GeSWall > Can it protect me?

Discussion in 'other anti-malware software' started by RedZero, Dec 8, 2007.

Thread Status:
Not open for further replies.
  1. RedZero

    RedZero Registered Member

    Joined:
    Oct 22, 2007
    Posts:
    34
    The "Eight Security Sandboxes Reviewed and Rated" page at:

    http://www.techsupportalert.com/security_virtualization.htm

    states that GeSWall "failed to protect the host PC from malware infection and cannot be recommended".

    I realize this article was written back in September of 2006, but in your opinion/experience, has GeSWall been improved since then?

    Have there been any other tests?

    Thanks!
     
  2. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    That review is flawed at best. The author doesn't understand the concept behind GeSWall, so he believed that the presence of malware files and misinterpretation of leaktests results was a clear indication of the fail of GW.
    It has improved a lot, both in security and usability.
    AV-Comparatives has tested GeSWall with real malware and it achieved a perfect score. Click on "Comparatives and scroll down to the bottom. The test is called "Comparative of various protection tools" and it was done in October 2006.
     
  3. omega5475

    omega5475 Registered Member

    Joined:
    Nov 27, 2007
    Posts:
    34
    Gizmo is an idiot so don't trust his reviews. GeSWall DOES NOT prevent your pc from getting infected by malwares BUT it does prevent the malwares from executing or running on your system.

    For example, if you isolate your Internet browser (i.e. Firefox) and download a file which contains a virus. GeSWall will not block the file from being saved to your PC but it WILL block the file from executing itself.

    It's ok to have malwares on your PC, as long as they can't execute. Just remember when you uninstall GeSWall, the files which were isolated will be returned to their normal state. It's like releasing criminals out of prison, so take note of that. I believe this issue will be fixed in the coming version, IF Gentle Security is still alive that is...
     
  4. simmikie

    simmikie Registered Member

    Joined:
    Nov 11, 2006
    Posts:
    321
    of course they are alive, they have the will and the energy to remove post they don't like, just not enough to respect their customer base. :cautious:


    Mike
     
  5. masqueofhastur

    masqueofhastur Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    109
    Who are you that I should trust you saying he's an idiot?
     
  6. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    1,617
    Location:
    Canada
    Insultate people is of bad taste and it's usually not very welcome on this Forum.
     
  7. LUSHER

    LUSHER Registered Member

    Joined:
    Feb 28, 2007
    Posts:
    440
    True. I wouldn't call Gimzo a idiot (he's not compared to the masses), but he isn't an expert either.

    He is like many people here, "learning on the job" by playing/testing with stuff, though he has the disadvantage that he is spending a large amount of his time doing so for all kind of apps not just security related as many people here...

    But then again, who am I to say that... :p
     
  8. omega5475

    omega5475 Registered Member

    Joined:
    Nov 27, 2007
    Posts:
    34
    IMO, Gizmo's an idiot for writing a review without taking an effort to figure out what a software actually does and capable of, and he dares to call himself a tech expert?

    I'm just a regular user with average knowledge but with the will to learn more. I apologize if my words are harsh but those are my honest opinions.
     
  9. masqueofhastur

    masqueofhastur Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    109
    He did. GeSWall was incapable of doing certain things the other programs were capable of. In fact, it does operate differently and depending on what you're looking for, it might not be adequate. The AV-Comparatives summary on it didn't leave me with the impression that it's viable as a "set it and forget it" type program, which some of the other programs are.
     
    Last edited: Dec 9, 2007
  10. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408

    I take most reviews of this sort with a grain of salt.
    Some even less.
    My answer to " GeSWall > Can it protect me? " would be a definant yes.
    GeSWall works differantly then a classical hips. My advise would be to read up everything you can on it, including everything from thier website and any guides and or whitepapers there is and make that final choice yourself, as I already have done myself. Just remember thou the key to a good security setup is that of a layered defense.
     
    Last edited: Dec 9, 2007
  11. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    From the test:
    He clearly was expecting that all the sandboxes would redirect read/write operations to a virtual container which can be dumped at a latter time.
    GW doesn't work this way
    Since GW "failed" this test, it wasn't tested further.
    Obviously, he didn't take the time to read the FAQ or the documentation. He hasn't investigated the "source of failure" yet.
     
  12. omega5475

    omega5475 Registered Member

    Joined:
    Nov 27, 2007
    Posts:
    34
    No, he didn't. If he had read the FAQ or documentation like lucas1985 mentioned, he would have known that GeSWall is DIFFERENT from your typical sandboxes. Even Gentle Security doesn't claim that GeSWall is a sandbox.

    http://www.gentlesecurity.com/docs/geswallfaq01.html#q4

    GeSWall does take a little time to configure but when you're done, it's really "set it and forget it".
     
  13. Henk1956

    Henk1956 Registered Member

    Joined:
    Dec 3, 2007
    Posts:
    55
    GeSWall is in the same category as DefenseWall, which was tested by Gizmo in another way, see:
    http://www.techsupportalert.com/security_HIPS.htm

    If DefenseWall would have been tested in the same way as GeSWall, it would also have failed in the same way as GeSWall.

    On the other hand if GeSWall would have been tested in the same way as DefenseWall, it would also have been an outstanding performer (and a free one).
     
  14. LUSHER

    LUSHER Registered Member

    Joined:
    Feb 28, 2007
    Posts:
    440
    Why the difference?

    Reason being that Gimzo actually *learned* more stuff between those two tests....I'm pretty sure he reads here and other security related forums*... IIRC, the DefenseWall guy read the earlier sandbox review and was pissed because he realized that if Gimzo's misconception was not addressed, DefenseWall would be bashed as well (it just escaped cos Gimzo wasn't aware of the product then) and I believed he actually wrote to Gimzo to set him straight and give further advise on testing methods.

    And the very next test ,lo and behold, defensewall was all bright and shiny!

    As I said before Gimzo is no tech expert, otherwise, pretty much everyone here posting and reading this forum daily for a year or two would be tech expert as well. :p

    *For sure he reads the castlecops wiki, and copies a lot of stuff off there about new tools.
     
  15. masqueofhastur

    masqueofhastur Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    109
    Taking time to configure isn't set and forget. Also, I don't want to have the malware even get onto my computer. It shouldn't be even sitting on my computer doing nothing. That simply means it has a design that isn't desirable. Quite frankly Shadowsurfer isn't either - I don't want my system compromised even temporarily.

    The other programs can keep malware in containment - GeSWall can't. The fact that it's not designed to do that doesn't change the fact that it can't. The only thing missing would have been a mention that it wasn't designed for that purpose.
     
  16. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    If you don't like GeSWall's operating principles, that's fine. Just keep in mind that the answer to the OP's question is an undoubted yes, it just needs to be used properly like any other program.
     
  17. omega5475

    omega5475 Registered Member

    Joined:
    Nov 27, 2007
    Posts:
    34
    masqueofhastur :

    Did you even try to use GeSWall? It's programmed to NOT block malware infection on purpose, so it won't cause any conflicts with applications. If you don't like the concept, then it's not for you but don't go saying their design is flawed.

    Where you can find one good software that simply works perfectly without any user configuration? If you can't at least spend a little time understanding and configuring a software to protect your system, you are better off not using any security softwares.
     
  18. masqueofhastur

    masqueofhastur Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    109
    That's the most ridiculous idea ever. Plus, you're reading more into what I said than I actually did. I didn't say the design is flawed, I said it doesn't do certain things, which is correct, and Gizmo correctly identifies. Plus, the method of not allowing it onto the system IS better than allowing it. Also, I don't want any software that depends on malware, so application conflicts are not a concern. The idea that you're better off not using any security software is mind-numbingly ridiculous.
     
  19. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    I'd like to know how I can compromise my security if I have malware.exe in System32 directory and knowing that it'll be gone with two mouse clicks.
     
  20. omega5475

    omega5475 Registered Member

    Joined:
    Nov 27, 2007
    Posts:
    34
    The idea is like having a bunch of robbers enter a bank without security guards stopping them. The robbers will however, find themselves unable to take the money from the sturdy vault. They are then locked inside while waiting for the police to arrive.

    Has the security been breached? No, since all money are still inside the bank and no security guards got killed trying to stop them. Who says GeSWall don't hold malwares in containment?

    It's not just malwares we are talking about here. What if you try to install a clean software? The sandbox virtually allows it but the drivers were actually blocked from installing to your PC. GeSWall doesn't filter out which are good and which are bad, it merely allows everything but only the good ones are able to execute.

    A product is only considered defective if it doesn't work the way it's supposed to. And by saying it's a poor software that doesn't function properly, it shows Gizmo didn't do his homework and just wrote a review that tarnishes the good name of Gentle Security.

    I didn't say we are better off without any security software, just you. Since you want something that simply works out of the box, there's no such safe security software for you.
     
  21. LUSHER

    LUSHER Registered Member

    Joined:
    Feb 28, 2007
    Posts:
    440
    I know what you are trying to say, but this portion can be *so* easily misinterpreted.
     
  22. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    You know what he's trying to say, but does he know what he's trying to say?

    I suppose that, to the uninitiated, the presence of malware files on a hard drive equates to malware infection. If so, I suppose my computer has been infected by 72 different trojans/worms/rootkits - all of them residing in the D:\Malware Storage folder. There are also 19 other trojans hiding in C:\Program Files\Opera\profile\cache4, plus smatterings of others in my Firefox and IE cache folders as well. LOL? :D
     
  23. omega5475

    omega5475 Registered Member

    Joined:
    Nov 27, 2007
    Posts:
    34
    I wrote that without thinking twice, it does seem to be misleading. I apologize for that :oops:
     
Loading...
Thread Status:
Not open for further replies.