Yes small change for a very specific set of customers running legacy 32 bit system apps on a 64 bit machine.
so you have the geofencing in blackfog and that's great but could you add information in events tab (recent blocks) of what country has been blocked, should be easy enough tweak to add 1 column with country info this way I don't have to turn off geofencing alltoghter to visit a particular website and compromise security in that layer
@lucd We do provide that in the actual Event itself, the button on the Events section. I assume you mean the one on that page with the icons?
@Darren , Could you explain exactly what the execution tab does when enabled. Does this block the execution of malware in the system etc (fileless malware for instance) Under what circumstances should it be enabled and disabled for instance. I assume this would not block the activation of an .exe from the desktop.
Great question @DarkStar. So the execution option provides a new technique for preventing malware execution. The old technique used a fairly draconian whitelisting approach, which while effective, tended to cause more trouble than it was worth for legitimate applications. Unfortunately, not everyone follows the rules when it comes to development and a lot fo apps (including those from MS) used these reserved locations to execute files. This meant you had to whitelist a lot of apps and it was simply too much effort for the average user. So we eliminated this in favor of process monitoring and application validation generally. This is a behavioral technique for detecting malicious activity. The concept is that malware masquerades as other applications, or spawns from system processes to attack the user. In these scenarios we introspect all the processes to see if they are being hijacked, replicated or simply spoofed. Now like the networking rules, this is done in real-time as well. The infrastructure was all part of the 4.0 release but we delayed implementation to ensure the core functions were stable and then added it into the 4.2 release. Ultimately this will lead to less false positives and ensure more accurate protection than the previous technique as well and we are continuing to add more functionality to this switch in 4.3 which we expect to release before Christmas.
FYI, just noticed that post 4.3 yesterday, I did have the following threat detections - in short succession ... but must say I can't remember what I did to prompt these, nor did I notice any Windows notifications, nor any ill-effect: Attempted illegal process execution: explorer.exe (PID:8524) Parent: winlogon.exe (PID:1300) Attempted illegal process execution: explorer.exe (PID:19320) Parent: taskhostw.exe (PID:19576) Attempted illegal process execution: explorer.exe (PID:14472) Parent: taskmgr.exe (PID:20392)
I think you can achieve better results with better GUI management to make specific country visible directly in the events section (whithout clicking the second events button) by adding a 5th column, e.g. 1) Date 2) Hostname 3) Process, 4) Port 5) Country (new column), there is too much noise (from privacy clean) in the second (last) events button in my opinion, or add some filters to the second events button, to filter out geofencing the second button event section cannot be checked against the first event button, because there are spammy privacy clean events and other junk... not a big problem but please take it into consideration so I or some other user don't waste precious time best
Good feedback @lucd we will look at that for the roadmap. @paulderdash We will be removing that message in the next release. These are just transient spawns of explorer by the system.
We have a beta of 4.3 available later today with changes to the events if anyone wants to try it. We have enlarged the area, provided excel export and new filters for the events. PM me and I can provide the link to try it.
We have now released 4.3 with a number of changes related to events filtering and optimized messaging and performance across the board. Please see our web site for the release notes here: https://www.blackfog.com/changelog-privacy-win/
Looks like iOS version was updated to 4.0.0. What features work if i don't buy license to it? Because i really hate paying twice for apps that change to in-app purchases after release, when i already bought it when it was released initially..
@X9X As an existing user it is free for life on iOS. If you already purchased it prior to 4.0 then as a thank you we have grandfathered in all existing users. The app should recognize that you are an existing user and just lock it in. So you get all the new filters and regular updates forever.
For me it says unlicensed in the app. And it's not blocking anything.. https://abload.de/img/f54a7f88-70e3-467f-b29jd5.jpeg
You should be able to click restore purchase in the settings to enable the license. We will validate that for you Monday if that isn't the case for you.
Tried restore button, but it doesn't seem to do anything. Also tried to uninstall and reinstall the app, but no luck with the license working. Let me know if you need the receipt from app store that i got when i purchased Blackfog.
We have just submitted a quick update with 4.0.1 which fixes the grandfather code. Apparently it has to compare the build numbers rather than the version numbers which we were doing. Hopefully that gets pushed through quickly from Apple.
