Quaresso--My Protect

Discussion in 'other anti-malware software' started by 1000db, Aug 29, 2010.

Thread Status:
Not open for further replies.
  1. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
    I saw this program, or service rather, tested by MRG in their online financial security test. Anybody have any experience with it? I've been trying it out and so far it's pretty solid. I don't pretend to be a professional tester but so far it seems pretty simple and effective.

    hxxp://www.quaresso.com/index.php?/myprotect/
     
  2. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    what kind of program is it?antivirus?
     
  3. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
    From the Quaresso site:

     
  4. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
    On their site there is a leaktest tool that can be used to test your existing apps. I never give too much credibility to these programs but I am having a hard time testing it. So far it has protected against it's own leaktest utility and two of Zemanas. It does fail Zemanas keyboard logging utility though. I kind of like the concept they are using. I would post screenshots but it does a pretty good job at blocking those.
     
  5. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    thanks for the info
     
  6. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Can you post a link to this leak test? Thanks
     
  7. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
  8. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
    ***Update***

    I just ran the new SpyShelter test utility and My Protect fails the screen capture portion of it. It did well against the key and clipboard logging though.
     

    Attached Files:

  9. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Quaresso LeakDetector Test

    Mod edit:Merged the thread into original

    1000db posted the QLD in here - https://www.wilderssecurity.com/showthread.php?t=280749

    Didn't want to hijack that thread with other products.

    @ 1000db

    Thanks for the Quaresso LeakDetector link :) Nice tool :thumb:

    ProcessGuard blocked the .EXE and the Global Keyboard Hook, so i allowed them. Zemana then blocked, Clip/Key/Screen capture :thumb: so i allowed them too.

    TEST on XP/SP2 - IE6


    Keystroke Monitor = FAIL

    Screen Monitor = FAIL

    IE Cache Monitor = PASS

    Clipboard Monitor = FAIL

    IE Cookie Monitor = FAIL

    IE Com Monitor = FAIL

    IE Password Store Monitor = ? Don't have any PW's

    Prevx didn't block Anything :eek:
     
    Last edited by a moderator: Aug 30, 2010
  10. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
    The two failures that I mentioned in my posts above were already documented and apparently being fixed soon (no timetable given). They responded promptly to my feedback and gave reasonable explanations too. :thumb: to their support.
     
  11. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
  12. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
    Apparently Quaresso's free product "My Protect" has been updated and now passes all the tests it failed before. It is also 64-bit compatible now but I can't get it to work with IE9 beta. If some one that doesn't use IE9 beta could test it's 64-bit compatibility; it would be cool if you also posted the results here.
     
  13. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,873
    Just tried the first link and got this ... :doubt: , so I just clicked on reject.

    Not sure what to make of this, if anything. :doubt:

    P.S. I haven't installed "My Protect", and don't intend to...just trying the link. ;)
     

    Attached Files:

  14. vtol

    vtol Registered Member

    Joined:
    Apr 8, 2010
    Posts:
    774
    Location:
    just around the next corner
    not unix/linux at this time.

    perhaps a misconception my end, but seem that the traffic is being routed through the Q myProtect box. the company seems to be located in TX/US and I am thinking twice to route traffic through there (I know, I know it eventually passes through a US controlled router at some point anyway)
     
  15. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
    I didn't catch that earlier. Drop.io has been sold to Facebook and all the free "drops" are apparently no longer working. My protect can be found at quaresso.com.
     
  16. vtol

    vtol Registered Member

    Joined:
    Apr 8, 2010
    Posts:
    774
    Location:
    just around the next corner
    the domain, the service, the technology or all of it? makes it all more the suspicious.

    from Q privacy Policy / Data Security

    would not touch it with a barge pole. and particularly not on a corporate/enterprise level. also curious that it is being advertised through an online financial security test
     
    Last edited: Nov 30, 2010
  17. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
    Drop.io was a service for file hosting and not in any way affiliated with Quaresso. I had put a test tool on drop.io at the request of other users, which is no longer available, and that first link is now useless.
     
  18. vtol

    vtol Registered Member

    Joined:
    Apr 8, 2010
    Posts:
    774
    Location:
    just around the next corner
    thanks for the clarification and pardon my ignorance as not using this sort of public cloud storage
     
  19. quaresso

    quaresso Registered Member

    Joined:
    Dec 1, 2010
    Posts:
    4
    Location:
    Austin, TX
    Vtol,

    A bit of clarification on MyProtect (disclosure: I am employed by Quaresso):

    Quaresso hosts the MyProtect service, but once we deliver the armored browser to you, you are free to go wherever. We do NOT proxy your web surfing, we do not track where you go, etc. And 1000db is correct, we have no affiliation with drop.io.

    The service is intended to provide a free, superior - at least we think - version of private browsing modes. Superior as it includes key logger and screen capture defenses, some strong anti-injection defense and we encrypt all the session content committed to disk (i.e., cache, history, cookies, password store) and securely delete them at the end of the session.

    HTH
     
  20. vtol

    vtol Registered Member

    Joined:
    Apr 8, 2010
    Posts:
    774
    Location:
    just around the next corner
    appreciate the feedback/input/insight.

    when I get time will check about your proxy statement with a packet sniffer or something.

    the remainder cannot be checked, assuming that the MyProtect agent is similar like a thin client, proprietory code communicating with your servers via encrypted link.

    do not get me wrong, just the country your are based in hasn't been lately a role model in various aspects of data use, internet and the like and thus it probably does not matter for any of your countrymen/women to utilize your service. one residing outside though might think about it.

    your privacy and data security policies as cited are not encouraging either.

    and there is no mentioning about the people behind Q, except this vague statement
     
  21. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
    Welcome to Wilders. I'm glad you can provide us some insight to your product. :thumb:
     
  22. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
    What is the idea behind logging in to an account to launch the armored browser as opposed to having a locally installed application? Thanks.
     
  23. quaresso

    quaresso Registered Member

    Joined:
    Dec 1, 2010
    Posts:
    4
    Location:
    Austin, TX
    You may be on a machine that you may not trust (e.g., internet cafe, your work PC, your teenage child's PC :) , etc.), but you want to have a private web surfing session. Our armored browser can be delivered to any Windoze machine you are on. The only requirements we have is JS enabled and either ActiveX or Java (for non-IE browsers) is enabled.
     
Loading...
Thread Status:
Not open for further replies.