DefenseWall 3.23 Beta

Discussion in 'other anti-malware software' started by chachazz, Mar 1, 2014.

Thread Status:
Not open for further replies.
  1. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
    Regarding Kaspersky's application control's limits on x64 Windows:

     
  2. guest

    guest Guest

    if you wait for MS , you can wait long...Patchguard is a way for MS to keep competitors at bay.

    In ethical point of view , i can understand that you want your product to be "perfect" giving the same level of protection on any architecture; but in a Business point of view, you slowly suicide yourself.

    i wish you can use the same kind of workaround that Comodo, Emsi, Sandboxie and others used. I think you have enough skills to do it.

    i prefer a bit "less" protection than nothing ; anyway the user is the main vector for malwares; even if DW is perfect some users will still be infected.

    Thanks
     
  3. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    HUH?!:eek:

    MAN , with out no offending , where are living in ? all new PCs for the last2 years (not mention today) come with more than 4 giga ram which lead to X64 OS in order to use all the ram....

    all major pcs come with win 8/7 X64 OS NOT win 8/7 x32 :argh:
     
  4. pablozi

    pablozi Registered Member

    Joined:
    Oct 24, 2010
    Posts:
    215
    Location:
    nowhere
    My old Samsung laptop, which I have bought around 4 years ago came with 4GB of RAM.
    Nowadays it is really hard to find a new machine with less than 6GB so x32 need to die - that's obvious.
    Of course some people still own very old machines with Windows XP, but let's be honest - for how long? Sooner or later hardware will die too and then those people are gonna be forced to switch to x64 architecture and I don't think that they are going to put away 70% of their machines RAM just to run ancient software ;)
     
  5. arsenaloyal

    arsenaloyal Registered Member

    Joined:
    Nov 1, 2009
    Posts:
    508
    Upgraded to the latest beta on my desktop. Installed Windows x86 so that Family can use Ddesktop and not worry about any infections.

    Good work as always Illya.
    You are perhaps one of the best hopes for people who want to continue using Windows XP!
     
  6. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    so if all this is true for 64 bit machines, in reality you are better off usig MSE or WD in conjunction with EMET.
     
  7. chris1341

    chris1341 Guest

    DW is a wonderful product but very much of its time for me. The whole methodology is based around very granular control of untrusted processes. That is not achievable with current x64 restrictions placed on developers by Microsoft. Accept it and move on. They won't change it for the big boys, Ilya's got no chance.

    Worryingly this thread seems to suggest x64 bit systems simply must be less secure because traditional HIPS software can't protect all the areas it could on x32. Does the fact that HIPS can't do what they used to necassarily make it less secure? Is real world malware using the techniques exposed by Matousec which, lets not beat about the bush, has driven HIPS development for some?

    It maybe just means you need to do things differently. AppGuard for example is excellent on x64 machines because it does not try to control suspicious behaviour, it just puts up walls to block off the areas where a malicious payload can do damage. In conjunction with denying launch and controlling attempts by guarded apps to manipulate the memory of other processes it works really well.

    I'm not sure security limitations - and there are some security gains as well e.g. mitigations like ASLR are much better than on x32 systems -are not made up for with better performance. Especially now with more native x64 apps being able to unlock the potential of the x64 infrastructure.

    After all what do you use your PC for? Is it simply to throw threats at to see how well it copes? I hope not because if so your missing out on a lot. You get performance benefits from native x64 applications, better memory management and so much more.

    You need to balance for your needs I suppose but x32 will die out, maybe slowly at first, but it will come a time that modern applications need the performance gains associated with better CPU and memory management abilities of the x64 architecture to keep pace with the ever expanding demands of users.

    Back to DW. Ilya could give us a x64 version with the relevant disclaimer. I don't think we'll get it because he doesn't need to. Either because he's happy with simply supporting what will inevitably be a dwindling user base, because he has other projects that will pay the bills or he's willing to see what he's built slowly die to ensure it remains true to his principles. Whatever, good luck to him. As I say wonderful product.

    Cheers
     
  8. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    1,994
    I'm afraid it's the most probable scenario. :(
     
  9. Pablo87

    Pablo87 Registered Member

    Joined:
    Oct 30, 2009
    Posts:
    324
    its Suïcide when Antivirus vendors not making the move to x64 ;)
    people are buying more and more highends PC's with more than 4gig ram, so they are ignoring people with more than 4gig ram.. pretty sad tbh
     
  10. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,717
    Location:
    Gaia
    Maybe he should consider joining with someone...we know money is the problem.
     
  11. ThreeCubed

    ThreeCubed Registered Member

    Joined:
    Mar 6, 2014
    Posts:
    10
    Location:
    Gandolfo
    And with Tzuk available on the job market... Illya has the framework set in place, Ronen managed to forge ahead with Sandboxie despite PatchGuard. A security measures match made in heaven. Sigh... wishing out loud.
     
  12. ThreeCubed

    ThreeCubed Registered Member

    Joined:
    Mar 6, 2014
    Posts:
    10
    Location:
    Gandolfo
    Addendum: to the previous, you have to know that if these two geniuses sat down at the same table and hammered out a Defensewall for 2014 and beyond the end result would be positively glorious. Oh, well..
     
  13. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,717
    Location:
    Gaia
    +1 :thumb:
     
  14. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    Surprise, I have sent a message to Ronen via Wilders PM- no answer still. Looks like, he has a deep rest he really deserved!
     
  15. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,717
    Location:
    Gaia
    You guys could make the ultimate protection suite for all users.
    :D
     
  16. ThreeCubed

    ThreeCubed Registered Member

    Joined:
    Mar 6, 2014
    Posts:
    10
    Location:
    Gandolfo
    I'll bet these guys could do practically anything they set their minds to. @ Ilya, you are THE MAN! I've thought about this scenario with you and Ronen since the Sandboxie departure news a while back. Together, it's a no-brainer you guys could totally break some malware balls. I wish you the very best. If you can get Ronen on board, like Nike says, JUST DO IT!!!
     
  17. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,263
    Location:
    Outer space
    Now that would be a very interesting mix :D

    Btw Ilya, I just checked and Process Explorer shows that v3.23 beta doesn't have ASLR enabled for processes and dll's.
     
  18. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,132
    Location:
    Saudi Arabia/ Pakistan
    I don,t think Ronen will be active here on wilders.
     
  19. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    12,176
    Location:
    The Netherlands
    But is it still true that PatchGuard makes certain things impossible for security tools? I don't really think so.

    I'm now on Win 8 and advanced tools like Sandboxie and SpyShelter seem to work just fine. :)
     
  20. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,717
    Location:
    Gaia
    Working and protecting are not the same thing.... ;)
     
  21. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    Thanks, forgot to add that for executable modules. Will fix for release version.
     
  22. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    Maybe, but I don't think it's a good idea to send an e-mail to sandboxie.com which belongs to Invincea.
     
  23. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,132
    Location:
    Saudi Arabia/ Pakistan
    Have a look here pls.
     

    Attached Files:

    • sbie.jpg
      sbie.jpg
      File size:
      45.1 KB
      Views:
      172
  24. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Hmmm..maybe a PM to him on the sandboxie forum would work and result in a faster reply.

    Or if anyone that know him reads this can tell him to contact Ilya.
     
  25. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,568
    I would suspect if he got a good price for Sandboxie, there was an agreement preventing him from doing this.

    Pete
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.