OA free & EAM paid how to avoid overlap?

Discussion in 'other firewalls' started by zapjb, Aug 31, 2013.

Thread Status:
Not open for further replies.
  1. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
    @zapjb

    You cannot just disable only the overlappings of EAM's behaviour blocker and OA's HIPS component, because I am questioning the HIPS as a whole and the HIPS is the key feature of OA. Without it, the application would be pointless (except for the file and registry shield in the premium version). Hence I am questioning the benefit of OA as a whole, if you already have EAM.

    If you want to avoid overlap, don't install it all. If you want to cover the shortcomings of your anti-malware / anti-virus programs, try something else. Once you've covered said shortcomings, suddenly the realtime protection becomes kind of pointless and could be reduced to on-demand scanning.
     
  2. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    5,554
    Location:
    USA still the best. But barely.
    The official response I received.

    "Hello,

    technically based there are no overlaps. EAM uses a behaviour blocker and OA uses a HIPS.

    Description Behaviour Blocker: hxxp://www.virusbtn.com/resources/glossary/behaviour_blocker.xml

    Description HIPS: hxxp://www.virusbtn.com/resources/glossary/intrusion_prevention_system.xml

    So you can use all features of both programs simultaneously."


    Thanks everyone & I consider this answered.
     
  3. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,718
    Location:
    Gaia
    OA 7.0 beta is out!

    Emsisoft Online Armor 7.0.0.1860 with BETA updates enabled:

    Keylogger alerts for trusted programs – fixed.
    Blocking certain installers on x64 – fixed.
    BSOD in NDIS packet filter – fixed.
    BSOD when accessing long registry keys – fixed.
    Digital signatures no being processed on Windows 7 & 8 – fixed.
    All domains are visible now.
    Setup file size reduced by 60%.
    Improved updates download speed.
    Uninstaller hangs occasionally – fixed.
    Blocking pending connection requests if a network-related popup is active – fixed.
     
  4. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
    Of course there are no technical overlaps, of course you can use all features of both programs simultaneously. I've never disputed that.

    There are no technical overlaps because both programs rely on different techniques. The overlaps occur when it comes down to what you want to achieve if you plan to use OA in addition to EAM. Additional security. To achieve additional security, OA needs to catch what EAM misses. There is no proof of that.

    Let's say EAM catches 95 of 100 cases. Naturally you want a remedy for your vulnerability against those five cases. You install a HIPS. But your HIPS only achieves 95 of 100 as well. Depending on who was faster, either EAM would have blocked the stuff or the HIPS would have asked you what to do. Actually it would be bad if the HIPS was faster, because you would have just gone through forbidding 95 cases manually, which would have been taken care of automatically or with less user interactions. Either way, an overlap of 95 cases.

    In addition there a countless cases of benign application activity. EAM only bothers you on occasion due to a false positive, but OA will ask you a lot more, because that is the way a HIPS works. So here you will just go through allowing stuff which should run in the first place.

    So in the end you'll get the same results, only with way more nuisance.

    If you consider using a HIPS you should always consider what you want to achieve. If you see your anti-malware fail in certain aspects of certain tests, you shouldn't automatically assume the HIPS would have taken care of them. Unless you actually see that HIPS catching the misses in that very same test, you are just guessing. After you have witnessed the vulnerability of your anti-malware software, you are concerned and rightfully so, because you have just seen proof. You know that you are vulnerable. Then you go and install a HIPS because you guess you will be more secure.

    What you should have done is to do more research. You would have found several examples of embarassing HIPS failures. You would have come to the conclusion, that this software has its own shortcomings. Some of them have can even increase your vulnerability (AFAIK not Online Armor, though). Then you would have learned of alternative approaches like the above mentioned policy restriction and virtualization applications. In all honesty, you cannot be 100% sure of them as well, so in the end you're just guessing and hoping as well. But in this case, their fallibility has not been proven over and over again. It has yet to be. So putting your faith in these applications is a much more sensible choice.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.