Discussion in 'other anti-malware software' started by ssj100, Aug 6, 2009.
for me it doesnt matter at this moment i will remain using 32 bits for now
So what will he do? Create something else? Quit the malware business entirely?
this is something the developers has to decideas for me just stay with the 32 systems
Indeed, but Id still be interested in his thought process, as to how he plans to deal with the situation, if hes willing to share it off course.
not sure how gentlesecurity is going to handle this patchguard situation but i am not supporting any 64 bit systems
Man if there was only some we could force MS to back down from this!
wooo hahaha for the first time i agree with you in something
And under a different product name, so the defensewall brand would not be affected?
Hehe, Ilya won't be "Ilya" - he will go incognito on a secret mission.
I can only refer to what I've been reading around, and it's not a matter of being allowed or not to do anything.
I hear what your're saying man. Its just annoying though. At some point we will all probably have to switch, and when it happens I might not have my favourite security apps or I might have them in a weakened form. If thats the case I may as well use apple imo. Atleast its beautiful!
Im seriously considering getting a mac with Snow Leopard when it comes out instead of win 7 x64.
So basically Kernel Patch Protection will prevent legitimate security software from installing, but some malware can still find a way right?
So what will you do once x64 becomes the industry standard?
Ive got a question for those who are more technically inclined than me? Why is M$ adding patchguard to only x64 systems? Why not do it for x32 as well?
Also what is the added advantage of 64bit computing other than access to more than 4 gigs of ram?
No way. If I know the defense is broken by design, I will never use it.
Not from installing, but from properly doing its job as MS doesn't have all the features requires for proper sandboxing with their kernel-level filtering API.
Will sue MS.
It depends on the behaviors of malware. Some malicious application don't install drive even replace the kerenl drive, they just modify files or registry keys to accomplish their nasty goals.
I don't buy it anymore when developers of smaller projects like Sandboxie or DefenseWall say it would be impossible to have good proactive protection on x64. KIS and Outpost HIPS' are very strong on Vista 64 and improved much over time. So give it time, I bet when 64 bit will be highly spread we won't have many disadvantages there.
Also KIS has a sandbox on x64. It is not as compatible as the 32 bit version but maybe it will improve with critical fix 2 (already announced) and later versions.
I must say that my security solution BitDefender, has support both on 32 and 64 bits and the new one 2010 is even greater So happy to have it! (BETA testing)
Oh yeah, really? From the Agnitum developers I know they are using user-mode hooks in security purposes and can't be considered any "strong". KIS's sandbox is officially limited and can't be considered as a strong security solution too. More examples?
At least Matousec SSTS doesn't unhook Outpost's user mode hooks so they must be secured in some way.
Of course you are the developer and not me so please tell me why secured ring 3 hooks are nonsense.
As long as malware doesn't slip through I don't see any problem. And the KIS sandbox isn't that bad, no problems with sandboxed Firefox on Vista 64 for me.
Btw: Are there any kernel mode driver rootkits for Vista and Seven x64?
No, because of digital signatures, not because of the PatchGuard.
Separate names with a comma.