ProcessGuard v3 to be released! ...

Discussion in 'ProcessGuard' started by Wayne - DiamondCS, Oct 26, 2004.

Thread Status:
Not open for further replies.
  1. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    Last edited by a moderator: Oct 26, 2004
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Form an orderly queue please .... :D
     
  3. solarpowered candle

    solarpowered candle Registered Member

    Joined:
    Jan 9, 2003
    Posts:
    1,181
    Location:
    new zealand
    cool I hope you will give us nice instructions what to do going from v3 beta to v3 lol thanking you
     
  4. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    i just want an updated help file the one i got works fine on my pc
     
  5. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Great. This ruins the rest of my week, I won't be able to sleep now... THANKS A LOT. ;)
     
  6. Marine06

    Marine06 Registered Member

    Joined:
    Jan 5, 2004
    Posts:
    17
    Awesome.

    I'm doing a presentation today for my forensics class on how to secure your pc. I will definitly be utilizing DCS products in my demonstration. Hopefully, a few people purchase your wonderful products as a result. :)
     
  7. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    WOOOOOOOHOOOOOOOO!!!!

    Great news!

    Now if we can only find a way to get PG3 installed on all the US voting machines to protect them! :D
     
  8. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi Wayne,

    I am looking forward to evaluating the new version of PG. Diamondcs products and support have been invaluable to me.

    Rich
     
  9. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    I too am highly anticipating the final release of PG version 3. As soon as I am comfortable with it, my brother will be licensing/adding PG V3 to his newly upgraded XP-SP2 Dell. :)

    Hmmm, is 8:00 P.M, 31-Oct (EST USA) = 8:00 A.M., 1-Nov (Perth time)? Yep, think it is. :D
     
  10. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi siliconeman01, Usually towards the end of the working day in Perth so about 10 - 11AM Europe - I guess early morning US time 4 - 5AM :D
     
  11. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    We are trying to release the new version around 12pm Perth time (GMT+:cool: on November 1. So most people in U.S.A who stay up a little late (around 12am Sunday night) can still grab it. :)
     
  12. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Thanks Jason, Don't forget that daylight saving comes into play for Europe and the America's this weekend - Sunday morning 2AM here in the UK the clocks go back, we will be "GMT" again :D So we all get an hours "lie in"
    I think Perth is unusual in not having daylight saving time?
    The only clock I do not have to adjust is the DCS programmers clock here in my Workroom currently showing 6:02 - So enjoy your evening.

    Cheers. Pilli :)
     
  13. leeach

    leeach Registered Member

    Joined:
    Oct 27, 2004
    Posts:
    5
    i have to admit that im a bit disappointed in the PG3 beta. as a long time user of 2.0, i thought 3 would add more protection features and improvements deeper than just the GUI. from what i have seen, the opposite is true - 3 doesnt prompt for human verification before disabling any of the protection features, MD5 hashes are no longer displayed, and full protection information doesnt even seem to be logged as it was in 2.

    though 2 has been proven insecure, 3 feels even less secure. unless the final version of 3 improves over the beta, i might have to stick with 2.
     
  14. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,059
    Hi leeach

    Jason has explained the reasons the hashes aren't displayed. I think it relates to the fact only the first 16 characters were displayed. Display just wasn't that meaningful. The full protection info is logged in a text file that is readily accessible. From the alerts tab, click on view logs and it is all there. Version 3 is so much more secure than version 2 it is amazing. Physical memory is protected, services are better protected for users who have programs that install services, thru services.exe, and so on. Staying with v2.0 over 3.0 would be a big mistake IMHO.

    Pete
     
  15. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Leeach, Peter is quite correct, clicking on an alert in the alert list gives much clearer info on the alert in the panel below. The log file contains better info than in V2

    MD5 hashes are based on the first 16MB of larger files therefore the hash would be meaningless for those, this also helps with listing speed.

    Close Message Handling is now excellent and all areas of the general protections have been beefed up.

    There are many other enhancements that would take to long to list here.

    You can upgrade for free, so try it :)

    Pilli
     
  16. leeach

    leeach Registered Member

    Joined:
    Oct 27, 2004
    Posts:
    5
    i understand that hashes are based on the first 16MB of larger files, but who runs programs larger than 16MB? the only ones i have seen are self extracting archives, so that point is moot.

    close message handling is the same was it was in 2. all the beta3 log files i have examined show only information about programs executed, nothing about hooks, services/drivers, etc.. the full command line isnt even displayed in the program's log view, which i also found useful in 2. the secure desktop feature no longer takes up the whole screen, which some could argue is an improvement, although i was satisfied with how it was.

    also, no one touched my point about no human verification when changing the protection settings. i was hoping that was an I/O error on my part, but apparently not. at the very least that should be an option that you could enable!

    sure, the interface is prettier at first glance, but you cant change the color scheme like in 2; the program as a whole seems much less customizable.

    dont get me wrong, normally i love new versions of software, believe me. im not afraid of change. i just dislike when new versions of software reduce the features or configurability.

    prove me wrong. please.
     
  17. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,059
    Hi leeach

    1) Human verification on the options really isn't needed. If you are concerned about unauthorized change, use the password feature.

    2) I missed the old color scheme, but compared to the improved protection, it is a minor point.

    3) As far as being able to configure ProcessGuard, you can still configure it as before, but this caused a lot of problems with many users. The new learning mode is designed to let a new users get ProcessGuard configured properly with minimal effort.

    In this case what is under the hood, namely the protection provided has been significantly improved. That is what it is all about.
     
  18. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    I think the interface of the new version really hides the powerful (and hence advanced) features a lot better than previous versions. Our aim isn't to make ProcessGuard the most complicated YET secure program in the world, our aim is to make it the easy to use and the most secure.

    I do completely understand some of your statements as an advanced user, however just because a program is easier to use doesn't mean it is any less secure as I am sure you know. There have been thousands of improvements all across ProcessGuard for this next version.

    Whilst there havn't been as many "security features" added as compared to the 1.0 -> 2.0 transition, all the existing features have been improved. One of the biggest improvements is just the overall stability of the whole program due to the reworking of all of the old features. However I think some of the features which were added in v3.000 eclipse a lot of the other features already in ProcessGuard.

    So whilst I can understand your point when speaking strictly of "net features added", I think this release of ProcessGuard is the most important one we have ever made. In regards to your "human confirmation" concerns, we have removed that since most users found it annoying and instead will let people lock the interface when they no longer want any changes. When the interface is locked you can still view any possible alerts, etc, but settings cannot be changed. Another reason we removed those prompts is because there isn't much point in having the same functionality spread across two different featuresets.
     
  19. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    Wayne - what's this ' Not long to go now ' businesso_O?

    This guy's dangling PG in front of our eyes and saying 'not just yet, not just yet'!!!!! A Halloween Haunto_O?

    TDS 4 has been 'just around the corner' for quite sometime now, so soon we can expect to get regular 'teases and taunts' about it's imminent release!!

    So everyone, get ready for Santa's taunt just before Christmas because you won't be getting TDS 4 without first being teased and taunted until you're on the verge of a breakdown!!

    So for a taunt of my own ' count the hours and suffer you dogs for the coolest piece of security software ABOUT TO BE RELEASED soon, in only a matter of HOURS, an imminent release PG 3 FINAL - drooling yeto_Oo_O

    Keep coming back and checking because you NEVER KNOW - it might appear early!! HA!! HA!! HA!!

    Dave
     
  20. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    Dave,
    ProcessGuard is one of the main reasons why TDS4 has been delayed. Thanks for your understanding.

    Regards,
    Wayne
     
  21. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    And to understand WHY its better than having TDS4 now, you would need to know how many out there are using undetected versions of trojans. Either they buy an undetected version, hex an undetected version themselves, or CODE an undetected version - very easy when there are so many open source trojans out there. AV enthusiasts would say oh my AV has good heuristics, or has great generic signatures for that trojan. This is not correct, I've seen first hand the threat, and we aren't about to let users be compromised because 50 "scanners" say a file is clean when it's a stealth backdoor.

    The threat is simply far too great - greater than most users understand. With ProcessGuard you can block 100% of these stealth trojans. The only way to NOT get pinged by ProcessGuard would be for a trojan to remain UNSTEALTHED, in which case a simple registry monitoring program would notice it, Port Explorer would show it clearly! even netstat could see it. Backdoors are now much less of a problem for our users. Trojan coders abandoned these simple trojans long ago, for obvious reasons - they are too easy to spot and remove !
     
    Last edited: Oct 28, 2004
  22. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I hope that when you guys are done with all your major updates you can sit down and put out some material to help explain some of these trends. :) I see various "papers" from some of the pouplar AV guys, it would be great to see something from DCS' perspective.
     
    Last edited: Oct 28, 2004
  23. KoreanBoy

    KoreanBoy Registered Member

    Joined:
    Sep 16, 2004
    Posts:
    11
    I hope it will finally have the protection list importer/exporter, I have for so many times asked...
     
  24. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,059
    Hi Koreanboy

    I am not sure this is as much of an issue as before. As beta testers we have installed a significant number of beta's just working on version 3. Although in many cases one could keep the "dat" files, which saves the protection list, I for one haven't even bothered, simply because with the new learning mode, it just so easy to set up Processguard upon installation.

    Pete
     
  25. KoreanBoy

    KoreanBoy Registered Member

    Joined:
    Sep 16, 2004
    Posts:
    11
    OK, but it would be simple, useful and is a quite requested feature...
    Let's imagine we could have a set of 2 lists for process guard. One for working programs, and other for when we would not be near the pc.
    Example:
    Prevent a child from installing applications, or messing with the program files, when we are not at home, but when we are on, we should have that right. Instead of changing the list, or managing .dat files, one could simply double-click a list file and the list would automatically change to that. It was just an example of the usefulness of it. The reinstallation is just one other example.
     
Thread Status:
Not open for further replies.