AppGuard 4.x 32/64 Bit - Releases

Barb, before I see this post, I indeed decided to stop replying to this topic. Now, you said what I directly quoted from Microsoft public information in black and white is "nonsense" and "false statement", and rather you believe in what your chief architect said being true, I can tell you, in this case, I will also stop here. I will leave what we've discussed to the members here to judge what makes more sense.

Good luck with Appguard.

 

In my opinion the KMD method is the next best thing to running at the kernel level. I'm working with other developers right now that are not using the KMD method, and I think we are going to switch to the KMD method. We are currently testing several different options.

 

Oh, ffs....Please stop quoting this guy, I'm trying appguard out now and I'm very impressed....I'm not interested in A versus B posts, they're always biased often wrecked by a so called experts interpretation of how something does or should work....Me?......I like to take it out of the box and judge on personal usage... And for me, so far, appguard is very impressive.

 

Thank you for your reminder. Yes I've made myself clear, and I believe at this point members will have a better understanding about what we've discussed. I am done in this thread this time for real...

 

Sorry, I can't let it go when you misquote me. I never said that what you quoted from Microsoft was nonsense (and my expert even conceded that a small part of AppLocker is most likely implemented in kernel space). I said that this back and forth between us is nonsense. BTW, why do you believe claims on Microsoft website vs. our web site (you can PM me if you really want to answer vs. continuing in this thread, but the question is meant to be rhetorical)? Anyway, I hope you will stop misquoting me and making false statements about AppGuard and our website. At least my expert has tried AppLocker first-hand and studied it in order to make some comments. I don't believe that you have even given AppGuard a try. Now I will stop (unless you misquote me again or make false statements about AppGuard).

 

Thanks, and I wish I had seen your post before I made my last post. It's just very hard to let false statements go by without disputing them (though I am trying). We're very proud of AppGuard. Though we know that it can be improved in many ways, we also know that it is very effective protection against 0-day malware. Anyway, I'm glad that so far you are impressed with AppGuard.

BTW, my post comparing AppGuard to AppLocker was prompted by questions by another poster. I did not initiate it.

 

Thanks for reply Barb......Everywhere I read about appguard its highly recommended and respected both by users with a moderate understanding and those with a developed knowledge....I can understand why some use it as their primary browser security and AV's for scan only. I did try it a few years back and to be honest I found the options overwhelming, this version seems a lot easier to understand

 

I think i'm going to have to go back, and read the forum TOS again. This will continue to be a problem as long as the same 3 members are allowed to spread false, or misleading information about AG in other threads. Statements like, "AG does not mitigate exploits, or AG is useless against exploits" seems to be a common theme with the same 3 members here. I'm not going to waste my time on them anymore. I took it upon myself to volunteer my time here answering support questions because I know how great a product AG really is, and I want to see it do well. I have seen so many great products come, and go over the years due to lack of funding. These users are only discouraging others from using AG for no valid reason. Stating AG does not mitigate exploits at all just because AG does not mitigate rare exploits that only reside in the memory is false information. All I ask is that these members be clear about what type of exploits AG does not mitigate since they continue to post this misleading information in other threads. You can't just state AG does not mitigate exploits at all because it does not mitigate a rare class of exploits. I will not be responding to their post anymore. I will leave that up to BRN. I actually want even have the time to now. I have been working on a project of my own for the past 4 years, and I discovered a bug in the software I depend on for this project. This bug caused me to loss a substantial amount of data. This project is very important to me, and I have thousands of hours working on it. I'm sure it will take a few thousand to get back what I lost. I will still make time for beta testing, and answering questions from actual users of AG though.

 

Thank you for the link, Barb_C. I don't understand these things, certainly not why a big company like Steam with so much on the line in regards security wouldn't follow best practices.

 

I hope you find something in TOS that applies here, like a rule limiting the number of antagonistic "questions".

 

Sorry I am late to the party, but another user told me what was going on here. If we need to continue this discussion, let’s start a new thread.

UAC and elevation of privileges represents the best technology that the 1970’s had to offer. Everyone disables UAC because it is extremely annoying (91% of all users from what I remember). I cannot count the number of times that I was called in to remove a virus, and UAC blocked the malware removal tool I was trying to use. Think about that for a second. Seriously.

AppLocker is great, but not even close to being user friendly. And when it comes to computer security, the only thing that really matters is that if the user can use it or not. The example I always use is the home gym. What is the best home gym / workout machine? It is the one that the user understands and USES.

So we have 2 choices. Rely on UAC that has been proven to fail miserably over the last 7 years, or try to find something better. It would be a different story if UAC was perfect, but considering its track record, it is obviously time to find something better.

So to insult companies and people who are trying to make a difference and do some good… well, there are no words for that.

Oliver… you are a scientist. So are we. Quit trying to be an expert in our discipline, and we promise to not to pretend we know anything about yours.

 

Well in Steam's defense the best practices seem to be a moving target and even some Microsoft products are guilty of violating some of these rules. I have made a mental note to review them again to make sure that we're still adhering to them all. Based on a quick scan, in AppGuard we are, but some of our legacy products have just been brought up to date in the past two years. For instance our VPN products used to write their logs to the program files directory as well.

 

Very good Barb, thanks! I was wondering if that was the case, that AG was precluding the process before it was detected by Process Explorer.

 

Just installed AppGuard for the first time and it's working great. Any beta testing promotion for WildersSecurity members? Thanks

 

Thank you Ms. Nancy Canty and Blueridge team for sponsoring 20 AppGuard coupon codes for M*D*L users

 

Dan, I always appreciate the integrity that comes through in your post here and in your conversations with us during the development of VoodooShield.

Thanks Barb_C for providing some perspective on best practices in general and in regards to Steam.

 

I just want to make clear that I appreciate AppGuard as well. I know discussions like these get out of hand very quickly and it's sad because sceptical questions can be very beneficial and informative. I for one am thankful for both the persistent users with their nagging questions as well as the official representation and support we get here.

 

Best of both worlds. UAC set to elevate silently and deny elevation of unsigned executables on windows 8.1 home with appguard set to allow only hardware vendors as trusted publishers with ms and google update as power aps (removed google and microsoft from trusted publishers).

Mitigate intrusions with AG's memory protection
Block shoot in the foot errors with user space deny execute
Run guarded aps in LUA-container of AG
Protect admin space with UAC (allow signed only)

No pop-ups, updates of trusted aps are allowed, that is how endpoint security should be: safe and non intrusive

 

I now have my serial number and password for appguard 4.1.45.1.....I'm puzzled, if I'm reading the faq correctly if I want to uninstall appguard ( maybe I want to reformat my computer, whatever, doesn't matter) I get one opportunity....Uninstall ONLINE and then re-register when I install it again, no problems with that...But does this mean that's it you've used your one off chance\opportunity and now I have to email appguard and explain so I can reformat in the future to reactivate. seems a bit rum!.....Can they not confirm the user\computer are the same via hardware serials during the activation check?

 

Would appreciate if someone can post screenshots of their AppGuard configurations.

 

It probably would not be very helpful for someone else to post their AG configuration. Someone else's AG configuration will likely be to make AG work well with the software they are using. What OS are you using? What other security products are you using? Are you having any conflicts with AG causing broken functionality of other applications? It's normal to see a lot of blocked events in the event log as long as it's not causing applications to not function correctly. What browser are you using? What other web applications are you using like mail clients, instant messengers, P2P applications, etc.. Are you using a pdf reader other than Adobe Reader? If so then you will need to add it manually to the guarded apps list. If you are using Microsoft Office then AG should have added all of those applications to it's protection by default. AG also should already have added Adobe Reader, Adobe Flash, Windows Media Player, VLC Player, Firefox, Google Chrome, IE, and Opera to the guarded apps list. I use the Mega K-Lite Codec pack so I had to add Media Player Classic to the Guarded Apps List. I also had to add Tixati Torrent Client, and Jitsi Instant Messenger to the Guarded Apps List. It would be easier for us to help you if you have specific question.

 

Its late for me. I will check on this thread again tomorrow.