Anyone have experience on this product: http://www.fortresgrand.com/products/pf/pf.htm ? Google doesn't reveal much. Is it compatible with other security softs as part of a layered security setup?
It looks at your installed apps and what filetypes are registered with them. If example.docx is opened with Office, you get no prompt but if (for example) "unknown.exe" wants to open it, the program asks for permission. But if you have recently opened it with "unknown.exe" (before installation of PF), it doesn't ask for permission now. It depends on: a) registered filetypes b) installed applications c) recently used list d) digital signatures I see, that it installs a kernel-driver. I don't know if it injects a dll into programs, or how does it exactly protects the files. You have to try it out in a VM
@paulderdash Good find Novel Effective Approach to Privacy Protection Simple setup The gui has some bugs and it does not find all the files extensions. So I would suggest to auto trust signed applications also. It is like MemProtect with a GUI and auto-allow function. When you auto allow signed programs. Privacyfence in action I changed my Chrome settings. These are saved in a text file. Chrome is not specified as the program which is allowed to handle files with the TXT file extensions. As promised it intercepts the save and asks me to trust the program, allow this action or block it. Bottem line This program is offered as a FREMIUM (first year free license). Should be effective against ransomware. Privacy Fence has the same limitation as Secure Folders: it won't protect you from ransomware which uses signed programs like Windows Explorer. Considering Secure Folders is not maintained anymore and Pumpernickel has no GUI, this is a nice fremium alternative.
According to the website requirements, Privacy Fence is supported only on Windows 7,8 and 10. If you have a legacy version of Windows, you're out of luck.
I also thought so. I saw it mentioned in two other posts in this forum (one mentioned it didn't work alongside VoodooShield), but could't find any third party info on it. Thanks for 'positioning' it vs. other Excubits tools. May give it a try on my Win 8.1 system, though it may be overkill alongside e.g. Appguard.
I tried it for a short time and was not impressed. The "wizard" that finds vulnerable file types only found one thing. When I tried to uninstall, it kept popping up an error message. I finally just rolled back to a prior snapshot to get rid of it. It's worth what you pay for it, I guess (nothing)....
Thanks for the heads up, it's still an interesting tool but it will probably fail against ransomware if Win Explorer is used by ransomware to do the encrypting.
VoodooShield doesn't register itself in Windows as a program that's allowed to handle .dat and .log file extensions. If VS is manually registerd then it does actually work alongside Privacy Fence. On my machine:
My experience has been different. I can add any registered file type to the list of protected files. It can't be uninstalled unless you disable protection from within Privacy Fence GUI first. Additionally you might need to stop and delete the driver (fgcpac.sys) That's the same method that you'd use for other software that installed a running driver that the uninstaller couldn't stop.
Under 50MB memory, that's ok. But i wouldn't add Windows Explorer as a Trusted Application. It's one of the big targets of malware.
Would this app be useful if the lists were populated as follows: Protected File Types - JSE,PS1,SCT,VBE,VBS,WS,WSF,WSH Trusted Applications - "Empty"
Interesting question. In theory it should work then you'd get a prompt if any files with those extensions attempted to launch. I haven't tested though.
So, curiosity got the better of me, and after a image backup I installed PF. I was greeted with a long list of Registered File Types. I entered some of them into the Protected File Types section (JSE,SCT,WSF). I created a file with extension .JSE, then saved settings in the app. Double clicking on the JSE file kicked up a prompt by PF asking if I wanted to allow access to the JSE file. I clicked on Block, and access was denied. Double-clicked on the JSE file again, but this time I ticked the "Remember my choice" box, clicked on Block and again, access was denied. In PF, opening the app that tried to access the JSE file provided me with a screen of file extensions that this app could open up. So, it appears that PF can handle a list of vulnerable extensions, and keep a list of trusted applications, BUT ALSO restrict these apps from opening the vulnerable extensions. Renaming the recently-created JSE file to SCT caused PF to kick up a fuss, asking if I wanted to allow this action. I blocked and access to extension change was denied.
For me the wizard also only found a few file types. I didn't really play around too much, so I have to confess I uninstalled. Auto-allowing signed applications may be a 'workaround' but does leave the Windows Explorer 'hole' mentioned above. And isn't signed malware an issue? Maybe I need to play around again, tick 'Trust Signed Applications' and then untick Windows Explorer? Essentially though I want to protect Documents, Pictures, Music and one or two others ... maybe best to pursue Appguard Private Folders, or Pumpernickel for this. Last time I tried WAR it was still a bit buggy.
It only finds registered file types for applications that are registered to handle those file types. Example: PF installer must be "run as administrator." I also uninstalled PF twice after first testing as I wasn't impressed either but have since stuck with it. It takes a while to get used to configuration and understanding when it might be better to disable PF protection - before installing windows updates for example. Once configured you get virtually no pop ups after a few days. "Trust signed applications" should be fine. For signed malware I'd expect my on access AV or VoodooShield to pick that up. Not sure about "Windows Explorer" hole. Are you saying that explorer.exe can be exploited by malware to modify personal files?
Question about Registered (Designated) File Extensions vs Unregistered/Deleted File Extensions... Halfway down this website, it informs the reader to remove LNK file extension. Others have taken this a little step further, and removed URL as well (cannot find post at the moment), and another one that recommends adding some. If the File Extensions are not registered/designated, then they cannot be added to Privacy Fence for protection. What would be the correct approach to this; re-introduce deleted/registered File Extensions so they can be monitored?
Anyone know how to get a registered/designated file type into Privacy Fence, even though the PF Scan doesn't bring it up? I can't get WSH to show, even though it picks up WSC and WSF. Both Group Policy and Types (3rd party app) inform me that WSH is registered...
I would rather wait... based on my experience today with PF... wait till you receive a prompt from PF that references Explorer. With this approach, you can define a granular and specific rule based on "how" Explorer will be trusted. This is the opposite effect of manually introducing Explorer as a Trusted Application. The added bonus of this approach is that common sense is required only when you click on Allow or Block; a pleasant PC user experience Also, don't do what I did and add regularly encountered file types like gif / jpg / bmp (and furthermore, all font-related file types <---- this is the one that borked me nicely!) without considering each and every app you have installed. In my case, it locked my system up and forced me to engage Safe Mode to remove entries from PF. It's one thing to see if an app is right for your setup; it is another to pretend to be e-Houdini *smacks himself* At this point in time, I decided it wasn't for me. I felt it was overkill, considering I don't keep valuable files on the PC. Also, still stuck in a to-and-fro game between Secure Folders and EXE Lock. PF is a nice app, however would be good if the user was allowed to add custom file types (eg: non-existent ones), instead of just relying on registered ones. Credit to author of OP for this find! EDIT: Add .js and .pbk (dial up passbook, something like that). I had some interesting requests for the 2nd one, and a couple of requests I didn't expect for the 1st, although legit apps... fun times ahead.