to add other folders for protection. It's very powerful to say the least. For me, it's just the mechanics of it with the User Docs folder that drives me batty.

[Greg S]

Quote:

Originally Posted by pegr

As a workround, I only have Privacy Mode enabled for web browsers. It's not a perfect solution but it does cover one of the main risk areas; and I would think that most people don't need their web browser to have access to private data.

I agree. I still have all Privacy modes checked, except for Windows Media Player. I posted about it here before. Launch WMP and AG gets choked down populating the Status Tab.

[jmonge]

and if you add explorer.exe to the protection list it will protect you from accidental delete stuff in your system,even if a virus wants to make corruption it will be access denied

[Greg S]

Quote:

Originally Posted by jmonge

and if you add explorer.exe to the protection list it will protect you from accidental delete stuff in your system,even if a virus wants to make corruption it will be access denied

Never tried that one. I did try the other I think 3 that were mentioned, rundll32 was one can't remember the other two. Worked fine, but again I go back to the nuisance factor of the warning/tray flash. Not worth it. Not to mention, the OS makes extensive use of the 3 possible additions to do whatever it does in the background. It would be fine for right now which was evident but what about down the road when those 3 have been blocked for so long and the OS hasn't been able to it's sneaky behind the scenes shuffling. Couldn't it possibly break something in the OS?

[jmonge]

not at all i had it like that for months but only windows updates was block but i didnt care to much for that

[BoerenkoolMetWorst]

Anyone knows if AppGuard is compatible with Mamutu?