360 Total Security - English

Any comments regarding this?
https://malwaretips.com/threads/scareware-leads-to-360-mobile-security.61357/

 

Sorry for the delay folks. I imagine this trend could continue in the near future until in a few months time I'm out. So, again, reminder for everyone who would like to volunteer,
that would be great. Until then, usual contact email support@360safe.com and facebook https://www.facebook.com/360safe
Now, to the business at hand.

I see certain shopping/banking sites are not under protection, so I'll get right on it.

 

I can't connect to the website... If someone would be most kind to provide me with a complete/direct link so that this can be resolved.
The URL i was attempting to access was: https://google.com.antivirus.com/G/UK/index.html

 

I also tried via Vivaldi, same thing, can't connect...

 

Oops, sorry. I overlooked that.

Yep, this web address is inaccessible even from 360-less PC.

So Qihoo is clean in this respect.

 

I just removed 360TS because it automatically installed the Chrome extension without a by your leave. I'm a big fan of 360TS because it's free, has excellent detection, and is easy to install/remove with no problems. But if a program takes the liberty of installing something, that's it!

 

If it is the only problem for you with 360 then If I remember correctly there's a checkbox "browser protection" which is on by default. You can just make it off.

 

Those banking sites and buying 360 was not actively protecting is in the process of integrating, it might take a while.

So, the url thing is no longer valid then? If so, I will put this on hibernate until it resurfaces again. If it's not after 30 days from now, I will forget it.

It's a feature, not a bug. If you really need/want to remove extension, you can do so via browser extension/addon management.
It is not a cosmetic or useless addon, but actually a "bridge" between supported browser and 360 TS/TSE.
Still, you can remove if you really want. Not recommended though as it degrades specific protection features.

 

Hi GakunGak

Re ur last post 2059

"Those banking sites and buying 360 was not actively protecting is in the process of integrating, it might take a while."

What does the above mean?

Are u saying we have to let the addon learn the banking and shopping sites?

Thanks

Terry

 

I think GakunGak meant those banking/shopping sites will be added in a while by the 360 team. Well the sooner the better for the benefit of the international users.

 

In a nutshell, yes. Addon is responsible for browser traffic.
I will do my best to push extensionless web protection and for better compatibility, allow users to manually select exe files to designate them as browsers [so that there is no more waiting for implementatio of specific browser].
If I remember correctly, Norton managed that very similar idea. So, it can be done.

 

It's an option in 360TS that you can choose whether you wish the extension installed. I chose not to but 360TS had a different view. Not good.

I'm not disputing it is useful, but if I deem it not be so for me 360TS should respect my wishes.

 

Not many people are into technical stuff, and hence, want to just their computer for business, work, gaming, entertainment, escape from reality into virtuality...
It is, in fact, a good thing to provide optimal protection. Users more into computers can remove whatever they chose to.
Do have in mind, that in the event [theoretically speaking] that something goes wrong due to absence of extension, it was not 360's fault it was crippled in a protection capability and cannot be blamed

As I said, I'll be working while I still can with engineers to have web protection extensionless.

 

Hi GakunGak

Can you clarify something for me about 360 TS Essentials please.

As I understand it there are four A/V Engines (When BitDefender and Avira are turned on), yet when I look at the update logs for 360 TS Essentials, I see ONLY BitDefender and Avira updates. Nothing for the internal 360 TS Ess. Engines.

Question

1) How do the internal engines update then if they are not shown in the log?

2) Does it suggest a problem with my updater and its set up?

Thanks

Terry

 

Sure thing. I'll do my best.
In real world, that's us, there's 5 engines responsible for smooth and good operation of your PC.
Those are:
1: 360 Cloud Scan engine. Deals with already known viruses and has few enhancements for varians. Cloud Engine and defs are updated inside 360. You get updates by being connected to them via Internet.

2: System Repair Engine. Deals with anomalies present within your system that may degrade speed, usability and security operations. Handles removing, downloading and replacing
critical system files [due to malware modification] so that your system is clean. Also handles critical windows registry entries. Engine and defs are updated inside 360. You get repairs by being connected to them via Internet.

3: QVMII AI engine. Basically a brain on steroids [virtual one!]. Handles the unknown. It breaks down, figures out and analyses the unknown sample. Tries to figure out it's origin, it's
operating philosophy, the way it is created, and also possible variants for future detection. It learns just like a human brain would. Some samples do need human interventions and such
are flagged by the system, after which that sample is taken to a laboratory for deep scan close inspection. After that, it's signature is released to the world. AI get's developed and handles
it's stuff inside 360. By being connected to it, you ensure that anything unknown will be analysed by AI and if malicious, you'll get protected.

4: Bitdefender. Engine and defs are updated inside 360. You get definitions downloaded inside your 360 local installation along with the engine. You get updated both.

5: Avira. See above for Bitdefender, same deal.

There is no problem with your setup

 

Hi GakunGak

What a splendid reply!! Thankyou.

Terry

 

Much appreciated your feedback, thanks.

 

Hi GakunGak

Is there any possibility of achieving the following

1) A one button (Desktop or Taskbar based) sandbox deletion feature?

2) An on Browser shutdown deletion of Sandbox?

3) An automatic recovery of downloaded file to a specified folder or one button recovery of downloaded file from sandbox into specified folder?

Thanks

Terry

 

1: No. But you can make a shortcut pointing to a: "C:\Program Files (x86)\360\Total Security\ipc\360boxmain.exe"

2: No. But you can make an option to: Sandbox>Settings>Advanced Settings>Sandbox Cleanup>Automatically Cleanup Sandbox at shutdown.

3: No. That defeats the purpose of sandbox. Assume malicious file is automatically recovered. That could be a bad situation.
If you need to manually recover your file, go to: Sandbox>File List>Directory Browsing tab> navigate to download folder

EDIT: If [of course it does!] sandbox needs some improving, drop me wishes, I'll compile them and see what can be done.

 

Hi GakunGak

Many thanks for your reply. Let me say I am routinely sandboxing my browser hence my plea for economy of keystrokes ie One button.

1) The option to use Boxmain.exe as an icon on the desktop is helpful, BUT it reqires two keystrokes to delete the Sandbox. It requires three keystrokes to shut down the 360 interface, so we are not gaining a great deal.

2) Your reply to (2) above is already being used and is a good feature.

3) I take your point about security in the Sandbox as in (3) above.

Consider this, if you are using the sandbox (there is only one) in 360 as routinely as I am then it becomes tedious in the extreme exercising all these key strokes. For example I I want to do internet banking I have to disgorge the contents of the sandbox, three keystrokes in each direction. Then load up a different browser for banking use only. OK, I here you say, migrate to Sandboxie then you will have nearly everything you are asking for. BUT, I left Sandboxie because I like the idea of a Sandbox integrated with the A/V. Before I give up on 360 Sandbox, my purpose is to pursuade you that the use of the Sandbox could be simplified significantly ie too many keystrokes. For the benefit of everyone.

Another example is getting the download file out of the Sandbox, you could not make it more difficult if you tried. (8 actions/keystrokes to get the file on the desktop, then the return keystrokes.

Ergonomics plays apart here, BUT who are the DEVS. making it for?

Can you reflect on what I have said and see if there is scope for some simplification?

Thank you

Terry

 

@TerryWood let's go step by step.
1: Ok. I'll have to see what combinations to use, if CTRL+SHIFT+C or X are not already in use by something. Compatibility with other software, because reasons.
2: I'll see what I can do about SPECIFIC process termination & cleanup. I'll need some time to come up with a plan to track specific process files and spawned process & files.
3: I'll get on a drawing board to simplify some things.

But, why are you sandboxing a browser when you are going to unsandbox downloaded content?

Why not virtualize [VMWARE] with Linux for your banking needs? That's as secure as you can get with simplicity [no need to sandbox anything]

 

Or use a live linux CD of Fatdog64. This way nothing can be written back to the CD unlike a USB flash drive with persistence.

 

Hi GakunGak

A thoughtful and positive response - Thank you.

Now, to try to answer your two questions.

1) "But, why are you sandboxing a browser when you are going to unsandbox downloaded content?"

Not everything that is downloaded is malware, the Sandbox is a containment facility until one determines otherwise. Your question implies that the Sandbox should be used for downloading only malware. That of course is not true, it can be anything. If the software that u download is suspicious and you prove within reasonable doubt that it is OK why should you not remove it from the Sandbox.

Indeed, by your own argument, why have a recovery facility at all, you just need a delete mechanism. I throw your own question back at you, why include a recovery option in 360 TS Sandbox for downloaded files?

I treat everything I download as suspicious, even from Microsoft sites. There is no such thing as absolute security. I am religious about scanning and using Virus Total. I like to think that I am security conscious. So, finally, if a recovery option is included in 360 TS Sandbox, why make it so convoluted to get the file out. Frusration is more likely to cause **** ups than making it easy to extract the downloaded file.

2) "Why not virtualize [VMWARE] with Linux for your banking needs? That's as secure as you can get with simplicity [no need to sandbox anything]"

My reply is this: My experience with VMware and Virtual box has not been a wholly successful experience. Maybe it is me I am not a techie. That said most of the world uses Windows to do online banking because it is what they know or they choose not to complicate their lives further. I have, in the past, used a specialist live CD, linux based produced by an Aussie company. But rebooting (even on memory stick) is too much like hard work. It boils down to a balance between convenience and security

So far, I like the idea of Windows with Application Sandboxing segregated browsers and a strong suite of other security software such as 360 TS among others. It works and is convenient.

Hope this gives a flavour of my thinking and the reason for asking for modifications.

Finally, ask yourself three questions:

1) Do you know how many people use 360 TS Sandbox regularly to make your investment worthwhile?

2) If not many people use it Why?

3) Is flexibility and ease of use an issue perhaps?

I look forward to item 3) in your last post.

Thanks again

Terry

 

I will see what I can do. That much I can promise.

Answers:
1: Not that many.
2: People mostly trust the sites they visit, and therefore do not believe they should secure their web browsing experience. Others have reported issues under SUA
and therefore not able to use it at all.
3: It depends on who do you look at. Some are not educated in sandbox phylosophy, some are afraid they might break something, some are just skipping few seconds
of sandboxing to speed up waiting, some do not even care what could happen....