OA 7.0.0.1860

I notice they removed hide trusted Domain names now I have thousands of Domains names....Any clue why they changed the set-up...No need to set-up your banking info anymore my guess...

 

Emsisoft Online Armor 7 Thread

Hi all

Emsisoft Online Armor 7.0.0.1860 with BETA updates enabled:

http://support.emsisoft.com/topic/12296-beta-updates-–-2013-09-03/

 

Because the fact that some domains were allowed without showing up in that list was causing a lot of confusion for a lot of users, as they didn't understand why they were able to access certain sites in Banking Mode although they never added them.

 

Thanks Fabian for getting me straight on this update....Now that's world class support my friends....

 

Here is the full change log by the way:

• Full Windows 8.1 support.
• Asynchronous connection handling. This way existing connections will no longer be blocked by pending firewall alerts.
• Improved processing of digital signatures that use special hash and time stamp algorithms.
• Improved banking mode. Now all domains that are trusted are visible to the user to avoid confusion about implicitly trusted pages as well as white-listed pages.
• Improved rule processing for better performance.
• Improved compatibility with Chrome-based browsers as well as Sandboxie, VoodooShield, and several other security applications.
• Improved updates. Online Armor now uses the same content delivery network that is used by Emsisoft Anti-Malware to provide the best download speeds for all our users.
• All unnecessary Online Armor ++ components have been removed, reducing the download size by about 60%.
• More than 300 bug fixes overall. Between them various possible blue screens on Windows 7 and 8 systems.

 

Props to OA & EAM. Getting too old here, I don't do Beta anything anymore. When is this going Final? Thanks.

 

@Fabian

Kudos to you for your personal attention to the inquiries and issues posted up here at Wilders. In looking ahead to OA v7, I'd like to pick your brain on these...

•On a win7x64 OAP history of that "simultaneous" 5.5.0.1557-then-1616 install and a later product update to 6.0.0.1736, would you recommend an uninstall of v6 and a clean install of v7?

•How about on a Win7x64 system having run only 6.0.0.1736: uninstall v6, install v7 or a product update?

Filter your replies considering a user who has installed and managed OA on some two dozen systems (about half of them Premium) since the time of Tall Emu. As well the user will be running OAP on those Win7x64 systems for at least two more years. The user may or may not be me.

•And unrelated or not to the above, regarding a clean install of OA v7, can v7 import the data from OAFWRules.sav and Domains.sav files exported by v6?

Thank you.

 

Depends. If you are having problems with signed files not being detected properly, you may want to do a clean install, to make sure all signatures are recognized properly (Online Armor only tries once per file, so if a signature was discarded due to its exotic time stamp or hash in the past, it will forever be considered unsigned even in 7.0 with the updated signature routines). In all other cases an update or an upgrade install should be fine.

Should work just fine.

 

Hello Fabian,
Did you add any new/improved security releated function to OA and its HIPS?
I read changelog, it looks compatability&performance&bug fix update.

 

A few of the bug fixes are related to the HIPS. There was an issue with guard pages for example, that could be used to bypass parts of the HIPS that was fixed. Other than that, not much has changed. Primarily because so far there hasn't been any need for further adjustments.

 

Maybe that would be good;

-Fix: Zemana keylogger leak test can record keystrokes on win8x64 system;
http://www.zemana.com/LeakTest/keylogger-test.aspx


-Add: Screenshoot protection can be good, SS leak test can record screen, OA doesnt have screenlogger protection.
Other HIPS has this protection like Outpost/Comodo/SS

-Option: Protection on/off for some sonar. SS has this function, SS show "disable monitoring this action" on popup alert. So we can disable software execute alert for example. Or keylogger alert, maybe. It just flexibility for advanced user.

 

None of which is relevant for a firewall. Leave alone that some of them can't be implemented reliably on newer x64 operating systems.

 

Yes, right.They are relevant for a HIPS. And OA has some HIPS ability, I was thinking Emsisoft want to improve OA's HIPS features also.
If you will not add more HIPS features, for FW module, i accept "there hasn't been any need for further adjustments."

Comodo and Spyshelter successfully block Screnlogger tests on win8x64. I dont know they are using reliably method or not but I am using SS and i didnt see unreliablity.

i am not expert, I dont know new patch guard restrictions. But i just look market, There are some software (not too much) which are work nice on x64 systems. I dont say "there is no limitations",just there are software which are solve this problem. (partially or fully)

And, There are some manufacturers who complain of restrictions. Kaspersky has "Application Control" but there are some limitations on x64 systems;
https://www.wilderssecurity.com/showpost.php?p=2273345&postcount=141

I remember KIS had got Sandbox ability, they dropped this function because limitations of x64 systems. Today CIS/Avast/SBIE/360IS has good sandbox, it is working on x64 systems.

 

I think the confusion stems from a different understanding of what a HIPS is supposed to be. The HIPS in Online Armor is designed to plug the numerous holes Windows has that would allow malware to bypass Online Armor's primary function, which is restrict incoming and outgoing network traffic. Blocking screen shot captures for example, hardly fits that definition. It may make sense though for an anti-screenlogging tool, like SpyShelter.

If you have leak tests, that would actually allow software to bypass Online Armor's network restrictions, feel free to share them and we will happily update the HIPS. In all other cases we will most likely pass.

 

Hmmm...I was thinking that HIPS module in OA is designed for system protection not to self protection of OA
What would be wrong if you would add some anti-logger abilities like earlier guest have said?

 

It is a system protection. After all, the way around a firewall is to try to pass by as someone else by hijacking allowed processes for example. So Online Armor needs to protect those processes, and the system as a whole, to be able to guarantee that the process trying to access the internet right now is really that process and not malware looking like that process.

Of course it is possible to add all kinds of additional alerts to Online Armor, but the question remains whether or not these kinds of alerts are useful in context of a firewall. Online Armor was originally designed for average users like your moms and dads. It is important to us to get back to those roots, as you can't finance a product like Online Armor just by trying to cater to "geeks" like the folks you find here at Wilders alone. Adding even more alerts, that arguably don't belong into a firewall to begin with, would contradict that goal.

We won't cut any existing features (as Online Armor has some anti-keylogging and screenlogging functions already), but we won't add new ones that will add to the usability mess that Online Armor has been since version 3.0.

 

I think you could simplify the popups' layout as well.

Alert window is too large with lots of text ATM...maybe there could be a button/option to expand description of technical details for geeks.

 

I actually like the amount of the info in the alert window. I wish comodo had as much. Makes deciding what to do with the prompt a little easier.

 

Tell that to novice users....they don't have time to read all that text. They just press OK or Allow buttons. I know my wife, dad and users like them...

 

I like the popups that don't even show up as the software was able to figure it out on its own .

 

I remember same as you. after Fabian's clauses, i will not wait exhilarating update from Emsisoft.
Actually I miss Tallemu days for OA, but it is history now.

If it will develop for average users, like Moms/Dads, I think OA will not different then any other FW. There are many quiet/good FW. no need seperate FW product For moms/dads, Internet security packs are better for them.

And OA 6/7 is not easy to use software for moms/dads. I dont know any mom/dad who has ability to use Online Armor If you remove file execution/creation/deletion/.... and many other popup, maybe they can use.

 

Norton's SONAR comes to my mind....

 

That's why said "I" like the pop ups. Don't really care about novice uses. I don't think I would put something like OA or outpost on a novice computer. My phone would be ringing off the hook everytime the tried to install a new program.

 

Online Armor wouldn't exist now if they hadn't sold it. I hope you are aware of that. It would have went the way of EQSecure, Diamond CS, Ghost Security, or all those other failed companies and products by now.

 

I don't like SONAR. It is almost blind if for some reason it can't connect to the cloud in my experience. That being said, they may have changed it in one of the later releases.