anyone heard of Online Armour?

Yes, I like your choice. Registry protection would be nice for the free version. But I'm not so fond of the firewall idea, but as long as it can be disabled, I suppose it would be ok.

 

Licence keys are keyed to a specific machine, so all things being equal you should be able to install unlimited times on the same PC. There's no need to "roll-back" at all.

You can try that with the beta version actually - repeated install/uninstall should work within the time limitation of the key.

 

Thanks, Mike

 

I've installed and done some testing of this and am very impressed personally, after some initial install probs [Safety Check Wizard was bypassing on the version I got and kept wanting me to 'Allow/Block' over 5000 Hosts file entries, *ouch*, and Mike soon realised what had happened after several emails over weekend ~ that's good support ~ so immediately put up a newer version, and worked first up ]

Talk about simple, as they say "Ya Mom could work it". Once installed it was just too simple.

I also rang Mike this morning and had a chat with him [oh the cost of long distance lol ] for around 40 mins and was also impressed with his commitment and freely answered any/all questions I asked.

He suggested a couple of sites to go to for testing, eg: java applets/etc. and loved the pop-up to allow/block.
Once blocked, I see blanks or 'blocked by OA' on page, but still able to browse that site successfully.

Great start to good support I should think on this product.

I also like the 'Allow/Block on each unknown proggy [and I have heaps, but it lets you know] and even when I first went to open Firefox the first time, it asked whether to allow TDS's 'execprot.exe' to run which in itself checks .exe's on each opening.... lol, checked the checker.

pic of one proggy trying to open.

Cheers, TAS

 

Thought I'd show pic of site browsing with pop-up.

Site is Sydney Morning Herald and it's asking whether to allow an Applet to run or not.

TAS

 

I disagree with this revert to free crap that some programs do. 30 days should be trial. When you give people the choice of reverting to a lesser level of protection, you rely on them to understand what they are sacrificing. If this is for mum, dont do it, cause she will not know what the hell is going on. If someone likes your product, and it is reasonably priced, then I think people will pay for it in it's entirety. Don't offer a lesser program for free, that takes your efforts away from the main software at hand.

With regard to firewall, dont do it yet either. Zonealarm is free, and will be indefinately. Why try to aim to big? Mike, I wrote you today, saying I would like to see more advanced options. I think this would be good - keep a interface for mums, but allow an option for more advanced stuff too. Maybe concentrate on registry attacks, and keyloggers as well.

I like this program so far. Very neat, light, quick, and clean . I look forward to seeing its development, and will be keeping a close eye on it. It must be close to worth the money already, and most definately will be in the future, from what you say. Keep up the good work.

I do reckon Aussies should get it cheaper though! lol.
Cheers Greg

 

Hi Greg,

Almost worth the money ? ;-)

We're still finalising things and as always, they are subject to change. One of the ways that we want to differentiate OA is by a focus on quality and service - and keep it easy to use. That probably rules out a free version, and I think that the eval will remain at 15 days once we launch. As I suspect the beta testers have seen (pricing issues excluded) only a few days is really necessary to "get" OA - and understand if it is needed.

V1.2 will feature advanced registry protection, comparable to RegDefend. We'll also be tidying up a few things with hook protection and generally consolidating and improving on what is already there - likely some advanced options will be added.

Firewall is pencilled in right now for a 1.4 release. 1.2 is adding new features already clearly defined (at least, in our specs) - 1.3 will likely be driven by user feedback. As I think I have mentioned on here before - if I can't make the OA firewall to the same standard as OA, then an OA firewall will not be added - BUT I do think that the OA approach to a firewall - simplicity and power will work well.

Each release of OA will have a beta and public comment - which we listen to closely - so I suppose we'll know pretty quickly if an OA firewall is barking up the wrong tree.

As for Aussie discount - Beta testers get OA free (apologies if you missed the mail) regardless of where they live.

I'm outa here for the night, but will reply to mails/posts tomorrow.

cheers


Mike

 

for me, i would greatly like a reduced functionality version. i havent yet tried this program but if i liked it, im not sure if my budget would allow me to keep it.

 

You could join the beta program - that way to get it free when we release it

 

so what does that do for people with large hosts file? what the proper way so OA doesnt prompt u for every entry?

 

Hi - Blackcat posted some screenshots of the Safety check wizard - I think they are on page 2 of the thread.

Basically, SCW is designed as a quick setup for your PC. For example, it will display the hosts file and allow you to multiselect/deselect entries as needed, check which programs you already trust, display existing IE objects, etc.

Once the SCW is completed, you then get popups when something new happens. In Tazzie's case, what happened is that a bug stopped the SCW from running... he restarted OA, which then went "Hang on a sec, something's gone and put 40k entries in the HOSTS file... POPUP! Popup! Popup!

That's now been fixed, and we're close with the proxy - so I am about to load a new version on the site, and onto the automatic updates page.

Aside from that, a couple of users have mailed me with a few bugs - we'll continue to investigate them today/tomorrow and hopefully get the last few things nailed.

Any probs/questions - happy to answer by mail or in here



Mike

 

can u rereun the wizard like if u were to change ur hosts file afterwards?

 

I agree with that statement. OA is over priced in my opinion too. There are other programs available that are better, have a good solid track record, and don't charge such high prices. It really looks like Nash is just in it for the money. Luckily there are other more honest companies out there that are putting out good products, but aren't out to overcharge their customers.

LC2

 

Overcharge by what, $10? For the addition of signatures and the forthcoming firewall and full registry protection, it doesn't seem that much. Especially if you add together the costs of all the "more reasonably priced" products. The closest I can figure for all the options would be either Spyware Doctor ($30) and RegDefend ($30), or ProcessGuard ($30) and maybe one of the other popular anti-spyware apps ($20-30), any way you go you're still at least $10 better w/ OA, with the same renewal fee, and still wouldn't have all the advantages of OA.

As far as honest, you can't run a full company without money. You wouldn't get anywhere near the same turn-around with bugs being fixed or support with one guy doing it all for free, nor the innovation or willingness to add in even more.

 

I'm struggling to come to grips with the statment "more honest companies". I have posted in this thread completely honestly and openly about our pricing, our product and our plans. If you think that Online Armor is too expensive, you have two options:

Option 1 - join the beta program, in which case even though you don't seem a very nice guy, you'd still get the product for free when released.

Option 2 - don't buy it.

What's your OA licence key? I bet you haven't even tried it and you're posting from a guest account to get a reaction. The feedback we have had (aside from pricing, which a couple of people have disagreed over) has been positive about the product, except for minor issues (like warnings about autostarts, or bugs ) - all have been attended to by my team quickly as possible.


Mike

 

Today, no you can't. But, you're right - if you were to go and update a large hosts file, it would get messy.

However, you would only be prompted for new entries... for example, if you re-wrote out

nastysite1
nastysite2
nastysite3

and added nastysite4

you would only get a prompt for nastysite4.

But I'll find a better way of doing this over the next day or so.


Mike

 

Notok,

What "addition of signatures"? From everything I have read, it seems that OA is doing what PrevX isn't, and that is concentrating mainly on behavioural based technology that isn't dependent upon "signatures". Maybe you mean "acceptable" software signatures....which would allow programs to be listed as "trusted" or "allowed" applications without requiring user intervention (to approve), but if you mean "malware" definitions, then I would think that OA would operate differently from your basic AV,AS, AT, etc., software.

Malware signatures are good are catching what has already been discovered and vendors have written code and that has been updated and passed on to the end user. But what about something like a brand new keylogger, that hasn't had code written to counter it through the detection of a "signature"?

With my current anti-virus software, anti-spyware software, and anti-trojan software (all requiring the use of signatures)....the one thing I'm lacking (and looking to cover) is basic zero day attacks where signatures do NOT exist (but the behaviour does).

Perhaps I am misunderstanding what you are saying or suggesting....and that wouldn't surprise me one bit. But to me one of OA's appealing features is that it does NOT seem to rely on "signatures" and definition updates. At least, that's the impression that I currently have.

But as for the added registry and file protection, ability to effectively neutralize keyloggers, phishing scams, and added cookie "session removal" features....this one sounds promising (and heading in the right direction).

As for the pricing, though, I agree with what you're saying. It may seem a little high.....but I was looking around last night at some products that use the latest behavioural based technology, and many apps were in the $99 range. Now that might have been a one-time fee, but still! My guess is that if it was priced at $29, we probably wouldn't be hearing many complaints (because this is the typical cost for several security related products). The renewal rates are excellent, though, we all need to keep in mind that companies aren't in existence to lose money....

 

Hi

The signatures relate to the whitelist of apps. For example, Yahoo IM should trigger a behavior based keylogger detector as it registers a few global hooks for KB to see if keys are pressed (and then deduce idle status).

OA has Yahoo IM's fingerprints on a whitelist - so we dont alert. But, if a new version came out - we would So we have day-0 protection, but not too many false positives.


Mike

 

OK, that is what I was thinking was meant by the addition of signatures comment (i.e. - a "whitelist"). That's a good example you used , Mike, and makes a lot of sense. Thanks

 

Relying on signatures and having them are two different things. By putting in a whitelist & blacklist (if you prefer), it helps to take some of the guesswork out of deciding to allow or deny an execution ("..but uncle bob sent this picture.."). The new Prevx does the same thing (with more emphasis on signatures), but does not have the same features as OA (which is why I prefer OA), such as the ability to remove the changes the file has made, among other things. Go into the "Programs" tab and right-click on a file, then click "Show created objects" to see what it would remove if you clicked 'delete' on it.

 

Thanks Notok, that's what I thought you meant (but I figured better to be safe than sorry). Mike expalined that nicely, with a very good example of the type of "signatures" that are used.

One question that I have, is how does the "Phishing protection" work with a POP email client that already has "Spam filtering" with virus scanning enabled? Does it co-exist nicely, or serve to replace? Also, does this work ONLY for POP type servers, or can it work for web based email as well?

 

Hi JRCATES - should work fine with spam filters - *and* antivirus, *and* firewalls... if it doesn't, I'd like to know about it. It works with POP3 and IMAP only - webproxy does not implement the same set of behaviour checking - but we could look at something similar in a future version.

Although, as we're currently trying to get out a good release 1.1 - it won't make this cut though.


Mike

 

My install didn't go so well, at the point where you see these 3 ticks (screenshot), I tried removing the ticks to see what each was about, medium freeze later it decided to remove the tick. Still no wiser as to what these are for or what they send?

Rebooted the machine and it went through the entire install again, thought it must have had a bit of a hiccup so went through the whole install again, rebooted for a second time, and it wanted to install for a third time. Cancelled the install.

Went to use Moox (Firefox) and it threw up "Firefox has encountered an error and must close". And every time I tried to open Moox it threw up the same error.

Uninstalled OA and things are back to normal.

I'll try another install shortly.

Cheers

 

Hi Blackspear..

Sorry about that :-( I'd appreciate it if you could help me fix this - so have a couple of questions:

Was this an automatic update-based install, or a standard install?

I'd love to know if you are installing as restricted user, what OS version, logging version of OA or not? If you have other security products installed at the same time?

I sent out a version by auto update which seemed to work like a charm - I'm going to uninstall at home now, and see if I can reproduce. I installed today on my win2000 server test box and it worked - did a couple of installs in the office next door as well on XP Pro.

If you could send me an email mike at tallemu.com I would very much appreciate it.

Incidentally - the three checkboxes - Program blocker turns on/off execution protection. WebShield - turns on/off the HTTP filtering. Mailshield does the same for pop3 and IMAP. That doesnt send anything but it could be a bug in the UI/Installer.

Mike

 

eMail sent.

Cheers