Ok, we can think about what you have suggested. If let's say, we have put the lockdown mode as the default, will you be frustrated with the fact that you can't run any new application downloaded from the internet as it is being blocked by SecureAPlus automatically?
Well I would be content. If I needed to download and install something, I can always change it allow all, (considering I understand the risks) and then maybe a five minute timer would revert it to default deny again. Thanks.
Hi Kelvin, noted your point Hi guys, what do the rest of you think? Do you prefer the default action to be “blocked for unknown files” (ie the lockdown mode)? Hope all of you can share your view
Yes, this is great idea. I prefer "Default Deny" approach cause it is the best for security. Everything already installed is whitelisted and new executables are auto-blocked. If the user wants to install something he just needs to switch to Alert/Install mode through tray icon. After installation is finished he manually restores Auto-block mode. You could also add auto-restore option in x minutes if the user forgets to do it. This is how VoodooShield and ERP work.
Fantastic suggestion siketa What about the rest of you guys? Do you all also share the same view as Kelvin and siketa that the default should be blocked file mode?
I think it should definitely be an option to start. Default/deny is a one of the better ways to keep your system safe. Maybe if you pair that with crystal cloud look up, it could be integrated as a rating system.
Yeah, I hope you can pair crystal cloud lookup to rate the files that are executing, giving you a better chance to choose the right option!
Not quiet. Here is why. Some times some apps like those portable ones do not need installing and just open or run and if automaticaly default denied then it would cause headache. There should be the option to allow the same way as it is now. SO your method needs the option of allowing.
Thanks kjdemuth, kelvinW4, taleblou and siketa for sharing your views. I do agree that if the default mode is blocked will remove the prompting hassles to the users. But taleblou's comment about the potential headache of not being able to run a program is really my concern too... But I think the suggestions by kelvinW4 and siketa are viable. If base on siketa's suggestion, we can put the default as block files and users can choose to allow installation at the tray icon with time duration option like 30 mins, 1 hour and so on. Once time is up, the default block option will be restored. At the tray icon, users can also still choose the existing SecureAPlus option. This hopefully will address the headache that taleblou has mentioned. taleblou, what do think? siketa, what does RMB mean? Any more thought to this? Please feel free to comment
I think its a great idea. However, I think 30 minutes is too long, and default should be 5 minutes or so. RMB means right mouse button.
If 5 minutes is default, do you think it is necessary to provide other duration time option like 30mins and so on?
Well, I think default at 5 is good, and it can be user specified so they can decide when it will auto lockdown. We must consider the risks such that ANYTHING can slip between that period Thanks.
Just exploring various options. How about if the default is still the same as the existing SecureAPlus but allow users to choose the lockdown option at the tray icon. Once the user enable the lockdown option at the tray icon, SecureAPlus tray icon will change to show that it is in the lockdown mode. User can also revert back to the default setting at the SecureAPlus tray icon. What do you think?
Thanks kelvin and siketa for your feedback What about taleblou, solarlynx and the rest of you guys? What do you think? One more thing: Do all of you think that SecureAPlus has too many UAC prompts?
How about this. Temperarly secureaplus default deny blocks a unknown or non-whitelisted app with a popup message like "blocked while scanning with virustotal" while it scan it with Virustotal and if it is found clean or safe then another popup comes with a message like this: "the (app name) appears to be clean, Still proceed with caution" and then the allow once or whitelist botton option is given so the the user can choose. Also in the whitlisting section it shoold be allowed for user to add a app of his choice so that it will not be denied by the default deny process.
Great taleblou This is another perspective that we can take into consideration. In the whitelisting section, SecureAPlus already allow users to manually add an app to trust at the Trusted Certificate tab. Some of the posters suggested Crystal Security. What is your view?
I used crystal security before and it is good although a bet buggy. The VT scanner of crystals ecurity was fst and good but the others, specialy CIMA was slow. ALso I fouhnd other bugs in it. ANyway crystal security sued virustotal and comodo and others if I am not mistaken. But what I suggested above in my perivious post would be great idea.
Try to talk with Hitman Pro about using their scan technology instead of clamav. It would be way faster, safer and grants several other advantages
For av scan I think a mult-av scan like hitman pro is a good idea for secureaplus. I think the AVs should be bitdefender, Kaspersky, AVIRA, Malwarebyte.