"OSSS" (Online Solutions Security Suite) Beta is Out

if it loads before windows does this may detect rootkits in real time
also regrun/unhackMe does this early booting

 

It's not your job to prove what your software can do?
You leave that to the user to find out? Remarkable.
Afaik, remarks in this thread haven't got anything to do with primitive trolling. I don't see why you would need to mention that here.

The results from Matousec on OSSS, can those be discarded as useless?
Or are those tests done with the appropriate mix of knowledge and experience and, especially, with those necessary real ITW/zero-day threats?

It's apparantly stressfull to give a reaction on tests that are not on-par with what you consider meaningful testing but does that mean that besides beta-testing in the wild, users are left with nothing else to go on?

Besides support and insight from (and sometimes simply getting acquainted with) reps from security software companies, WildersSecurity also offers a platform for 'marketing-light' e.g. a way to present new programs to the members and readers here.

Your way of marketing is, let's say, innovative.
I've never read from any representative telling folks here;
Test it against zero-day exploits, don't bother me with tests I consider useless and if you don't like that, bugger off.

 

An OSSS license costs $24.95. For what period of time?

Does OSSS require a restart during installation? (If so, why? Malware Defender is an excellent HIPS and can be installed with NO restart.)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

As to OSSS approach of refusing to test their app -- they are saying, in effect, "Our product is great because we say so. If you disagree, prove it."

Example (underlining added) from http://www.online-solutions.ru/en/products/osss-security-suite.html

I would like to believe that OSSS is just as effective against "ALL security threats"" as its proponents claim it to be. However, I won't buy a pig in a poke based on advertising claims. I am a potential buyer -- not a tester. IMO, it is the job of OSSS to offer actual evidence -- not just rationalizations and put-downs -- so as to objectively support the validity of their claims.

 

I think you mistaken. Our job is to make a software that really protects. It is a work of marketers to get users in any way, using any methods, just only to get a users.

Just back to some messages before. Tests that advised by user are passed. But some other user writing post (a direct quote): "osss dont have a solid antikeyloger". What to add here? What to say on this? (I already asked this). I said that this is not true and asked to prove this. I think it is correctly and logical.

Is is not related to an ITW or 0day threats at all. Only one thing in the latest tests were ripped from TLD3 rootkit.

I never said something similar.

I just said that some activity is not related to malware, but can be a part of malware. Some guys coding a tests that call this activity (and only it!) and saying - "malware can do this!". Yes, malware can do this. But also malware must to do "something other" to have a possibility to do this later. It is not a possible to explain a security model in a simple form. But there are "critical points" in the system, as well as in the logic of the application, and, moreover, malware. These actions and controlled.

For example, I can code a "test" that will create a text file. Or read other files and copy it content to newly created files. Oh-oh, malware can steal some information and write it to a file. Isn't true? Absolutely true.

It's an exaggerated example to understand what I mean.

Maybe more honest?

I did not said that. Especially in these words.

OK, repeating the fourth times: we tested software with test that user posted to us. Ofcourse, software protects against this keylogging technics. Later other user wrote... see beginning of this message. Your suggestions.

 

It is depend on country.

One year. There are different license packs like family pack (several computers), for half-year, etc.

Yes, it is require restart. It require restart because it booting before all other components of OS. OS kernel cannot be hooked in such manner later, and if it will not be hooked so early, it will not be possible to control early system events and integrity of the system. (I.e. system maybe in untrusted state).

Yes. That's interesting, but it is really close to truth.

For example, see here (it were one year ago, but it is actual -- it is were tested on Windows XP): here is a test on one blackhat rootkit that were actual for all protection systems for that time (it have an implemented TCP/IP stack in its driver). OSSS not attract to any implementation, but protect against this threat as fundamental solution.

I can not "kill card" when someone says "OSSS not protect from any keyloggers".

Security vendor - it is like a doctor. If you do not trust him, it is not a good idea to "use" it.

I am well aware that it is required to earn the trust of users. But in my opinion this is done by real actions, i.e. systems protections (absense of incedents), and appreciation of this protection from the professionals (for me, for example, the assessment from some of the developers of malware - is the highest rating, and we got some, for example, related to Rustock and some other). And not "hanging noodles on users ears" with beautiful graphics or something similar. Time will tell.

 

well in my own opinion pocs test are nothing ,just went ahead and got my self the latest beta and tried with real world nasty malware and all the time this software alert me of intrutions attemps it's a cool hips as i tried it and like it alot easy to navagate tabs also very chatty

 

So do me a favor & check it out against Spyshelter's tests. I would do the tests myself, but OSSS needs a reboot during install so I can't trial it using Shadow Defender.

 

sorry man at this moment i am testing ProcessGuard after the weekend i will test it ofcourse no problem

 

I'll run a test for you:

Keylogging - Pass
Webcam Capture - Pass
Screenshot - Fail
Clipboard Monitoring - Fail
System Protection - Pass
Sound Record - Fail

 

thanks i didnt have time for testing osss for him but as you did thanks alot

 

Many many thanks! As it turns out, OSSS offers roughly the same imperfect keylogger protection as does PCTools FW (a free FW+HIPS app).

I tried to install OSSS last night but I must have done something wrong. Before Windows ever got to its Welcome screen, a pop-up came up telling me that Windows had noticed major changes in the hardware for my computer and that I would need to re-activate Windows.

I haven't made any hardware changes in a very long time. This pop-up startled me greatly since I do NOT want to try & figure out how to go through the activation process again.

From this thread I see that others have installed OSSS without similar difficulties. Nevertheless, I suggest that everyone image their HD before trialing OSSS or ANY major/complex bit of software. I am soooo glad that I did.

Thus far, of the HIPS that have been tested (to my knowledge), DefenseWall provides the most effective broad-spectrum keylogger protection BY FAR.

 

bellgamin, are you joking or making fun of you?

Above is written by me (several times in different messages), by other users (two minimum), that OSSS protecting against keyloggers. Some users showed results of different tests from different vendors or testlabs. And again, repeating "does not protect against keylogging". Heh. Did I wrong when I said about trolling? Seems like "fat trolling".

Moreover, OSSS have nothing common with PCTools technical "solutions" (technical implementation).

This behavior is not related to OSSS. As you can undersand, OSSS does not change your hardware at all.

I will not comment on this (that's funny how you got your conclusions). You can post and advertise here anything you want, it is not bothering me. Also, you can continue to post that OSSS does not protect at all. It is your right. But my right after this is to call you a forum troll.

 

I think i see where the confusion "appears" to be

Mihail Fradkov says OSSS can block keyloggers, and several posters have run tests which, on those anyway, it does PASS

But they have also run other tests which are Not KL's and some failed. So MF is correct in his statements about OSSS's KL's abilities. If other KL's are tested against it, that would help show OSSS's capabilities, in this area.

I've used the free "OSAM" (Online Solutions Autorun Manager) several times in the past, and rate it very highly

 

Observing how a product deals with various threats and the results of tests is one way to determine a product's efficacy.However I'm not so sure that citing rival vendor's test tools,which are designed with but one purpose,to show their product is the best thing ever,is the most reliable way to determine this.

 

I linked to a series of tests done by a 3rd party (not me) where DefenseWall had very good results versus keyloggers. Several other apps were included in that same test. The fact that I linked to a test of protection from keyloggers -- which is a salient discussion point in this very thread -- does not constitute "advertising" by any stretch of the imagination. I am a retired school teacher. I have nothing to sell. You on the other hand are directly connected with OSSS. So who here is doing the advertising? It certainly isn't me.

You do not like the messages I post? Then deal with the messages themselves, and stop trying to shoot the messenger. "Troll" is a direct personal insult. You have already used this insulting term against me 3 times.

You are a salesman-representative of a software program. IMO, using personal insults and ridicule are not generally effective ways for gaining support for the software you represent. Wilders is a forum for openly discussing the pros and cons of security software. It seems you are striving to turn it into a forum where anyone who questions the efficacy of OSSS is ridiculed and insulted. I sincerely hope that you do not succeed.

 

Where is an 'eating popcorn' emoticon when you need one? This is quite the discussion...

 

I see another problem too.

Bellgamine, how do you test the Anti-Keylogging ability of OSSS?

Cause a lot of people do not understand the following:

LeakTests are not capable for testing security applications. It is not improtand if the OSSS can stop all of the thousand possibilitys to log keystrokes and screens. Did you think about what is done with the log after that? Or how the keylogger should start every time your computer starts.
It is simply not possible that a keylogger can be installed (dropped) while OSSS is running...

If you find a real keylogging malware sample which bypasses OSSS i think the OSSS team will really try to fix that problem and discuss it openly with us.

 

Yes.

Moreover, we already posted on our form, and I already posted here this link about other test details. But this is totally ignored.

Thank you for your support and understanding.

Thank you!

P.S. Habakuck, thank you too!

 

Here is especially for you
http://www.freesmileys.org/smileys/smiley-basic/popcorn.gif
(Not showed automatically in post -- too sad)

 

Been watching for a while, looking for an excuse to install your tools


re:
http://forum.online-solutions.ru/viewtopic.php?p=2516#2516

Understand the thrust of the arguments...Pop_ups for screen grabs or recorders
??

 

So that we are all clear no member here has a "right" to call anyone a troll. I hope we can continue the discussion in a pleasant enough manner. Thank you.

 

I used to be in the camp that wanted a security program to block every test out there (screen grab, clipboard monitor, etc.). I recall Xiaolin ( dev of MD - an app similar to OSSS) saying that this was unnecessary due to the other protections offered by MD. I was a bit disappointed by that, but as time has gone by my opinion has changed. Many of the logical arguments presented here have been informative and, although this thread has been heated at times, there has been some good points made by all involved.

 

How is OSSS able to intercept so early in the boot process? Does it alter the MBR to place code there? If so, will this interfere in any way with an encrypted TrueCrypt or Jetico BCVE boot drive?

 

As far as i know it does not interfer with the MBR but patches your kernel (win2k.sys).

I won't use it together with TrueCrypt! There were some problems with boot time defragmentation for example (they got fixed) but i won't take that risk with TrueCrypt!

 

These "problems" were not really "problems", it were a known issue - we are locked some files due protection reasons. But this behavior were invalid in case if some legal process like chkdsk or boot-time defrag want to get 'full access' to a disk. So, we changed our behaviour (recoded one of the module), to allow legal applications like check disk or boot-time defrags 'lock' a disk for their use.

This is fixed in OSSS v1.6 Beta (it will be released really soon).

As I said, this is not related to any disk cryptors or something other, who are working with disks on "physical" level (crypting sectors).

Moreover, we used OSSS with:

• BestCrypt Containers (Jetico)
• BestCrypt Volume Encryption (Jetico) [TrueCrypt is an analogue of BCVE]
• Software RAID (MIRROR) on Windows 2003

and have no any problems or something.

It is just for information. (We cannot give warranty that no any problem will appear with TrueCrypt, but currently I have no any idea about possible technical reason to make problems with TrueCrypt; so, if someone using TrueCrypt with OSSS, please post here message for others).