Cylance Launches Next-Gen Endpoint Security for Consumers

Discussion in 'other security issues & news' started by itman, Aug 3, 2017.

  1. NiteRanger

    NiteRanger Registered Member

    Joined:
    Nov 15, 2016
    Posts:
    424
    Location:
    Far East
    Can you answer my question? Do you ALWAYS do separate download of MS firmware check its hash checksum before installing or do you just auto update the firmware?

    And do you ALWAYS download a new software update separately from the security software developer's site, checked its hash checksum before installing or you just accept the auto updating from the developer's program?
     
    Last edited: Aug 6, 2017
  2. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    4,047
    Location:
    Europe then Asia
    just to be sure to understand you question, you are talking about hardware's firmware right?
    if yes, i never download any firmware (unless it solve critical issues) and if i have to, i will check (if possible) as any other programs
     
    Last edited: Aug 6, 2017
  3. kram7750

    kram7750 Guest

    I am going to fetch pop corn... A yearly supply. I will need it for these Cylance releases
     
  4. NiteRanger

    NiteRanger Registered Member

    Joined:
    Nov 15, 2016
    Posts:
    424
    Location:
    Far East
    For MS I'm talking about the firmware download which can be auto updated or separately downloaded and updated.

    For other security software i.e. 3rd-party do you separate download any new update version from the developer's site, checked their hash sum before updating or auto update using their already installed program in your PC

    My questions should be now very clear
     
  5. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    4,047
    Location:
    Europe then Asia
    you mean the MS UEFI firmware, if yes , i don't do a separate download. i just check the ISO.

    yep
    i sometimes do it, depend the soft but not for security apps.
     
  6. NiteRanger

    NiteRanger Registered Member

    Joined:
    Nov 15, 2016
    Posts:
    424
    Location:
    Far East
    For MS I meant those standard firmware download including CU, RS2 and upcoming RS3. These can be separately downloaded.

    So you don't 100% check your downloads, right?
     
  7. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    4,047
    Location:
    Europe then Asia
    ok i got it. I never upgrade via Windows Update, only via the ISO (which is always checked) , i always format the drive and do a clean install. Best Practice to avoid issues.

    sometimes you can't because the vendor don't give the hash on the site, but i use Rollback RX so if i dont get the hash from the site before installing, i request it from the vendor, and if it is different, then i rollback before the installation.
     
  8. NiteRanger

    NiteRanger Registered Member

    Joined:
    Nov 15, 2016
    Posts:
    424
    Location:
    Far East
    Formatting even for interim security firmware updates? I meant those between say CU and RS2, RS2 and RS3 like now etc?

    For the latter so you admit you can't 100% do it. right? If yes, then we still need to trust the developer sometimes that his downloads are not tainted, right?
     
  9. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    You get your own portal. When you log in you see all the files Cylance stopped. From there you get the option to waive them or even send them from there to Virustotal before waiving. Does this make sense?
     
  10. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    4,047
    Location:
    Europe then Asia
    Obviously, trusting or not is your personal decision, doesn't mean you have to be blind and download without checking.
    Personally, i trust very few things, so i use any method i can find to give me a clear image. And as i said earlier, i have tools to help me.
     
  11. NiteRanger

    NiteRanger Registered Member

    Joined:
    Nov 15, 2016
    Posts:
    424
    Location:
    Far East
    You still have not answer the first part in the same post. Can you answer that about formatting your drive even for interim security firmware downloads which, incidentally, can also be separately downloaded and installed without the need of auto-updating?
     
  12. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    4,047
    Location:
    Europe then Asia
    didnt saw your edit.

    yes, if a Win10 ISO is delivered, i format and clean install. It is a normal routine for me.
    my system is static , around 20 softwares installed , so quick deployment, in fact i spend more time tweaking Win10 that installing it and my softwares.
     
  13. NiteRanger

    NiteRanger Registered Member

    Joined:
    Nov 15, 2016
    Posts:
    424
    Location:
    Far East
    So, you used the words 'if a Win10 ISO is delivered'. Does that means it's also common that Windows issued security updates without an ISO and you download it either automatically or separately and installed them? In this case you would not format your PC, right?
     
  14. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    4,047
    Location:
    Europe then Asia
    Not in that case, not worth a clean install; anyway hacking MS Windows Update server isn't a simple task...
    not saying if you have a bit of experience, you can pinpoint if something look wrong on your system.
     
  15. NiteRanger

    NiteRanger Registered Member

    Joined:
    Nov 15, 2016
    Posts:
    424
    Location:
    Far East
    So, sometimes, we also need to trust MS to delivery their security updates without questioning whether they are tainted just like trusting 3rd-party developers, right?
     
  16. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    4,047
    Location:
    Europe then Asia
    Harbor, it is a personal choice, i have my way, others have theirs. I just dont trust easy, i dont force other to do my way.
     
  17. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    9,869
    Location:
    The Netherlands
    I'm afraid the AV does a bit more than that. They are not bullet proof, same goes for Cylance, but it will probably stop a lot of malware. In theory, AI should improve heuristics, to make AV's spot malware even when there is no signature available yet.

    Yes, I just saw the website. But I don't like it when everything is controlled via a portal.

    https://www.cylance.com/en_us/products/our-products/homeedition.html
     
  18. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    2,559
    Location:
    The etherlands
    Presumably demo is free, but what is pricing after that?
     
  19. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    4,047
    Location:
    Europe then Asia
    i was talking more about the hash/checksum checking of programs/files than code analyzing.
     
  20. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    3,058
  21. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    2,559
    Location:
    The etherlands
  22. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    4,047
    Location:
    Europe then Asia
    :argh:

    It was expected :D
     
  23. kram7750

    kram7750 Guest

    You are trusting Microsoft anyway if you are using their OS at all (with an active internet connection), and/or other software provided by them.

    You are trusting the vendor of any software you use.

    Just make regular back ups and if you end up infected then use your backup. Rely on encryption for sensitive documents you do not want an attacker to potentially get hold of and then make use of.
     
    Last edited by a moderator: Aug 10, 2017
  24. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,082
    If a developer doesn't have a checking mechanism in their software to verify the integrity of their updates then they are a **** in the first instance and just add to the problem.
     
  25. solitarios

    solitarios Registered Member

    Joined:
    Mar 28, 2016
    Posts:
    92
    From Cylance

    "Currently the home version is limited to employees of our enterprise customers, but we will have a full consumer version available soon - stay tuned!"
     
Loading...