HitmanPro.ALERT Support and Discussion Thread

Discussion in 'other anti-malware software' started by erikloman, May 25, 2012.

  1. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Last few months can indeed be summed up to these points:
    1. Extremely busy getting Alert integrated in Sophos products
    2. Vacation period started beginning of July
    3. Microsoft launched Anniversary Update too soon (many issues) and surprise-flipped the switch on the new code signing policy which was not enforced in the Insider Preview builds; so there was no way to anticipate this; to top it off it they launched in our vacation period while understaffed; then we had to wait for Microsoft to ship a physical USB stick to our office
     
  2. test

    test Registered Member

    Joined:
    Feb 15, 2010
    Posts:
    496
    Location:
    italy
    ok, now ALL is working as expected here :thumb: (10 x64 Anniversary Update)


    --------

    To be fixed:
    FP with Avidemux 2.6 and Aimp 4
     
    Last edited: Sep 6, 2016
  3. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Well I for one am not. The permenent beta to me is Microsoft.
     
  4. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Heaven forbit NO. Capn you need to relax and be patient.
     
  5. CaptainLeonidasHMPA

    CaptainLeonidasHMPA Registered Member

    Joined:
    Aug 14, 2016
    Posts:
    42
    Location:
    The Netherlands
    I get it @erikloman I do.
    You are swamped trying to keep the higher ups pleased.

    However as a paying costumer I plainly should not have to care about all of it as I did not "buy" the product to include possible trouble ahead imposed upon us end-users by what might be poor management in general.
    1. Extremely busy getting Alert integrated in Sophos products -> both HitmanPro/Sophos might have seen this coming as one if not both companies should know that summer time is never the best of times to integrate complicated processes.
    2. Vacation period started beginning of July -> again most companies have some kind of administration in place to make sure "enough" people are around to keep going. Seems to me this was not solidly planned by human resources.
    3. Microsoft launched Anniversary Update too soon (many issues) and surprise-flipped the switch on the new code signing policy which was not enforced in the Insider Preview builds; so there was no way to anticipate this; to top it off it they launched in our vacation period while understaffed; then we had to wait for Microsoft to ship a physical USB stick to our office. -> granted a new signing policy is disruptive, fully agree. Yet again when signs are there that the launch was coming might have be a red flag to make sure some moving around in resources assigned would have been possible. But I really find the USB part hard to swallow: The Microsoft MediaCreator tool was almost if not directly available during the release of Windows 10 Pro AU for you to get and make your own USB-stick. Even getting a license for 10 is webbased available.
    I like the product as it is so please see my comments as a constructive note of at-least this end-user.

    Summer time might indeed be the best time to keep a sharp eye out for things released like zero-day leaks. Think hacker conventions info being releases. This might mean a higher priority could be given by companies to people like you to solve those exploits asap and putting integrations of processes on the back burner to release your workload.
     
    Last edited: Sep 6, 2016
  6. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,115
    Location:
    USA
    Smooth upgrade from 553 to 558 :thumb:

    Edge, Chrome 32 bit, Firefox 32 bit, and IE 32 bit all working fine; all showing colored borders and indicators. The only exception is Edge not showing the keystroke encryption indicator (I haven't been using Edge though so don't know if this is an ongoing issue).
     
  7. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,115
    Location:
    USA
    Did Erik say the USB stick from Microsoft was a copy of Windows 10 Pro AU?
     
  8. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,750
    Location:
    EU
    No issues with 558 here, win10 pro(64)
     
  9. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,345
    Location:
    the Netherlands
    All seems well on my Windows 7 x64.
    Updated 3.5.2 build 556 to build 558.
    I skipped 557, because of Hiltihome's report of log on black screen issue.
    Even though no fix was mentioned in the build 558 changelog, I tried 3.5.2 build 558.
    Luckily, no log on black screen issue here. (I hope the same for Hiltihome.)
    Also, no add-on issues in W7 IE11.
    Chrome not tested.
     
  10. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,103
    Location:
    .
    Settings
     
  11. CaptainLeonidasHMPA

    CaptainLeonidasHMPA Registered Member

    Joined:
    Aug 14, 2016
    Posts:
    42
    Location:
    The Netherlands
    You have a point if the USB-stick was indeed for the signed drivers bit.
     
  12. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,103
    Location:
    .
    The Software is licensed, not sold. The Software is licensed “as-is”. You bear the risk of using it. SurfRight gives no express warranties, guarantees or conditions. http://www.surfright.nl/en/terms
     
  13. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    One addition, SurfRight are 8 people (5 developers). If there is a vacation, then we are cut in half (and that half has to cover for the guys on vacation). If a major product release is in the summer (Sophos Intercept X) and also a major unannounced code signing policy then **** does hit the fan. We have tested EVERY Insider Build and delivered updates accordingly. MS just flipped the switch on the last one.
    If everybody is then on vacation and you have to wait two weeks for the USB stick to arrive and also work your way into MS new infrastructure (it is not like you submit a .sys file; you have to do a ton of work to get your driver accepted at all from scratch).
    Then the Windows 10 AU code signing policy issue only exhibits when you have SecureBoot enabled and installed Win10 from scratch AND your driver has a certificate newer than a date in 2015. So it is not that easy to spot. You have to run into it.

    I'm not going to say anything more. I want to look forward. Sophos Intercept X will bring all features of Alert managable from the web and also installs alongside other vendor AVs. SurfRight did the client side, Sophos did the cloud stuff. And while we made that we also kept our existing software up-to-date (albeit slower number of updates). Yes, 8 people, 23 million users. But integration is almost complete and additional help is on the way.
     
    Last edited: Sep 6, 2016
  14. CaptainLeonidasHMPA

    CaptainLeonidasHMPA Registered Member

    Joined:
    Aug 14, 2016
    Posts:
    42
    Location:
    The Netherlands
    True and I could also argue that given that we as end-user should not even have the option to vent our opinions after the money back period has ended when we buy a product with software support for a year for systems specified in the system requirements.
    Yet we can and as far as I know we should.

    However better leave the legal stuff where it should be.. In court and not in this forum.
     
  15. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    The stick has a unique client certificate that we have to use to authenticate at Microsoft. Releasing a driver is a whole lot more complex with the new policy as we have to run it through MS services and wait for it to complete (about half an hour). We had to figure this out as well right after the Win10 AU got published.
     
  16. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,345
    Location:
    the Netherlands
    How to trigger the Avidemux FP?
    Simply opening Avidemux UI, or opening a video file (which file type?), or certain processing tasks?

    On Windows 7 x64, with Avidemux 2.6.13 x64, simply opening Avidemux and loading and playing an .mp4 video file doesn't trigger a HMP.A false positive.
    I haven't tried Avidemux processing tasks, as I didn't know what to look for.
     
  17. CaptainLeonidasHMPA

    CaptainLeonidasHMPA Registered Member

    Joined:
    Aug 14, 2016
    Posts:
    42
    Location:
    The Netherlands
    @erikloman thank you for making your point.
    I am not attacking you as a person, keep that in mind.

    My frustration is mostly directed at the powers that be seems to have overloaded a small but willing group of people who try to keep 23 mil souls happy with the product in general.
     
  18. test

    test Registered Member

    Joined:
    Feb 15, 2010
    Posts:
    496
    Location:
    italy
    exactly (with hw-cfi): in VM, infact, Avidemux runs issue-free (but VM doesn't support this tech)...
    Which CPU do u have? Txs
     
  19. markloman

    markloman Developer

    Joined:
    Jan 25, 2005
    Posts:
    578
    Location:
    Hengelo
    If you'd like to use our signature-less technologies in your company and control them from a very pretty management console, a beta of Sophos Intercept X is now available through Sophos' Early Access Program (EAP) on Sophos Central. Yes, we've built a lot more things in and underneath HitmanPro.Alert this year :D Get a free 30 day trial here: https://blogs.sophos.com/2016/08/02...-ransomware-in-its-tracks-try-the-beta-today/

    And if you want to be the first to learn about visualizing attacks using the new Root Cause Analytics feature in Sophos Intercept X, come to London next week on the 15th! I am there too, doing a live "Mr. Robot"-style attack in the keynote of Sophos Next-Gen Security event, using a 3 year old exploit on a PC protected by a fully enabled and up-to-date 2016 market leading security product. I'm also talking about the latest developments in crypto-ransomware during a breakout session. You can sign up here (limited spaces available): https://secure2.sophos.com/en-us/co...s-next-gen-it-security/15-september-2016.aspx
     
    Last edited: Sep 6, 2016
  20. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    1,049
    Location:
    Baden Germany
    @markloman :
    Will there be a live feed, or at least a tube video?
     
  21. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,652
    Location:
    Outer space
    I see no difference. 1y1pc was 30 EUR, new website shows 35 USD, which is calculated back to 30 EUR in the online shop when using an European ip address.
    The new website only offers 1 year licenses, and the old one also offers 3 year licenses.
     
  22. CaptainLeonidasHMPA

    CaptainLeonidasHMPA Registered Member

    Joined:
    Aug 14, 2016
    Posts:
    42
    Location:
    The Netherlands
    I am more interested personally in a family/small business environment based management console.
    Something that would run on my Windows 2012 R2 Essential server or it's upcoming 2016 version someday (think the current version of Windows 2016 is still TP5).

    Anyway, like @Hiltihome suggested a live feed/potcast etc would be interesting to watch.

    Sophos Intercept X might be an option for my employer so I can always mention this to "certain ears" if they are willing to listen.
     
    Last edited: Sep 6, 2016
  23. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
  24. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,345
    Location:
    the Netherlands
    Thanks.
    I tested on my E8600 system, for which HMP.A offers no Hardware Assisted Exploit Protection.
    So that may be the factor that explains the different experience.
    Has anyone else - N.B. with Hardware Assisted Exploit Protection - confirmed the Avidemux FP?
     
  25. askmark

    askmark Registered Member

    Joined:
    Jul 7, 2016
    Posts:
    392
    Location:
    united kingdom
    I'm seeing 1yr 1pc costing 19.95 EUR not 30 EUR. On xe.com this equates to only 22 USD, so a 13 USD increase.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.