BlackFog Privacy

Discussion in 'other anti-malware software' started by liba, Feb 2, 2018.

  1. Darren Williams

    Darren Williams Registered Member

    Joined:
    Feb 4, 2018
    Posts:
    107
    Location:
    California
  2. Dark Star 72

    Dark Star 72 Registered Member

    Joined:
    May 27, 2007
    Posts:
    750
    Darren,
    A couple of questions. I am running the trial at the moment and with all browser ad blockers and AdGuard disabled I visited several sites in the UK like Argos and PCWorld and after half an hour the GUI was showing nearly 2k profiling blocks and around 1k ads blocked. But, I have visited the same sites since again with just BF active and it showed almost no blocks at all. Does BF remember the sites blocked and only show new blocks?
    Second question: Do you plan to release BF for Android devices in the future?
     
  3. Darren Williams

    Darren Williams Registered Member

    Joined:
    Feb 4, 2018
    Posts:
    107
    Location:
    California
    Hi Dark Star, yes BlackFog caches the blocks it already made and puts them in a blocked pipeline so only newer ones will count until the cache resets. Our thought was that it just counts the blocks once per domain, but maybe we should keep counting regardless, even if it hits the cache.

    Also we are working on the Android version already which will also include detection of stingray devices, since we have lower level access on Android than iOS.
     
  4. Dark Star 72

    Dark Star 72 Registered Member

    Joined:
    May 27, 2007
    Posts:
    750
    Hi Darren,
    Many thanks for the reply. Looking forward to the Android version.
     
  5. NiteRanger

    NiteRanger Registered Member

    Joined:
    Nov 15, 2016
    Posts:
    536
    Location:
    Far East
  6. HeiDef

    HeiDef Developer

    Joined:
    Apr 6, 2017
    Posts:
    365
    Location:
    Arlington, VA
    We are definitely not a threat so thanks for pointing that out @NiteRanger
     
  7. Darren Williams

    Darren Williams Registered Member

    Joined:
    Feb 4, 2018
    Posts:
    107
    Location:
    California
    Yes, we should have a rule update pushing out tomorrow. No changes needed to the app. I will update the thread when it is published.

    Re the coin miner, it will go out as part of the next rule update tomorrow. These things are growing exponentially right now so we are pushing more frequent updates.
     
  8. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    6,164
    Location:
    Among the gum trees
    Hi @Darren Williams ,

    I notice if I enable all cleaning features in Chrome BF wipes out the bookmark icons for each website. Is this supposed to happen?

    Thanks,
    Dave
     
  9. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    8,918
    If the file ...\AppData\Local\Google\Chrome\User Data\Default\Favicons is zeroed while cleaning, then yes it is normal to see blank bookmark icons.
     
  10. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    6,164
    Location:
    Among the gum trees
    Thanks as always, mood. Maybe Darren could work on excluding that file?
     
  11. Darren Williams

    Darren Williams Registered Member

    Joined:
    Feb 4, 2018
    Posts:
    107
    Location:
    California
    Mood is quite right. I don't see any problem in excluding that from a forensics standpoint, so I will see if thats an easy update as well while we are doing that.
     
  12. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    6,164
    Location:
    Among the gum trees
    Thanks Darren. Last time I enabled all Firefox cleaning features BF wiped out not only the bookmark icons but all of my bookmarks completely. Has this issue been resolved yet? I'm not game to try again in case I lose all my bookmarks again.

    #49
     
  13. Darren Williams

    Darren Williams Registered Member

    Joined:
    Feb 4, 2018
    Posts:
    107
    Location:
    California
    We have now updated the rules. Please manually click update in the Help menu to grab them immediately. The following has been added:

    - Over 250 new crypto miners added
    - Web socket connection blocking for sites like windscribe listed above
    - Prevented the removal of favicons in Chrome after a forensic clean

    We have also managed to run MinerOff without any problems. Please make sure you install it first using Install mode and then it will be ok to run after that. If you still have issues please PM or email me with a screenshot or alert message you receive. But it appears to work fine on several machines we tried in the lab.
     
  14. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    6,164
    Location:
    Among the gum trees
    Great! :thumb:
     
  15. NiteRanger

    NiteRanger Registered Member

    Joined:
    Nov 15, 2016
    Posts:
    536
    Location:
    Far East
    Hi Darren

    Just went to Help and Update but it says my software is up to date. I'm using the trial version 3.5.2. Is it possible to have further indication of update for rules like 3.5.2.xx to differentiate from software update? The last digit(s) can indicate how many times the rules were updated for version 3.5.2

    I tested https://windscribe.com/miner/76ymafne but there's no indication by BF that a coin miner was blocked. I'm using Ungoogled Chromium browser and the normal CPU usage is less than 10%. When I activated the windscribe coin miner page it shoots up to 64 to 65% and maintains there
     
    Last edited: Jul 12, 2018
  16. Darren Williams

    Darren Williams Registered Member

    Joined:
    Feb 4, 2018
    Posts:
    107
    Location:
    California
    If you open the developer console you will see that it blocks the transmission to the site. Maybe its related to Chromium, since we tested all the others and not that one.

    The rules will definitely update for you, so you will be ok on that front. I will ask the guys to confirm that it works the same for Chromium. When i go to that page it doesn't do anything because it stops the communication to the miner.
     
  17. Darren Williams

    Darren Williams Registered Member

    Joined:
    Feb 4, 2018
    Posts:
    107
    Location:
    California
    OK I just tested this on my local machine and it seems to be working fine on Chromium. So a couple of things for you to check. First make sure you have Cryptomining option On in the Network settings. Then make sure you have in fact got the latest rules, you can check the modified date of "privacy_filters.enc" in the ProgramData > BlackFog > Privacy folder and it should say today. If not it might be a local caching issue on your network so may take a few more hours to become available to you.

    Feel free to email me if you want to take this offline.
     
  18. NiteRanger

    NiteRanger Registered Member

    Joined:
    Nov 15, 2016
    Posts:
    536
    Location:
    Far East
    Checked

    Cryptocurrency Mining is enabled.
    privacy_filters.enc updated 13/7/2018

    Just tested and Task Manager still shows around 68%

    What is the indication on BF if it encounters a coin miner? A pop up message?

    BTW, what's your email so that I can post some pictures to you?
     
  19. Darren Williams

    Darren Williams Registered Member

    Joined:
    Feb 4, 2018
    Posts:
    107
    Location:
    California
    I sent you a PM with my email. Lets just post the result after we work it out to the group.
     
  20. Darren Williams

    Darren Williams Registered Member

    Joined:
    Feb 4, 2018
    Posts:
    107
    Location:
    California
    Just an update on this NiteRanger. This could happen if you are using IPv6 on your machine. 3.5.2 doesn't support both IP stacks at once. Version 3.6 will offer this in the next few weeks though.
     
  21. Darren Williams

    Darren Williams Registered Member

    Joined:
    Feb 4, 2018
    Posts:
    107
    Location:
    California
    We have a question for this group. With the number of threats increasing across the board, not just from advertising and known malware, would people be interested in the blocking of Fake News?
     
    Last edited: Aug 3, 2018
  22. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,063
    Now would be a challenge, since so much of the new today fits. Tell us more.
     
  23. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    6,974
    Location:
    U.S.A.
    The "Fake News" Crusade to "Protect" You from Free Speech
    https://www.gatestoneinstitute.org/11821/fake-news-free-speech
     
  24. Darren Williams

    Darren Williams Registered Member

    Joined:
    Feb 4, 2018
    Posts:
    107
    Location:
    California
    The problem domain is pretty simple from a threat perspective. Certain sites are designed specifically as clickbait to get you to the site and subsequently distribute malware. This is naturally only an option. It would be totally nonpolitical and based upon consistant false, misleading or clickbait content.
     
  25. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    6,164
    Location:
    Among the gum trees
    Yeah, I'd be interested in that.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.