pcIP - new name, big claim

It's not a matter of the alerts, but rather the big claims that can't be (or at least aren't being) backed up. Saying that it protects against termination and hijack "better" than ProcessGuard, claiming to be a full firewall when all it does is block a couple ports, claiming that the files are analyzed by live experts in realtime when it seems that they just run it through a bunch of AV scanners, claiming that they're the only one that can protect you, claiming to be the only ones to block leaktests when all they do is blacklist it from running (at least in the past), and who knows what else. The product I don't necessarily have a problem with, but rather the company and their claims. Better to go with one of the other products you mention.. probably better protection anyway, and for half the money (or less).

 

What I've noticed since installing Authensys...

1. It does not use the pcIP database of whitelisted apps. Instead, it asks for permission to run on every Windows component and application (including itself!) which makes it no more useful than ZA or simiar firewall products.

2. When I run Prevx PreView, it partially opens before pcIP suspends it and asks for permission. What if that was a rootkit instead?

3. It doesn't pass PreView or BufferZone tests. Contrary to earlier claims, catching an unknown running process is *not* the same as catching a blacklisted app.

Bottom line... has anyone *really* tested this product? Or Prevx, which makes similar claims.

 

I agree with you here on the Claims however "they" all do it.

Some that might ring a bell -"It is considered by experts to be a must-have program for all users of Windows, and is the only program available that can prevent the
infection of all known rootkit trojans."

Have you read the sentence in bold on the appdefend webpage? I'm shakin' in me boots...

 

Goto www.authensys.com and read this:

"Programs and components authentication is done
for you in real-time BY EXPERTS with
no efforts on your part."

You probably have it set to "Ask Every Time" instead of "Trust ISA Experts".

 

All four zones, both executables and components (dll's?), are set to "Ask Every Time" *by default*. So what do you think happens once Authensys is installed? That's right!... every single dingle OS component generates a pop-up for permission to run.

But even after I adjust the settings so only the "potentially dangerous" zone is set to "Ask Every Time", all the apps I run generate a pop-up. Which is why I believe it's not checking the central database - if it were then Outlook, Word, Adobe Acrobat, etc. would not appear as potentially dangerous apps.

 

I will agree that some do, but I wouldn't say all.. Online Armor, Prevx, Safe'n'Sec, DefenseWall, BufferZone, RegRun, ViGUARD, WinPatrol, ProcessGuard, Anti-Hook, SnoopFree, System Safety Monitor, and a bunch of others I'm sure, are all able to market their products without claiming that their product is something that it's not, or saying things like "...is the only system in the world that will protect you even if a hacker is using a completely unknown malicious program..." Some of them will state that they're "the best", but they're all going to think that.. it's not a blatant lie.

lol, me too

 

There are a number of other web based Apps that compare using white listing of authenticated programs etc, here's just a few examples.

Online Armor

As far as i'm aware OA is not only a behaviour based system, but can also upload data about your Safe/Unsafe Apps to it's central database for cross checking.

. . .

This next one is quite new and Free.

. . .

myNetWatchman SecCheck

SecCheck is a Windows forensic tool which aids in the detection and removal of malicious applications, backdoors, trojans, worms, and viruses that may be unknowningly installed on your computer. This is accomplished by collecting the following information from your system and reporting it back to you in a web page or text file:

Currently active processes
Defined services
Startup folder items
Startup Registry Key contents
Applications listening for inbound connections
Applications with active network communications
Active Browser Helper objects (BHOs)
Installed ActiveX controls
Module dump (DLLs) for all active applications

http://www.mynetwatchman.com/tools/sc/


Prevx

When you use Prevx1 Pro your system becomes part of a huge community of PCs. Being part of that community allows your PC to learn about and protect against new and evolving threats much faster than using conventional security products. Whenever, your PC tries to install or run a program it has never seen before it interrogates our centralised community database to find out if the program is known and safe to run. If it is then the program will be run without delay or interruption. If not the program will be blocked and you will be alerted to the risk it poses.


StevieO

 

Hi StevieO,

This is correct - we have a centrally maintained whitelist/blacklist, just did a major update of it about a week ago.

Cheers

Mike

 

I assume that Authensys asks you so much, because of all the potentially dangerous filename extensions. You need to switch to "Trust ISA Experts" mode:http://authensys.com/i/mainview.gif

 

LOL
Ok - I hear you, but quote one is DCS.

Heres APT or advanced process nonsense termination:
"DiamondCS APT offers seven different methods of process termination - the only thing we know of that can stop all 7 methods is Process Guard! "

Have they looked at all ever at what is available? So while true, it applies to my hair also (because i haven't looked into it)

How many do you know will stop APT? I know a bunch. Thats Childs play. junk talk. The only thing i know of to stop all 7 methods that I am aware of is my hair.

 

Hehhehehe, ok, I think you got me on that one. DCS still isn't as bad as some of the others, but certainly do some 'junk talk'. It actually seems to me like they did some more of that in the past, but I can't really recall.

 

Okay, Notok I was actually responding to the big Cheerleader of pcIP here about how the central database thing is a big deal. But as for the others.

Well from what the 'cheerleader' is claiming, this means better in the sense that the user doesn't have to make the decision. But on the off chance it refers to real better that it can surivive termination attempts that PG doesnt, we have no evidence it does. We have no evidence it doesnt either.

As for claiming to be the only ones to be able to protect you, as commented already it's a very common line. I bet there are products in which you play cheerleader, which make similar claims.

To be fair to DCS, they might claim that at the point in time they wrote this which was what 2 years ago? It was probably true. Of course, that's the thing about the market, any gains you make, is not going to last.

I wonder which experts this quotation is referring to. Must be all the 'experts' in Wilders.

 

Hehe, ok, I'll concede that I did misread your post, I thought you meant "big deal" in the opposite way that you did.

Don't go there, you know by now that I recommend different products for different people.. which one I talk about most at any given time is directly related to what I have to offer over others around here, and changes as new things come up.

As for the rest of the statement, I'd say that it's common among the "rogue" products (which outnumber the legit ones), which is kind of the point. If you really look at the website for legit products they don't use that kind of verbage as much, although they are certainly going to try to convince you that theirs is the best, otherwise they need to find new marketing guys Seriously, though, there's a difference between saying "We're the best! We can offer what your current software can't!" (very common) and saying "We're the only ones in the world that can protect you" implying "don't use our software and you'll suffer the consequences!" - or even further, directly stating that they're better than one of the small guys that most of the world hasn't heard of, and not offering anything to back it up, offering only false claims (saying it's a firewall) and/or deceptive claims (saying they can defeat leaktests, and doing so by just blacklisting the executable, although that was before making this authentisys program). There have been some companies that made some of these kind of claims, but stopped shortly after.. with these guys it just seems to keep going. Anyway, you get the idea, I don't think you and I are on all that different of pages

Really, though, if you disagree with me that it's not that common among the legit products, take a look at the websites of the well known and respected products that we all talk about here, I found more reasonable ones than not. The legit products seemed more intrested in convincing you of how the program works and how it can supplement what you already know, rather than trying to convince you that nobody else out there can protect you at all. RegRun was the closest, and they just said that you need something else to complete your security setup, and then goes on to explain why RegRun is your best choice. Their presentation might be a little edgy, but they're not misrepresenting the program.

I agree, it doesn't count when it's actually true The update is just around the corner, though.. they still have "just released" on there for PG.

I still haven't used AppDefend, so I must not be an expert

 

Ah... English, the language where slim chance and fat chance means the same thing...

Oh sure, did i say otherwise? But that doesn't mean that as a partisian supporter of certain products hence you tend to overlook certain flaws in those products you support or make apologist remarks for products that you do favour. Everybody does it, even me.

As for your arguments about the difference in claims, while i agree rogue products might perhaps tend to be far more aggressive in marketing, I think it is mostly a different in degree rather than kind.

As you point out , Appdefend and Proccessguard make pretty strong claims, surely you are not saying they are rogue products? Besides as you have remarked, it is pretty common for products in this genre (regrun for example)to argue that

1) They are the only ones with a certain unique feature

and

2) This feature is necessary to protect you.

Are they all rogue products?


About PG claims.

Ah... then by your argument,. Processguard is a rogue product?

Of course, you just like to argue.