defeating GSS

I notice the new morgud test makes a mickey out of GSS by using faked mouse clicks to kill GSS. Not that only GSS is vulnerable (they list a lot of your competitors as well), but they showcase GSS on the website with screenshots.

http://www.morgud.com/interests/security/dfk-threat-simulator-v2.asp

Any plans on adding a password option? That should handle the mouse click problems

I notice that they can beat PG even if you lock it, cos it is able to replace the files. It works for GSS too. Any defense to that? Or is it beyond the job scope of GSS ~snip~?

 

I dont see the need for GSS add anything because of that simulator. Or maybe you could explain how I do the mouseclicks so that GSS gets terminated? As I posted here https://www.wilderssecurity.com/showthread.php?p=855827#post855827

 

Your reasoning is strange

Don't tell me you belong to the school of through that believes execution control is the be all and end all of everything. Clearly the test isn't one about process creation or execution.

BTW The fact that it starts a second process is incidental it could easily have done all the dirty work without starting another process.

Anyway if you believe that all that is needed is for the app to provide protection is to stop any unwanted process from running, one wonders why you use a software that blocks process termination, changes to registry and dozen of other changes.

Surely this means that there is an expection for your security program to mitigate damage done by any malicious exe. The fact that it can be taken down so easily isn't a problem to you, really?

When the cure (or at least one of them) is so easy?

 

To all:

As this is not the support forum for PG....let's confine our discussion as it relates to GSS only Please....otherwise We'll need to move this thread to a more appropriate forum for that discussion.

Thanks,
Bubba

 

LOL is all I got to say. Oh wait theres more, I downloaded dfk unlocked it then ran the Ipod-commercial.exe GSS flagged it and I didnt run it. I guess any moron would initially download a exe file and put full trust in it and run it before scanning. My point, I would never let anything execute if it got flagged by my scans or I did'nt recognize the file, hence nothing starts nothing happens, and if it does then simple restore is in order. GSS gets breached simply cuz you allow it to, after testing this further It took 4 allowed executions for it to tickle my system. Show me some real life examples of GSS getting breached or bypassed with out having to allow executions then we can have a debate about GSS being made a MICKEY