DropMyRights?

Discussion in 'other anti-malware software' started by jmonge, Dec 6, 2008.

Thread Status:
Not open for further replies.
  1. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    is this program still alive?i didnt hear anything about it in 2008o_O
     
  2. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,123
    Location:
    USA
    It still exists and can be downloaded from this link.

    http://cybercoyote.org/security/drop.shtml

    Did you have a specific question about it? Some programs, such as Online Armor and SafeSpace, incorporate "rights reduction". Using a Limited User account is a good way to protect a Windows PC and although some would argue that using DropMyRights is not as good, it's still a really good idea to run internet facing applications with it.
     
  3. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    thanks,yeah i am running defensewall,do i still use this?i planing to run defensewall as first line of defense and i will love to complement with another one as good as defensewall,so do i really need it with defensewall?thanks again:thumb:
     
  4. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    You do not need it with Defensewall.
     
  5. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    thanks 3 dog:thumb:
     
  6. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    I have a question. If you start an app with DMR, it then uses a 'Basic User' security template? As in, Read and Execute to most areas, but only Write permissions to profile directories. So, in DMR, do processes inherit privelages from the parent? Meaning the app started with DMR then starts abc.exe. And now abc.exe is only a user? Or is DMR more system wide? As in, when you start it, you become a User, and anything you do is as a User.

    I wonder this because I have been using SRP and a reg tweak to add 'Basic User' in the allowances on SRP rules. So essentially, I start up my browsers etc as a basic user. And I think doing that, spawning other processes from the parent means the new process inherits only basic user rights.

    Just curious if anyone might know.

    Sul.
     
  7. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Sully,

    XP PRo SRP for sure lets newly launched processes of a limited application start with same rights as spawning process

    StripMyRights (a variant of drop my rights without the dos box), should do this also

    Cheers
     
  8. Mapson

    Mapson Registered Member

    Joined:
    Dec 29, 2005
    Posts:
    54
  9. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    I'd not say it. If everything was ideal it could be said so, but since it is not, and since most users use unlimited admin account, running programs in a limited environment provided by OS is a good way to supplement ANY third-party security. Also this way brings the least of incompatability issues (unlike combination of different third-party products).
     
  10. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    Very basically speaking. Defensewall is DMR on steroids....a lot of steroids. Defensewall in an Admin account will give you way more protection than just using DMR as anything downloaded by an internet facing app is marked as Untrusted (limited rights) until marked different by the user, whereas with DMR it would not. Defensewall already applies the policies in DMR to all internet facing apps so it would be just duplication. However, in a full Limited User Account. You would be more protected as with any security app.
     
    Last edited: Dec 7, 2008
  11. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,123
    Location:
    USA
    I believe invoking DMR with a specific executable only affects the permissions of that executable. In other words there is no system wide affect AFAIK.
     
  12. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    You do not allow a chance for a "human error" ? You do not believe in multilayered security ?

    What I mean. DW may be very good, still there is always a way to bypass it, just because it cannot cover every OS API and every OS service (this is not about DW, this is about any third-party security). Otherwise there would not be any need to develop it. Another point is DW (like any other profuct), can just have the bugs. And finally OS is not something carved in stone, it changes all the time and security provided by OS changes synchronously with OS, while any third-party is always step back after OS.

    All I said relates to any third-party security, not only DW.

    As for duplication, it is hardly duplicates, because OS controls its own access rights and acccess lists while DW controls it own policy rules. They are hardly the same.
     
  13. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,677
    Location:
    George, S.Africa
    Correct. In Opera I have created a utilities menu for several apps.
    eg. screamer radio. When screamer radio is launched via this menu it
    will inherit the parent (Opera) permissions provided of course that
    Opera was in DRM mode :)
     
  14. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    look i will tell you i am not a fun boy but this app is one of a kind and one of the best malware blocker i ever tried,ofcourse to be close to perfect need to be complamented with another security app in my case i use it along side processguard,those 2 together are malware killers:thumb: what ever one missed the other one blocks:thumb:
    note:you said that defenwall may be good(this word is not enough),no is not good is excelent,one of the best
     
  15. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    @ Alex

    Multilayered security is a whole different question and if you look at my sig you will see I am definately a proponent of that. The question was if DMR was needed with Defensewall and I answered no it is not where Defensewall already incorporates the functonality of DMR plus a whole lot more.

    Would Defensewall work as your only layer of defense (excluding firewall of course) yes....if you know what you are doing with it. Would I recommend it as your only defense. Absolutely not.
     
  16. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    ofcourse double layer is always better than just one but even if you have defensewall alone you will get alot almost 99.99% protection in real time:thumb:
     
  17. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    OKe, OKe, let it be excellent, if you please !

    Still, even the very excellent third-party security is step back after OS :)
     
  18. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    one thing i can tell from all apps i tested even with the skin engine problem i will always use this one it is excelent,best of quality software:thumb: maybe not the best but is getting closer:thumb: :thumb:
     
  19. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    Sorry, I do not believe it. If you are familia with win API (usermode and native), you'll see that ARC (access right control) is applied to almost any API call. Can any third-party product do the same without intercepting ALL API ? The answer is easy -- it cannot. How many kernel hooks has DW ? How many SSDT entries has Windows ?
     
  20. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    you think i am dum of course i will run defensewall with a firewall to get additional protection for arc attacks and other ones not cover by defensewall,but over all defensewall is doing just fine by keeping my system clean for almost 1 year already with no complaints:D :thumb: :D
     
  21. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    Sorry, once again, but this "argument" is not professional. I run one of my Windows PC without any additional security at all for 5 years now. Does it prove all the additional security is just a timewasting ?
     
  22. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    Who said we were Professionals. Forgive us meager plebians for enroaching upon your golden realm oh great one. However, enlighten me with your infinate wisdom into all things API and SSDTian by answering me this one question. If Windows is super secure on its own....then why is there a huuuuge market for security apps to protect it.
     
  23. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i am not taking a risk so i got my self security apps and i am not profesional nor paranoid but i think is better to be secure than sorry:D
    well your surfing habits may be safer than mine but anyway i will always surf secure:thumb:
     
  24. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    I think all alex_s is pointing out here is that DW or any such program is not bullet proof because of the amount of calls it has to hook into to monitor everything. I don't see where anyone is being referred to as dumb or anything.

    @Mapson, that program you referred to looks like a dynamic version of what I already use when I set it up manually.

    Sul.
     
  25. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    My bad, I should say "argument is not valid" instead of "professional".

    As for the market, carefuly tuned Windows with LUA is really safe.

    The reasons why the market is "huuuuge" :)

    1.) Inertia - until XP SP2 Windows was not safe and this "idea" is now carved in users' mind :)
    2.) knowledge - to make Windows really safe a user needs to understand some basics about Windows interanls, which most users lack
    3.) usability - third-party security products allow more user-friendly and transparent security setup
    4.) ambitions - most users who use admin access are not really ready to use it in a safe way, still they think they are
     
Thread Status:
Not open for further replies.