EQSecure V4 Beta, Morc calling Orson, come in Solcroft

xuesisi Thanks

 

That is the problem when buying music files, you can download the lisence only once. When you sandbox these aps you kill your lisence.

That is why it is much harder for a application based virtualiation sandbox to deal wth these things. I think this is also the point Aigle was trying to make (not application based protection of SafeSpace/Sandboxie, but objects related protection of untrusted sources of GW/DW no mather it is a file or executable) in this post https://www.wilderssecurity.com/showpost.php?p=1195933&postcount=61

At the moment when buying music
- DW gives no problems, works out of the box
- GW works out of the box for MP3, you have to mail Brian to change a setting so WMA files also work okay.
- SafeSpace worked with MP3, they were working on WMA, have not tested it since
- Sandboxie could not get it to work a long time ago, do not know the status now.

Although it is not based on facts you can see that general application development rules apply on these programs: simpler is better (DW versus GW) and later entrants can use the advantage of the blue ocean/green field setup (no legacy SafeSpace versus Sandboxie), older applications are more solid because they are tested better in practise (SandBoxie versus EQS Sandbox). Using mechanismes of the host increases compatibility (GeSWall uses internal windows GPO mechanismes I do not know of any conflicts between GW and other programs, like TF and Sandboxie or in the past/now solved DW with KIS).

I guess Wilders Members are more into virtual communcation and testing software than raving parties and downloading music.

Regards Kees

 

With Sbie, you have to run the program or file sandboxed in order for it to be isolated/virtualized. I'm running Firefox sandboxed with Sbie and I right-clicked an image in this thread and saved it to My Desktop. I have My Desktop set in 'Quick Recovery' and I have 'Immediate Recovery' enabled. So, that means a box automatically pops up and asks me what I want to do with the saved image. I chose to recover to desktop and the file was sent to my 'real' desktop. That is the point of recovering the file. Sandboxie doesn't tag anything recovered from it. It assumes that anything you recover is safe and has nothing to do with the file or program unless you start it sandboxed manaully or it opens by a forced program you have set in the paid version of Sbie.

However, if I right-click the image file I recovered to my desktop and select 'Run Sandboxed' then the file is opened with my default image viewer which is automatically sandboxed via Sbie.

 

That makes it more clear now!

Thanks

 

Hi,

So, ProSecurity, EQSecure and perhaps some others are all one man enterprise there. Not a big surprise to me.

In China, there is a very OLD(IMO, is out of style by today's standards) saying: Prefer being a Chichen Head to being a BULL TAIL.

What would be a nicest thing if ProSecurity guy join EQSecure boy or vice versa. Eh?

 

Hi,

So no one has made it work in English yet? I have to say that I still don´t really like EQS, just the whole GUI/look and feel/usability, I´m very sensitive to these things. But I really want to check the virtualization feature out, I wonder if it will be as good as in SBIE.

@ Alcyon, can you perhap post your registry and file protection settings, I believe you was still busy with it, in some other thread. It was one of the reasons why I wanted to check EQS out again. TIA

 

Another feature I missed in EQS was the ability to clean usless rules. There is such a feature in SSM and CFP already.

 

Thanks xuesisi!

Can u convey to him these:

1- Network access filter( i like outbound control)
2- option to enable hash check globally
3- Ability to clean usless rules( purge function like CFP)
4- Some GUI skinning esp for the pop ups

Thanks

 

I agree that GUI need a lot of improvement. I am also sensitive about the GUI issues.

 

Why not help them with the idea? You speak Chinese don't you?

I do not understand these one man band developers. Consider this:
- Solcroft is testing TF and problably all for free
- CognitoErgoSum used to promote PRSC
- Aigle test a lot in general
- Eastern got fameous thanks from russion IT-guy
- Rasheed is early on news
- Bellgamin always some info yonder
- Etc

An active networker would ask them whether they would help him with . . .
- testing the prog against malware and publishing it
- answering support request on the forum (split the forum into a community and a real helpdesk like guys from A2 did)
- check whether latest releases are available on download sites plus add some user references.

You should not have to do the selling and back office/support work all by yourself

 

Hi,

The joint venture idea may have been indeed entertained by either one or both of them already. Perhaps timing is not quite ready yet.

You know, in some of developing nations(China is soon to be out of this category), there are advantages to stay as single-handed operations. The tax system, marketing requirements, product feed/supply channels and so on have own distinct flavours.

And such luxury would never have a slight chance to prevail in North America. That is why we do not see even a handful of one-person show operations thriving these days.

Just my loonie sense of the day.

Take care.

 

A network access filter could be nice... A vertical scrollbar could be helpful aswell:

http://img31.picoodle.com/img/img31/4/3/5/f_eqspromptm_f11bb6d.png

@ Rasheed187, be patient

 

Perman, in fact, all is much simpler- the life itself is much cheaper in the "development" countries. "Life" means here: food, flat, electricity, taxes. Marketing, IT infrastructure are about the same level.

BTW, one-hand operations has its own pros and cons.

 

Translated by myself,If u find any mistake ,I'm sorry about that.
u can edit EQSysSecure.xml .


Rename en.zip.txt to en.zip & copy to EQSecure\Lang
now ,test EQS pls .

 

Thanks a lot.

BTW it might be alraedy reported, some BSODs and there is always a delay in pop up when I execute an application. When I click on an exe, it,s after a while that I get a pop up alert.

 

BY the way where is Solcroft?

 

Great! I´ve avoided EQS just because of the language barrier. But now I will test this application thanks to the fact that one now knows what certain things stands for and the many posts that some of you have written

@xuesisi: Many thanks xuesisi!

P.S. If you hear some interesting news or trends back at the Chinese security forums that we miss here at these forums, please notify it here at Wilders by some short abstract D.S.

/C.

 

Hello, very nicely working. One window is missing though.

Thanks

 

A matter that just requires a little patience.

Again Thank You xuesisi

It's appreciated and many have been waiting for this and especially a generous qualified go-between to pass along various EQS concerns, issues, interests, so this is really helpful indeed and timely i might add.

EASTER

 

ISSUES DISCOVERED SO FAR:

Activating EQS 4.0 Task Manager from either Beta tray icon or GUI persistent CRASHES eqs, tray icon leaves. Must restart EQS again. Cannot access it at all, XP Pro SP1, not tested on SP2 or no SP yet.
........................

When you open app sandboxed, then open Run Process In Sandbox then
click to terminate, the TERMINATE button doesn't stay enabled, only for a
second or fraction, so demands quick reflex to simply select TERMINATE,
the TERMINATE ALL functions fine.
........................

Also notice sandbox color BORDER drops off after a moment of starting with other apps open, losing focus occasionally. Restoring focus to another app returns border color again to sandboxed app. Clicking on sandboxed app, border vanishes, dunno if this by design or something to consider.

BONUS!

Plenty of great accurate & detailed information to be found when EXPAND sandboxed app. THANK YOU!!!

Target:

Physical Memory:\device\physicalmemory

Block Selected = Could not open \device\physicalmemory: Access is denied.

Still testing

 

I can't wait for this, I'm planning to run sandboxie inside eqsecures sand box.

 

It,s really a nice Sandbox. I will love to have it as a standalone application as well.

 

Sadly as a HIPS, EQS, failures are still there:

1- Brontok worm is able to bypass shut down protection( allowed all other actions except system shut down).

2- Coolpics worm is able to disable Task Manager and Regedit( allowed all other actions excpet registry modification).

3- Brontok worm is able to disable Regedit( and may eb Folder options as well- forgot to check)- I allowed all other actions excpet registry modification.

It was same with previous version. May be I am missing something.

Oh yes, SSDT unhooker EZ Rootkit seems to bypass EQS( I denied all actions after execution).

 

The 4.0 version is still a beta,we need you to test.


One window is missing though...I'm so sorry,because there's nothing about this Part in
EQSysSecure.xml ,I guess EQS_dev forgot to add this new content.

 

He is stuck in a new house with no internet access while his ISP drags its bum in turning on his connection, and is forced to access the net from uni where network policy prohibits him from downloading/installing executables.

At any rate, he IS working on the translation for v4.