Discussion in 'ProcessGuard' started by Wayne - DiamondCS, Oct 26, 2004.
Not long to go now.
Form an orderly queue please ....
cool I hope you will give us nice instructions what to do going from v3 beta to v3 lol thanking you
i just want an updated help file the one i got works fine on my pc
Great. This ruins the rest of my week, I won't be able to sleep now... THANKS A LOT.
I'm doing a presentation today for my forensics class on how to secure your pc. I will definitly be utilizing DCS products in my demonstration. Hopefully, a few people purchase your wonderful products as a result.
Now if we can only find a way to get PG3 installed on all the US voting machines to protect them!
I am looking forward to evaluating the new version of PG. Diamondcs products and support have been invaluable to me.
I too am highly anticipating the final release of PG version 3. As soon as I am comfortable with it, my brother will be licensing/adding PG V3 to his newly upgraded XP-SP2 Dell.
Hmmm, is 8:00 P.M, 31-Oct (EST USA) = 8:00 A.M., 1-Nov (Perth time)? Yep, think it is.
Hi siliconeman01, Usually towards the end of the working day in Perth so about 10 - 11AM Europe - I guess early morning US time 4 - 5AM
We are trying to release the new version around 12pm Perth time (GMT+ on November 1. So most people in U.S.A who stay up a little late (around 12am Sunday night) can still grab it.
Thanks Jason, Don't forget that daylight saving comes into play for Europe and the America's this weekend - Sunday morning 2AM here in the UK the clocks go back, we will be "GMT" again So we all get an hours "lie in"
I think Perth is unusual in not having daylight saving time?
The only clock I do not have to adjust is the DCS programmers clock here in my Workroom currently showing 6:02 - So enjoy your evening.
i have to admit that im a bit disappointed in the PG3 beta. as a long time user of 2.0, i thought 3 would add more protection features and improvements deeper than just the GUI. from what i have seen, the opposite is true - 3 doesnt prompt for human verification before disabling any of the protection features, MD5 hashes are no longer displayed, and full protection information doesnt even seem to be logged as it was in 2.
though 2 has been proven insecure, 3 feels even less secure. unless the final version of 3 improves over the beta, i might have to stick with 2.
Jason has explained the reasons the hashes aren't displayed. I think it relates to the fact only the first 16 characters were displayed. Display just wasn't that meaningful. The full protection info is logged in a text file that is readily accessible. From the alerts tab, click on view logs and it is all there. Version 3 is so much more secure than version 2 it is amazing. Physical memory is protected, services are better protected for users who have programs that install services, thru services.exe, and so on. Staying with v2.0 over 3.0 would be a big mistake IMHO.
Hi Leeach, Peter is quite correct, clicking on an alert in the alert list gives much clearer info on the alert in the panel below. The log file contains better info than in V2
MD5 hashes are based on the first 16MB of larger files therefore the hash would be meaningless for those, this also helps with listing speed.
Close Message Handling is now excellent and all areas of the general protections have been beefed up.
There are many other enhancements that would take to long to list here.
You can upgrade for free, so try it
i understand that hashes are based on the first 16MB of larger files, but who runs programs larger than 16MB? the only ones i have seen are self extracting archives, so that point is moot.
close message handling is the same was it was in 2. all the beta3 log files i have examined show only information about programs executed, nothing about hooks, services/drivers, etc.. the full command line isnt even displayed in the program's log view, which i also found useful in 2. the secure desktop feature no longer takes up the whole screen, which some could argue is an improvement, although i was satisfied with how it was.
also, no one touched my point about no human verification when changing the protection settings. i was hoping that was an I/O error on my part, but apparently not. at the very least that should be an option that you could enable!
sure, the interface is prettier at first glance, but you cant change the color scheme like in 2; the program as a whole seems much less customizable.
dont get me wrong, normally i love new versions of software, believe me. im not afraid of change. i just dislike when new versions of software reduce the features or configurability.
prove me wrong. please.
1) Human verification on the options really isn't needed. If you are concerned about unauthorized change, use the password feature.
2) I missed the old color scheme, but compared to the improved protection, it is a minor point.
3) As far as being able to configure ProcessGuard, you can still configure it as before, but this caused a lot of problems with many users. The new learning mode is designed to let a new users get ProcessGuard configured properly with minimal effort.
In this case what is under the hood, namely the protection provided has been significantly improved. That is what it is all about.
I think the interface of the new version really hides the powerful (and hence advanced) features a lot better than previous versions. Our aim isn't to make ProcessGuard the most complicated YET secure program in the world, our aim is to make it the easy to use and the most secure.
I do completely understand some of your statements as an advanced user, however just because a program is easier to use doesn't mean it is any less secure as I am sure you know. There have been thousands of improvements all across ProcessGuard for this next version.
Whilst there havn't been as many "security features" added as compared to the 1.0 -> 2.0 transition, all the existing features have been improved. One of the biggest improvements is just the overall stability of the whole program due to the reworking of all of the old features. However I think some of the features which were added in v3.000 eclipse a lot of the other features already in ProcessGuard.
So whilst I can understand your point when speaking strictly of "net features added", I think this release of ProcessGuard is the most important one we have ever made. In regards to your "human confirmation" concerns, we have removed that since most users found it annoying and instead will let people lock the interface when they no longer want any changes. When the interface is locked you can still view any possible alerts, etc, but settings cannot be changed. Another reason we removed those prompts is because there isn't much point in having the same functionality spread across two different featuresets.
Wayne - what's this ' Not long to go now ' business?
This guy's dangling PG in front of our eyes and saying 'not just yet, not just yet'!!!!! A Halloween Haunt?
TDS 4 has been 'just around the corner' for quite sometime now, so soon we can expect to get regular 'teases and taunts' about it's imminent release!!
So everyone, get ready for Santa's taunt just before Christmas because you won't be getting TDS 4 without first being teased and taunted until you're on the verge of a breakdown!!
So for a taunt of my own ' count the hours and suffer you dogs for the coolest piece of security software ABOUT TO BE RELEASED soon, in only a matter of HOURS, an imminent release PG 3 FINAL - drooling yet
Keep coming back and checking because you NEVER KNOW - it might appear early!! HA!! HA!! HA!!
ProcessGuard is one of the main reasons why TDS4 has been delayed. Thanks for your understanding.
And to understand WHY its better than having TDS4 now, you would need to know how many out there are using undetected versions of trojans. Either they buy an undetected version, hex an undetected version themselves, or CODE an undetected version - very easy when there are so many open source trojans out there. AV enthusiasts would say oh my AV has good heuristics, or has great generic signatures for that trojan. This is not correct, I've seen first hand the threat, and we aren't about to let users be compromised because 50 "scanners" say a file is clean when it's a stealth backdoor.
The threat is simply far too great - greater than most users understand. With ProcessGuard you can block 100% of these stealth trojans. The only way to NOT get pinged by ProcessGuard would be for a trojan to remain UNSTEALTHED, in which case a simple registry monitoring program would notice it, Port Explorer would show it clearly! even netstat could see it. Backdoors are now much less of a problem for our users. Trojan coders abandoned these simple trojans long ago, for obvious reasons - they are too easy to spot and remove !
I hope that when you guys are done with all your major updates you can sit down and put out some material to help explain some of these trends. I see various "papers" from some of the pouplar AV guys, it would be great to see something from DCS' perspective.
I hope it will finally have the protection list importer/exporter, I have for so many times asked...
I am not sure this is as much of an issue as before. As beta testers we have installed a significant number of beta's just working on version 3. Although in many cases one could keep the "dat" files, which saves the protection list, I for one haven't even bothered, simply because with the new learning mode, it just so easy to set up Processguard upon installation.
OK, but it would be simple, useful and is a quite requested feature...
Let's imagine we could have a set of 2 lists for process guard. One for working programs, and other for when we would not be near the pc.
Prevent a child from installing applications, or messing with the program files, when we are not at home, but when we are on, we should have that right. Instead of changing the list, or managing .dat files, one could simply double-click a list file and the list would automatically change to that. It was just an example of the usefulness of it. The reinstallation is just one other example.
Separate names with a comma.