Secure Folders to protect folders (and use as anti-executable)

Discussion in 'other anti-malware software' started by Windows_Security, Oct 21, 2014.

  1. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    1,920
    Where do I find these programs? What are they like? Are they similar to SF? Free/Paid?
    Thanks for your help in advance.
     
  2. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    Pumpernickel, or FIDES as it will soon be named, is from Excubits: https://excubits.com/content/en/home.html is in beta, and (still) available for free here: https://excubits.com/content/en/products_beta.html
    It offers file protection. I use it to protect my external USB backup images and files.
    It is a configurable driver and has no GUI like Secure Folders - rules are set using a defined syntax - so it may not be to your liking. It is a bit geeky, but I didn't find it to difficult to get my head around it, with the
    help of a video at the Newsblog tab at the Excubits site, and the Wilders thread below.

    Excubits are also the authors of Bouncer (executable protection) and MemProtect (memory protection) and seem to be well respected here at Wilders: https://www.wilderssecurity.com/thr...-tuersteher-light.359127/page-61#post-2611461 where you will also find valuable insight and tips.
     
    Last edited: Aug 19, 2016
  3. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    1,920
    Thank you very much for the detailed information, paulderdash. I will have a closer look at Pumpernickel as soon as possible.
     
  4. It applies NTFS Access Control Lists per user, so you set a deny execute/traverse folder (no execution)
     
  5. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Same here and to answer the reply on all it's good for is just to hide folders? Obviously they never took SF out for an extended spin at all.

    SF does a solid job with extensions added on the fly too amongst the other safety coverage and I will be sticking with it because so far nothing I throw at it so far is gave reason for any doubts.
     
  6. guest

    guest Guest

    SFs hide folders if you use explorer normally, however if you open explorer from an application, nothing is hidden anymore :thumbd:
     
  7. majoMo

    majoMo Registered Member

    Joined:
    Aug 31, 2007
    Posts:
    994
    I can't confirm that!
    1. Throught cmd windows I can't open a hide folder done with SFs.
    2. Throught Total Uninstall I can't open a hide folder done with SFs also.
     
  8. guest

    guest Guest

    you just confirmed it ; hiding and opening isn't the same thing. you can see hidden folders , you shouldn't ;)
     
  9. TI
    I still use secure folders on my wife's laptop. She uses photo book software which installs in Appdata user folder. I had to make an allow path in my Software Restriction policy, by denying write access with secure folders (allowing update only write access) it sort of gets a better than UAC file protection. Better because it is set and forget with zero user interaction.

    I have partitioned my wireless network except for shared printer and NAS, so don't mind the internal network drive weakness (I also have an IP access filter to NAS and printer, so only when router is hacked I am pawned, when somebody hacked your router you are in big problems anyway, so this weakness would be one of my lesser concerns in that situation)
     
    Last edited by a moderator: Aug 28, 2016
  10. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    In your fellow's honest and experienced opinions can this tool be of any positive use against Mr Crypto type malware (excluding of course MBR related) in manually selecting areas/folders maybe even files in thwarting and warding off?

    NTFS Permission Tool x32 x64

    http://dbcstudio.net/software/npt/main.html

    We only briefly at the time touched on it while debating SF, but at least one reply seemed to find discrepancies on their systems such as certain permissions not showing accurately.

    I assume FIDES pretty much made for dismissing it but like to get your thoughts or opinions (if any) on NTFS Permissions Tool too,
     
  11. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    The only problem I see is you are blocking access to data which you probably need to access. Even SF allowed trusted programs to access the data. FIDES is tough to beat once you set it up.
     
  12. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    Eset blocked it as a PUA:

    Eset_PUA.png
     
  13. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    OK, playing with it a bit overnight it does ok per say and ad hoc for permissions but with one serious drawback IMO.

    It uses Windows Native internal mechanism ONLY whereby Secure Folders incorporates (Like FIDES) a SYS aka: Driver File which in a manner of speaking but also as a matter of FACT, carries more AUTHORITY to conduct it's blocks, read-only etc.

    I tried using NTFS File Permissions Tool to undo some SF assignments and the poor thing couldn't do squat about that.

    PS: Oh, I practiced on Windows 8.1 64 bit (not Pro Version)

    BTW, the file is as SAFE as a sandworm. Nothing malicious.
     
    Last edited: Jan 10, 2017
  14. It uses NTFS Access Control List, so yes you can undo it with another ACL tool. :D
     
  15. guest

    guest Guest

    ...or icacls.exe :)
     
  16. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    411
    Location:
    router
  17. @C022 going to play with it now, thx

    It is a swiss knife for (re)setting permission besided folder/files also registry and processes. With the lite free version you can only add / merge permissions, but I could not find deny permissions. The lite version can help to reset/recover user folders.

    Good find :thumb:
     
    Last edited by a moderator: Jan 10, 2017
  18. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    411
    Location:
    router
    you are welcome yep tried just good for resting,price expensive also!
     
  19. Playing again with Secure Folders, really like the simplicity of using an internal windows mechanism (users and ACL). On my Windows 7 it is faster than PumperNickel/Fides (which delays Office program startups with 0.2 secs), but the real benefit is setting no-execute on folders in combination with read only on file extensions).

    upload_2017-2-19_22-25-17.png
    upload_2017-2-19_22-28-21.png
     
    Last edited by a moderator: Feb 20, 2017
  20. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    HI Kees

    Keep posting. We are watching.
     
  21. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Nice list.

    Secure Folders to me is been the best thing since my ole favorite HIPS ya know, EQS w/Alcyon Rules.

    Zips up those extensions and so much more nicely enough in this camp
     
  22. clubhouse1

    clubhouse1 Registered Member

    Joined:
    Sep 26, 2013
    Posts:
    1,124
    Location:
    UK
    This is one of the first softwares I add to any Win 7 installation, an essential for me.
     
  23. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Capital ideal too. If only while they had time if they could have also added the same to Registry Branches. Oh how I wish on that one.

    Nonetheless as-is this is a useful & worthy safety mechanism compliment.
     
  24. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    3,344
    Location:
    Europe, UE citizen
    The link in the first post here doesn't seem work: did I lose something ?
    - someone can do to me a synthetic comparison with AppGuard ?
     
  25. Deckard

    Deckard Registered Member

    Joined:
    Dec 13, 2016
    Posts:
    46
    Location:
    France
    Hi Windows_Security,
    Have you notice a delay on all applications ?
    I tested on 3 applications, IrfanView, Vivaldi (the browser) and LibreOffice Writer, before and after Pumpernickel/Bouncer installed. I have this 0.2s delay only with LibreOffice. No difference for IrfanView and Vivaldi. I will do more investigation on that.
    The size of the window influences the speed of execution so I will do my tests in full screen to avoid false interpretations; something I did not check meticulously in my previous tests.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.