A few things.....

Discussion in 'Returnil Betas' started by Retadpuss, Jul 12, 2009.

Thread Status:
Not open for further replies.
  1. Retadpuss

    Retadpuss Suspended Member

    Joined:
    Apr 4, 2009
    Posts:
    226
    Let me start by saying I have used Returnil for over a year now and think it is a great product. I registered as a beta tester a while back as Im keen to support the product, but never got round to testing the new version or even looking at this thread etc.

    I downloaded the beta yesterday and had a look at the beta forum, read the PDF manual quickly.

    I notice it now has F-prot AM built in. Is it possible to install Returnil without the AM fearure? (F-Prot is an "also-ran" and I wouldnt want it - or indeed any other AM on my system as I use Prevx)

    I see that the beta still has the same issue where when you select to save a folder at shutdown, it does not save the contents - you have to select every file beforehand. To my mind this is the biggest reason I do not use Returnil all the time. It would be a MUCH beter idea to allow users to select a set of folders and have every file, including new ones saved to the real system at shutdown. I would run virtualised all the time if this was an option. I seriously think the product loses about 90% of its value by this obvious feature not being included. At the moment, I only use Returnil when messing about with malware or testing new apps.

    PLEASE add this feature!!!

    On another note, Im sure its too late, but why dont you team up with Prevx to cover the AM side - much better than F-Prot and would make more sense as it does not need to store any local signatures - thus perfect for virtualised environment!

    Hope you take the above in the way I intend.

    Cheers,

    Puss
     
  2. Coldmoon

    Coldmoon Returnil Moderator

    Joined:
    Sep 18, 2006
    Posts:
    2,981
    Location:
    USA
    During the beta, no. We need to test the full version first. There will be a non-AM version available. The goal here is showcase and prove the concept of monitored virtualization and how it can be a more powerful security strategy when used appropriately. Further, the AM component is not the end of the story, will not interfere with PrevX, and certainly does not constitute the entire picture ;)

    There is a great deal more to come "under-the-hood" as we go forward, so be patient and give it a chance before you are ready to say no. The worst that could happen is that we get some good feedback on how the product can be improved...

    Noted

    I have to respectfully disagree here. Auto-saving folder contents opens a potential avenue for malicious content to infect the real system. It is far less risky to save these files on a data or network drive. Additionally, having to select the specific files within a folder provides a means to control exactly what is saved and when. A multi-file selection option when populating the File Manager list might make this a more efficient process. What do you think?

    Mike
     
  3. Retadpuss

    Retadpuss Suspended Member

    Joined:
    Apr 4, 2009
    Posts:
    226
    Hi Mike,

    I do see your point about the risk associated with saving the contents of a folder to the real system and that users havong to choose what to save is a good filter, but, I think that saving anything is a security risk really. Would a user even know if a file was infected? Would their AM pick up a new piece of malware etc.

    As I say, saving anything is a risk, so why not give users the option to save a folder contents by defult - you can always have this as a non default option with a security disclaimer.

    Another option would be to have all the new files in a folder listed on shutdown - with a prompt to either save or drop them - with drop as default. what do you think?

    For me, the above would be a tiny aditional risk - to be honest, at the moment, I dont have Returnil enabled by default now as I need to know the contents of some folders will be saved - so Im getting zero protection, where I could be getting some if it were enabled.

    Cheers,

    Puss
     
  4. thathagat

    thathagat Guest

    well i too have a few clarifications to seek..........
    1.why does returnil beta make a constant connection to some place in ukraine? the current premium version does nothing of this sort?
    2.how can i stop it from blocking something it deems as malware/suspicious and avira does not
    3.i have returnil premium license valid till jan/2010 so will i be able to migrate eventually to this latest version as and when it becomes available?
     
  5. Coldmoon

    Coldmoon Returnil Moderator

    Joined:
    Sep 18, 2006
    Posts:
    2,981
    Location:
    USA
    @Retadpuss:

    The development team replied to me with additional information about what is already supported in the current v3 beta and it appears that multi-file selections are available. To add multiple files to the FM simply do the following:

    Just click "Add File", select the appropriate directory, click on the first file listed, then press Shift and click on the last file in the block you want to add, and then press OK button

    @thathagat

    Hi and welcome to the forums :)

    Our Management Console development and product integration teams are located in Kiev (Ukraine) and this is where our main server is located. In the future, we will be adding more servers in various locations as performance and customer needs dictate. Further, we are working to create both web login and internal software versions of the Console for those networks where outside communication is either unwanted or not available.

    Also, we are working on a new service option for consumers that will allow them to make use of the remote control features of the Console with a specialized web interface (subset of the full MC). This will allow frequent travelers and/or parents to manage their copy or copies of RVS while away from their physical machines.

    The new 3x generation incorporates new functionality that requires communication with our servers:

    1. Antimalware database updates
    2. Command and control through the new Management Console
    3. Product registration and license control
    4. Alert/support messaging

    Timing to be aware of:

    A) ~ every 5 minutes to check for new remote commands (Management Console) or messages. To deactivate this communication you can turn off the "Allow remote control" option. Two things here to keep in mind during the Beta testing phase:

    1. We need to verify that this feature is working properly and ask that testers not deactivate this until the final release (if desired). We have currently identified an issue where this is not deactivating properly in the current Beta build and are working to correct this as quickly as possible. To determine that the correction is valid, we need feedback from testers that the fix works as intended when available.

    B) ~ every 60 minutes for AV signature and AM policy updates (by default and can be changed to alternate times including "Never")

    In future builds we will be introducing behavioral analysis that will have its own deactivation option should users not want to participate in the analysis program. We hope that all users will participate as it will allow us to provide both better product support and protection features as the RVS solution evolves through v3 and into v4.

    This is controlled via the AV exclusions option. At the moment, we have identified an issue where this is not working properly (I.E., files are not being excluded even when added to the exclusion list). Look for a correction in future builds that lead up to the final (IOW, we plan to fix this prior to release as a final in v3.0).

    V3 will be a valid upgrade path per your licensing when released. This means that subscriptions of a certain age will be upgraded for free. Out of subscription license upgrades should be available at a discount. For those who participate in the public Beta testing with consistent feedback will get free, individual 12 month licensing at the time of release. Those who participated in the early v3 testing (prior to public release) can refer to their announcement letters for their licensing information.

    Mike
     
Thread Status:
Not open for further replies.