eeye Blink

Does anyone have any experience with/opinions of eeye blink?

 

Is this a rare medical condition??

 

Can't comment on it personally, however, review titled "eEye's Blink Has Spotty Vision" here:
http://www.eweek.com/article2/0,1895,1634973,00.asp

 

I tried v2.x ?? "trial version" very briefly for use as a potential "firewall only" for single home computer, since I'm not interested in paying subscription fees or using the other features. If you have lots of memory to spare and if you don't mind paying the $$$ for the full version, I would certainly try it out. At the time I couldn't get past it's memory use which was about 80 MB...which was probably with the GUI open...I only had 384 MB PC100 installed at the time, so although it was impressive at first glance, I soon went back to something lighter.

More recently, I have decided that if you have enough hardware to support it, choosing a firewall that uses some of the hardware is not such a bad thing, at least if you end up with a firewall that works exactly the way you want it to, also providing piece of mind, reliability and not having doubts that there might be something better and wasting time and money (hardware upgrade $$$) trying to find it.

 

I see that they will soon be releasing a free version for personal use:

http://www.itnews.com.au/newsstory.aspx?CIaNID=35459

 

Thanks for the heads up, this will certainly be a nice product to play with, especially since eEye Digital Security is one of the better security companies.

 

I played with its professional version. In my opinion if the free version will be the same firewall, it can not compete with firewalls like ZA Pro, Outpost, Jetico or Comodo. It fails almost all leak tests except leaktest1.2.

J

 

I'll probably try it when it becomes available. I don't consider leaktest results to be the sole indicator of whether or not a firewall can compete with another. To me there are more important considerations, such as:

-do you like the GUI?
-can you configure it to do what you want it to do?
-does it need fixing all the time?
-does it play well with your system?
-do you have any issues with the product, such as product activation (what happens if the company goes belly-up like AtGuard/Sygate/etc. and you need to reinstall and the activation server is no longer there?) or trusting the product's developers (phoning home issues, etc.)?
-is the developer interested in listening to users' suggestions?
-price
-memory use
-etc.

 

ROFL

 

That's it.
It was a good point of view from a firewall user.

 

Great list for firewalls. Should be made part of a sticky. I would add one more small item to the above list: Can the firewall be configured to block both incomming and outgoing traffic? For example Ports: 137, 138, 139, 140 and 445 on the outbound side?

There will always be some sort of junkware that may try to use the obvious ports disguised as something else but MS Windows ports are by far the most commonly abused.

 

I see it's available to download http://www.eeye.com/html/products/blink/personal/index.html
It's listed as a beta. Looks like it has Product Activation too, so I won't be using it.

 

I´ve checked it out, and it seems to be a nice tool (first impression), the only things that I don´t like is the resource usage (way too high) and I´m also not that happy about the GUI. Not sure if I will replace ZA Pro with this one.

Oh and btw, I got a strange alert, according to Blink I am attacking the Wilders Security Forums (Via "XBM Cross Site Scripting and SQL injection"):

Is there something wrong with my system, with the forum software, or is this a false positive?

 

That article is dated 8/16/2004 -- more than 2 years old. Plus it covers version 1.0 & the current version is 2.6.1.

I checked. You are correct -- a truly outstanding security company.

Quote from Wikipedia

Based on what I saw at eEye's website, Blink is far more than just a firewall. Its Personal (free) version is reported to include the following capabilities

+Personal Firewall (Application and System)
+Identity Theft Protection
+Protocol-Based Intrusion Prevention
+Application Protection
+Registry Protection
+Execution Protection
+Local Vulnerability Assessment

eEye *COMMUNITY*The following blurb from eEye's web page covering Blink's Personal (free version) indicates that this application will apply the highly touted community concept of improving protection...

I signed up to download a copy. eEye's notification email informed me that Blink is a beta and that the Personal Edition is free of charge "during the beta period." The Pro version costs $59 so I expect the Personal edition will eventually be priced maybe $10 - $20 less.

I hope that using their beta will earn me some eEye brownie points so that they might give me a better price when it goes non-free -- IF I like the program.

The download was 27,431 Kb zip file. If you're on broadband the download is VERY fast -- they evidently have a big pipe (a further indication that they are a substantial company).

 

eEye plans to keep it free in return for the reporting, at least that's what they said in their original press announcement. It's being used for intelligence gathering to see what else should be implemented.

I've been giving it a go. Some parts of it are very nice, other parts of it need serious change.
-The firewall is too noisy for my liking, but disabling it seems to be fine.
-The "identity protection" is anti-phishing, which I don't really care about.
-The execution protection is more for specifically defining things that should not run.
-The registry protection is mainly focused on vulnerable CLSIDs (protecting kill bits and other such components with vulnerabilities, it's not like registry protection you see around here; you wouldn't want to add protection for anything that would ever be legitimately modified)
-The application protection controls one global hook, one form of termination, and writing to another process's memory- this causes problems but can be disabled. Disabling per application requires manually configuring a config file.
-The IPS is network IPS, which is great. Of course there's false positives, but that's the way these things go.. it shouldn't cause any real problems.
-The vulnerability assessment needs a LOT of work.

The intelligence gathering, the way they do it, will bother some people, but these things are all always a matter of trust. I would not recommend this for those that want easy software and aren't comfortable with the idea of a corporation looking over their shoulder (which will, however, be used to add blocking.. some will like this, some will not, just review their privacy policy so you're aware of how it works). This is also based on corporate security software, so (except for the firewall) it's not like much of anything else on the consumer market. Most of what you'll see is the firewall, but when something goes wrong it will take some know-how to resolve. At least the way it is now. The only real gripe I have with it is the memory usage, which is around 50 MB (give or take a few). I just hope that will change.

 

eEye gathers data. So also does Prevx, the company which employs the poster quoted above.

In connection with their data capturing process, eEye states:

Concerning data gathering activities by Prevx, Kareldjag's review of Prevx stated in part...

That review includes a response thereto, from a representative of Prevx, quoted in part as follows...

So it would seem that *trust* is involved with respect to data gathering by eEye and by Prevx. Why then, I wonder, did the poster see fit to infer that this aspect of eEye's Blink is something unique or adverse to good privacy?

The fact that the poster is employed by Prevx causes his negative comments about Blink to resemble "trashing a competitor."

The poster's use of the term "corporation looking over their shoulder" implies corporate spying on the part of eEye. Concerning Prevx, however, this same poster referred to similar actions by Prevx as being reviews by "experts." In my opinion, that sort of word-smithing does not fit in with what purports to be an objective, impartial review.

Representatives of other HIPS companies post in these forums from time to time (representing Greenborder, Online Armor, Process Guard, GSS, et al). I have never observed any of them to *review* a competitor's product as this Prevx employee has done here, muchless to offer negative comments as he has done.

 

To all,

I suggest that all focus on technical comments and avoid the personal accusations.

It is quite reasonable to ask how the data mining of eeye Blink differs from that of Prevx. Perhaps the answer will come back that it doesn't, perhaps there will be specific items that would give some people reason for caution. I don't know where the answer lies, but I do know that answer is a critical one for all to see before casting accusations all to casually about and making non-sequiter references to other posts regarding entirely different issues.

Regards,

Blue

 

Hi Bellgamin,

I'm probably going to regret posting this - and I'm not going to comment on this thread further to avoid the potential of getting dragged into a flamewar, but I think I have to speak up here on a couple of points.

Personally, when I read that I didn't see it the same way as you. I see it as just a comment, which could equally be applied to any of the vendors who collect data.

This is the part that made me want to respond. Please remember that Notok was a member here,first and foremost before he joined Prevx. The rest of the vendors you mention, myself included, typically visit here to comment on issues related to their products. I'm not sure whether that should grant him any latitude - but at least he should have the benefit of the doubt.

I've refrained from posting on many an occasion because of my affiliation, even when I've had something of relevance to say. I think it would be a sad loss for Wilders should Notok feel it's easier to pass by, than participate.

 

Good God:
@Mike Nash, you demonstrate admirable poise but:

Better your restrained relevance than my useless drivel eh

Notok ..respect.. you are in tricky position

Bellgamin: hard but maybe fair.

I looked at eeye Blink some time ago: good concept the "community", that is new afaict, is there reason to believe this is a better option than :
>lock it down first: white list only
> ease restrictions on an "opt in" basis

As opposed to free for all based on "community" lessons and handing management over to some nebulous group who may not really have my best interests at heart and Could be open to manipulation ( heh like Google )

cf PG v PrevX

Both seem to have advantages
interesting that big corporates are extending their expertise to SOHO types

Sorry: non technical ramble.

 

I respect the points being made here but can we get down to the nitty gritty and someone say just how well it performs, for instance:-

Leaktests
Memory used
Is there a performance hit
Is it an intuitive interface or is it a head scratcher

Perhaps Stem could take it for a test drive?

 

Hi David,.. yes of course. I am currently downloading. I will install later this afternoon.

 

If you download it, you can find included in the zip file downloaded a user guide, with a lot of screenshots.

I know nothing about this new soft because I didn't manage to install it : when installing, I was prompted for the license key (provided during the download step), but then the soft must access to eeye server to check the key. In my side, it fails !

 

Thanks Stem

Await with interest.

 

My beef with this one and others that use Product Activation is what happens if, after you have spent great time configuring it the way you want and thinking it is exactly what you want...then Symantec buys it and kills it or they go payware, etc.? Then if you want to reinstall it, the activation servers are no longer there and you have to find another app real quick and spend time all over again getting it to work properly, etc. This wouldn't be so bad if it was a text editor or an audio player, but it is a security app and I want to feel secure that, if I like it, I can use it as long as I want and reinstall it as many times as I want, with no restrictions. I wonder what the people still using AtGuard/Conseal/Kerio 2.1.5/Sygate/older (better?) versions of Zonealarm, etc. would be using if these apps had implemented Product Activation! Unless there was some way of bypassing this process that would allow me to reinstall without activating over the internet, I would not even bother trying such apps.