Safe'N'Sec Review

Yes he did, and well, the mind boggles....

Blue

 

One thing it DOES do Blue is it does NOT poll as we know polling . RD overlap .

 

@ Peter2150:

I guess I view the learning mode as a double edged sword. PG in learning mode automatically passes applications. This is great if you're clean, bad if you're not. In our hands, it's no real issue, we generally know the difference. In the mass market, I don't know. SNS doesn't have leaning mode, but it does have the three control levels. A question, to which I don't know the answer - if you put the SNS control level into Trusting, and you use you PC, and then put it into Strict mode, is this somewhat equivalent to leaning mode (i.e. do the applications run in Trusting mode show up in the partially trusted/restricted list of applications as they are run)?

The lack of something akin to a learning mode is a gap between the two programs. However, with respect to PG, the response of many casual users to being presented with a screen that has entries like "Block Global Hooks" or "Secure Message Handling" will be the sudden appearance of a vein in their forehead followed by a reach to the medicine or liquor cabinets. I'm not talking about the users who frequent Wilders, even those who may feel they are neophytes. They've already understood the need for some further education, are looking into their options, and have a support group here to appeal for help. I'm talking about the mass market - the one's that may come to us when their PC seems "a bit slow" and when we show up it appears as though the complete KL line-up of viruses and trojans are not only present, but are installed and running, on their PC. These folks need some platform to assist them, and SNS looks like it could (let me emphasize that qualifier - this program is very young in the open market) be a somewhat better option for them. Right now, it's less clear for someone like myself, but I comeback to my analogy with the firewall market. Some users want a very granular and customizable control of their PC's communications, and are willing to devote the time to learn how to accomplish this. Although I could go that route and learn a lot in the process, my own objectives are very modest - I just want to control communications going out based on application, without a lot of learning required on my part. That's it and for this niche of the market, application based firewalls are the answer. They can do a lot more than I want, which is great since there is a continuum of desires between where I sit and the world of complete rule based communications control.

Thus far, I've had to answer half a dozen requests from SNS regarding application launches and follow-up behaviour. It is akin to PG, but I basically answer yes/no with SNS, there is no addiitonal customization possible. PG can be run like this also, so the operational differences may indeed be very minor. For the mass market, limited customeization can be a benefit. Ultimately, with either product, some user interaction is required.

@ hollywood pc:

Right, there does appear to be overlap with RegDefend, the extent of that overlap is not clear at time. What is clear is the customization possible with RD and the virtual absence of that aspect with SNS. Again, for the mass market, I believe that minimal technical detail is an advantage.

I certainly would not direct a casual user to SNS yet. As the issues encountered by the posters here suggest, extensive field testing still needs to be done. I take the support group's rapid responses as indicative that StarForce realizes the need for the field test wringing out of SNS.

Thus far, I've spent a little under $30 and a few hours of my time. Right now I have no complaints. The AV coverage option is a nice feature for those contamplating secondary AV coverage - painless incorporation of a decent demand only scanner

SNS has potential. Of the three products mentioned above (SNS, PG, RD), only PG is at what could be considered a stable state, the others rremain works-in-progress.

Blue

 

I've so far not had any troubles with 1.1 build, however its obvious some people are having issues.

So far I enjoy it more than PG or PrevX because it is slicker and lighter, and just doesn't bug me unless its something malicious. Another thing I LOVE is the strict setting for it. I tested it today on a infected PC, set it to strict, and it stopped, blocked, and purged the infestation.

That to me is an extremely nice feature - the ability to totally lockdown your PC with a click, and block anything and everything you don't want. That said, I think it won't be long before they iron out the issues a few people are having and get it up to speed. So far it has huge potential imho, and as Blue said, I LOVE the backup on-demand AV engine in it.

 

I agree, TOTAL control is a nice facet of the operation. Effectively a temporary, user controlled application-based isolation/quarantine of the entire PC. Exactly what seems to be called for in todays environment when a nasty infection is a potential.

The documentation could use further elaboration - I know I'd like additional details regarding what is going on in the background - but this is a very minor complaint.

Blue

 

I would like to see email scanning as an option for the virus scanner. It could be an optional choice at set up for those who do not want it.
Some thing that isnt spoken about so far , is the ability of SnS to tune into unknown and future malware/virus/ trojan in addition to that which has been really well enumerated by Blue. This is something that sets SnS apart from PG and RG . Something that i would like to know more about.

 

uninstalled 1.00 (trial) and installed 1.1 (trial) . No hassles at all . Working real well .

 

Since e-mail scanning is a realtime component, I wouldn't expect that to appear unless the nature of the AV module changed. In the current climate, it may be less important also as many ISP's are now scanning e-mail at the server level. This feature isn't universal, but it is widely available.

The other aspect of SNS that differs from PG/RD is the licensing model. This is a pure subscription based service. As noted in the license agreement:

There is nothing wrong with this business model, however potential users should be aware of this distinction is assessing their options. The program is also too new for StarForce to have fully considered renewal pricing strategies. Presumably the renewal price is some reasonable fraction of initial cost. If you use AV programs as a model, 1/2 to 2/3's of the initial cost would be a reasonable supposition, placing the renewal cost at $15-20/yr.

Blue

 

There is only one problem with SNS- it doesn't protects against buffer overflow attacks as said on Star-Force site.

 

I wasn't aware that Star Force had made such a claim. Could you provide a direct link? Thanks.

Blue

 

Hi Blue,

Naturally I contact the technical support ;-) Konstantin has send me the following response this morning concerning the fact that SnS doesn't want to start on my system :

" Try to disable all your security programs when you are trying to install Safe’n’Sec. If you worry about the security holes – you can disconnect the network and activate Safe’n’Sec after the reboot."

The only problem is that I have already try that with no more success

Atomas31

 

http://www.star-force.com/computer_security/security.phtml?c=245&id=569#2

"Safe'n'Sec effectively protects computers against hacker attacks that exploit vulnerabilities existing in the Windows OS and sophisticated software to break the system integrity, access user data, execute malicious code, etc.". The WinOS vulnerabilities are buffer overflow vulnerabilities ONLY. And SNS doesn't protects aganst it.

 

I did email them about renewal policies after the first year and they said that it would be around 30% of the initial purchase price.
So for the full version you would be looking at around 25 bucks.

 

Concerning the buffer overflow from what the technical support of SnS indicated to me is that right now SnS doesn't actively protect agains Buffer overflow but will in a near future. They intent to develop protection against Buffer overflow in SnS and that in a near future.

Thanks Peter, I am happy to hear that I am not alone with that problem with version 1.1 ;-)

 

Atomas31 & Peter2150,

Sounds like this is a problem for the vendor to mull over. Hope they come up with a decent analysis and resolution.

Blue

 

Nitrox,

30% off the initial purchase price, correct? Let's see, $25 (Cdn) ~ $20 (US). Not bad. Naturally users would have to weigh this as an on-going cost vs. the straight purchase (with possible upgrade costs) of other solutions.

Blue

 

You see, the main point is that priviledge evaluation vulnerabilities mostly are not used, because most people use accounts with administrative privileges.

Near future? Ha-ha-ha. SNS main developer is came to SmartLine. So, your "near future" is at least ONE YEAR.

 

rav1,

I don't wish this to develop into a flame fest, but if you wish to state "most pertinent" vulnerabilities, then do so. I gave one simple example. There are others beyond this one. You chose the plainly interpreted word "only" and chose to highlight it. As a simple matter of fact, the statement you made is not correct.

As to your point regarding safeguarding against buffer overflow vulnerabilities, you are correct at the present. As with any product, an assessment of robustness, fitness for specific usage, and whether to purchase should never be made based on features to be introduced at some point in the future.

Cheers,

Blue

 

The price would be $35 US at 30% off so it would be $25 US.
For us Canadians it would be a little more than that, about $30 Canadian for the renewal.

 

I installed 1.1 with no problems . And Pete . Just in case . You probably already know this but , if you use Prevx , be sure to shutdown the PXagent . If not , it WILL hang your system . And Blue . Good points , AS USUAL . I better go and cajole with this thing now .

 

Pete,

Must be my cajoling - mind you, it is in the privacy of my own home...

Your experience is somewhat the reverse of mine. On my initial attempt to install the "original" 1.1 version, the installation appeared to go fine but there was no launch of the activation procedure and any attempt to launch the SNS management console yielded nothing. I did see the safensec service running, but that was it. Numerous reboots yielded no change. It was as though the munged activation (if it even got so far as to be called munged) blocked the entire application except for an uninstall.

I uninstalled that version, and waited for the most recent release. I'm not sure of the version numbering system they're using, it is listed as version 1.1 under add/remove, the processes (using ProcessExplorer) yield version 2.00.0000.0105. This install went fine with the activation process launching as it should. Since that time it has been stable. I have WG/PG/RD/BOclean/NOD32 running. Firewall is Outpost Pro. I have many of the applications you list (TDS3, Port Explorer, Cryptosuite, Giant AS, Webroot Spysweeper), but I use them on demand only - no realtime components are active. I don't have Zone Alarm or First Defense-ISR running, nor have I used Spywareblaster. So, a number of commonalities, but many differences also.

This isn't a case of where you've run up against the limit of 5 activations is it? Ignore precisely what version was installed. Has the total number exceeded 5? Just wondering in the event there's a bit of a problem in this implementation.

Blue