Finally worked it out to tackle DRM issue with GeSWall

Discussion in 'other anti-malware software' started by Kees1958, Jul 18, 2008.

Thread Status:
Not open for further replies.
  1. Kees1958

    Kees1958 Registered Member

    Jul 8, 2006

    I finally worked out a work around for dealing with DRM issue and GeSWall. Problem with's GeSWall protection is that you eiter throw away your digital rights with WMP or allow a hole in your protection.

    Work around
    a) Apply Aigle's tweak for controlling outbound traffic for untrusted resources
    b) Allow WMP to go outbound, set WMP to never isolate
    c) Set WMP classic to always start isolated and do not allow it to go outbound (easy is not adding Aigle's rule), add the following rule to classic player

    Resource name: \Device\NamedPipe\lsass
    Resource type: Device
    Access permission: Redirect

    d) Start a media file with WMP classic, choose classic as player for all relevant media formats and save
    e) Set all your P2P directories (used by LimeWire for example) as untrusted in the resources part
    f) Leave your seperate directory in which you store puchased music etc as a normal (e.g. trusted file)

    - double clicking a media file will launch WMP classic as untrusted
    - opening an untrusted media with 'open with"and WMP (v 10 or V11 which ever you use), will pop-up GW with the question do you want to isolate
    - opening purchased music happens quietely in trusted mode

    This shows that a trusted file with trusted application stays trusted (untrusted with untrusted, stays untrusted also) and an untrusted file with a never isolate application becomes an isolate on access. This scheme of combinations is not presented in the help file and Brian did not tip on it either (only solution was to set lsass to system, which I did not like), so it is problably tested as an exception situation and not in a regular usage situation (otherwise Brian would have known of this safe and practical work around).

    Regards Kees
    Last edited: Jul 18, 2008
Thread Status:
Not open for further replies.