SecureAPlus Freemium

Discussion in 'other anti-virus software' started by sinlam, Jul 24, 2013.

  1. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    171
    Location:
    VPN city
    The UAC doesn't really protect against malware, it's more of a measure for an admin to protect important parts of the system from users. As such, I would highly recommend enabling the password protection on it with the use of that registry tweak that you can google to find.

    I don't like windows defender. It doesn't just deal with the threat when it catches things anymore. To actually deal with a threat that it detects you need to open the interface to "start actions" and quite often, you get an error after doing that.

    If you're looking for a good antivirus. Bit defender is pretty decent, but has the same weakness to unknown threats that windows defender does. Voodooshield is an excellent addition to any setup. And that one I would highly recommend paying for.
    1. It supports the development of a good product that still works just fine even if you're using the free version of it.
    2. paying for it unlocks the password protection feature, which serves to add another layer of tamper protection to a lot of critical system components that that UAC also protects when password protected, thereby locking the system down even more.

    If you're looking for a good standalone product, comodo is damn good, even if their virus database isn't.
    See, comodo gets lower scores in a lot of reviews, but those reviews never talk about all of the other stuff that comodo has to make up for that lack of antivirus scan detections. I've made posts elsewhere on here about how to configure it so that it won't give you any "yes/no?" alerts. Anyway, this thread is about SecureAPlus, not either of the other two whitelisting products that still offer free versions that work.
     
  2. hendy

    hendy Registered Member

    Joined:
    Sep 15, 2014
    Posts:
    258
    We thank you for your support to our software, and we hope that you can continue to support us in the future.
    In the Lite version, some of the advanced features, such as whitelisting script files, protection against fileless attack, are still enabled. These are some areas that sometimes may not be covered by a traditional antivirus.

    In the Lite version, we try to provide the basic security necessity that is targeted for home users.
    For advanced and enterprise users, that may require higher security standard, they may go for Essentials or Pro version.
     
  3. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    171
    Location:
    VPN city
    Trusting by a just publisher signature gives basic whitelisting protection. Trusting by an MD5 hash AND a publisher signature is whitelisting that always works.

    And yes I acknowledge the fact that comodo trusts files based on a publisher signature too, but for some reason comodo doesn't miss anything if it's been set to block unknown files instead of sandboxing them.
     
  4. JohnBurns

    JohnBurns Registered Member

    Joined:
    Jul 4, 2004
    Posts:
    742
    Location:
    Oklahoma City
    GrDukeMalden, based on your posts, I uninstalled SecureAPlus Freemium Free.
     
  5. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    6,690
    Location:
    Hawaii
    I really like the paid version of S.A.P. The protection is tight & its impact is light.

    Actually, I prefer to PAY for the software I use. All (and I mean ALL) of the freebies that I used in the past are no longer in existence. Oddly enough, the people who create & maintain apps like SecureAPlus need food, medical care, clothing, & shelter -- all of which cost money. Also, I have noticed that "freeware customers" (please excuse the oxymoron) seem to offer the most vehement criticisms. I wonder why? :cautious:
     
  6. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    12,156
    Location:
    The Netherlands
    Can someone explain what's so bad about the freeware version? Does it protect against malware or not?
     
  7. Bertazzone

    Bertazzone Registered Member

    Joined:
    Apr 13, 2018
    Posts:
    208
    Location:
    Wonderland
    The real time component for the Lite version:
    - Application Whitelisting
    - APEX (low sensitivity only)
    You still can use UAV (Universal AV) for Full System Scan, but not for real-time scanning

    Some people would like more than the low sensitivity. You'll likely need a companion AV or something to complement SAP, depending on your preferences.
     
  8. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    171
    Location:
    VPN city
    The free version doesn't use the whitelist made by SecureAge, it uses microsoft's whitelist to "protect" the PC.
    The paid versions are still good, the free version is worthless now.
     
  9. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    171
    Location:
    VPN city
    The application whitelisting on the free version is "trusted by the OS"-only. Meaning the free version is no longer worth using, because microsoft is MUCH less selective about what they add to their whitelist than SecureAge and Comodo are. So if you're going to use SecureAPlus, you absolutely MUST pay for it in order to make it work the way it always had been up until 6.0.0
     
  10. hendy

    hendy Registered Member

    Joined:
    Sep 15, 2014
    Posts:
    258
    I think I need to clarify what is the trusted by OS in the context of SecureAPlus. Trusted by OS here means that the certificate that used to sign the file is trusted by OS. You can check whether a file is signed or not, by right click on it, and select Properties.
    upload_2019-10-15_13-32-4.png '
    After that, you can go to Digital Signature tab:
    upload_2019-10-15_13-17-17.png

    Click on Details button, if the certificate is signed using a valid certificate that is trusted by Microsoft, you should see "The digital signature is OK".

    upload_2019-10-15_13-18-26.png

    Most of the well known software vendors usually digitally sign their software, although you may also find some freeware or open source applications are not signed.

    Most of the viruses/malware are usually not signed, or signed using their self created digital certificate, which is not trusted by the OS (Microsoft).
    Here is an example of a malware that is signed with its self created "Google Inc" digital signature, and if you check carefully, Microsoft will say that "The digital signature is not valid".
    upload_2019-10-15_13-22-55.png

    SecureAPlus Lite is able to block this kind of malware.
     
    Last edited: Oct 15, 2019
  11. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    6,690
    Location:
    Hawaii
    Thank you for that clarification.

    There are a goodly number of free AV apps, such as those offered by Avast, Avira, & Comodo. Every one of those free security apps lacks some of the features that are in the paid versions, but -- even so -- the free versions still provide their users with a workable degree of protection. Regrettably, it appears that the free version of SecureAPLus has been scaled down so far below its paid version that the free version might very well lead its users to a false sense of security. We need to warn our associates, friends, families, and other forums of that fact.
     
    Last edited: Oct 15, 2019
  12. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    20,821
    SecureAPlus v6.0.1 Released (October 15, 2019)
    Website
    Release Notes (Forum)
    Download / https://www.secureaplus.com/download/download-thank-you/
     
  13. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    171
    Location:
    VPN city

    Yes, like I said, the mechanism that enforces microsoft's whitelist is S.A.P. and not smartscreen. And I've said this many times. Just because a file has a valid publisher signature does not mean it's safe.

    The bad rabbit ransomware had a valid digital signature from Symantec and several years ago there was lots of malware with valid digital signatures from Verisign. A lot of which even comodo didn't catch, because of the way its whitelisting worked back then.

    So if all it takes for S.A.P. lite to allow a file is for a publisher signature to exist in microsoft's database, which again microsoft is much less selective about what gets added to that list, then the free version of S.A.P. may as well not even exist.

    I urge you to unlock the ability to change that setting for the free version. Because otherwise you'll be giving your users a false sense of security.

    It's one thing to lock up APEX and to force your free users to always submit unknown files, but if you ruin the one thing that has always made it better than so many other products there's no point in using the free version.
     
  14. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    171
    Location:
    VPN city
    That's good, because if you have to pay real money for software, then there's less incentive for them to sell your data.

    Also, I'm not exactly your typical freeware user. Even with comodo a program I've never spent a penny on, I've reported lots of glitches and problems with their software to them as well as a few things they mistakenly whitelisted.

    And with S.A.P. I was part of the viral security program for years, I was a beta tester of APEX and the mobile app. So I was advertising their product for them and I was regularly reporting any problems I discovered in the software to them.

    And even off screen I recommended S.A.P. to my friends. They were getting tons of free advertising off me. I even went out of my way to advocate for them any time someone made a misinformed and/or misleading claim about the protection it offers.

    When I first found out about the way the whitelisting settings are locked in the worst position for the free version of S.A.P., I was heartbroken. The heart of the software, the one thing in it that made the whole thing work had been ruined for the free version.

    And now when a troll in a comment section or a professional reviewer makes the claim that the free version of S.A.P. doesn't do a good job at protecting the PC, It won't be misleading claim.
     
  15. hendy

    hendy Registered Member

    Joined:
    Sep 15, 2014
    Posts:
    258
    Thank you for all the feedback. We understand where you all are coming from. I will discuss this internally with my team to see whether we can improve this.
     
  16. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,717
    My system crashed twice when updating to v6.01, earlier. I believe it has to do with one of the programs that loads in the Notification/System tray. I didn't shut it down fast enough. But, after a third boot, I got it.

    SAP_upgraded_v6.01.JPG

    SAP_upgraded_v6.01_02.JPG

    So, it had nothing to do with SecureAPlus. Just a peculiarity within my system. ;)
     
  17. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,717
    See, all is good... :)

    SAP_upgraded_v6.01_03.JPG
     
  18. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,316
    Location:
    .
    FWIW ~
    https://avlab.pl/we-test-secureaplus-pro-breaking-down-anti-malware-product-individual-parts
     
  19. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    171
    Location:
    VPN city
    That article on AVLab specifically mentions what I've been saying since I first discovered what a digital signature is.

    Just because a file as a valid and verified digital signature does NOT mean it's a safe file.

    With the whitelisting settings set to "trusted by the OS", like they're stuck to in the lite version, those packed in PUPs and Adware in that setup file would've gone straight through.

    Foolproof whitelisting requires an exact match of a digital signature AND a file hash of some kind before it allows anything. Because again, Verisign got hacked several years ago and bad-actors were distributing malware signed with valid and verified verisign signatures and in more recent history, there was BadRabbit, which had a signature from Symantec.

    If all the whitelisting app needs before it will allow something is a publisher signature, your system is vulnerable.

    And some might say that "oh well the dates will be invalid on the signature if it's malware." Will they really though? Don't you think the devs of malware would've thought of that specifically because of whitelisting antivirus programs that exist out there?

    It's plain to see by anyone paying attention that you need to make all version of S.A.P. require a valid publisher signature AND the "thumbprint". That shouldn't be an adjustable setting, that should be the only setting for the whitelisting in all versions of S.A.P.

    Now of course, S.A.P. Lite can still have Apex locked at low and still have the settings regarding submissions of unknown files locked to always upload unknown files. And you can also block access to the realtime scanning for your lite users.

    But you absolutely MUST make all versions of S.A.P. stuck on the name and thumbprint option, otherwise you're giving your free users a false sense of security. Because that's the heart of S.A.P.. It's what makes the whole thing work.

    I should also say, regardless of what ends up happening with the free version of S.A.P., you should pay for it, because it supports the development of a very effective whitelisting antivirus.
     
  20. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    171
    Location:
    VPN city
    Unlock the whitelisting settings for all versions of the software the way it was before 6.0.0
    There are no other steps. All of the other changes you've made to the free version are acceptable. But you gotta unlock that one menu, because that's the one thing on it that has never failed so long as the user fixed the problem by setting it to the "name and thumbprint" option.
     
  21. hendy

    hendy Registered Member

    Joined:
    Sep 15, 2014
    Posts:
    258
    We have just released SecureAPlus v6.0.2.
    We are trying our best to improve the feature for SecureAPlus Lite version.
    Here are the changes for SecureAPlus Lite version:
    The following settings are set for SecureAPlus Lite:
    - Trust certificate based on the certificate list (previously it was trusted by OS)
    - APEX is set to medium sensitivity (previously it was low).
    In the Lite version, users do not have the flexibility to modify those settings.

    Due to various reasons, we apologize that we can't accommodate all the feedback.
    We believe that these settings should provide the balance between security and the convenience of used.
     
  22. Esse

    Esse Registered Member

    Joined:
    May 26, 2011
    Posts:
    414
    Great news!

    /E
     
  23. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,823
    I completely agree with @GrDukeMalden.

    Unlocking the whitelisting settings is a must for ALL versions.
     
  24. Mops21

    Mops21 Registered Member

    Joined:
    Oct 5, 2010
    Posts:
    2,130
    Location:
    Germany
    Hi all

    SecureAPlus 6.0.2 is out now

    https://www.secureaplus.com/download/release-notes/

    https://www.secureaplus.com/download/download-thank-you/

    With best Regards
    Mops21
     
  25. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    171
    Location:
    VPN city
    Whitelisting settings in the free version are still locked. It's better than it was, but it's still in a bad position.

    In MOST tests S.A.P. is just fine at protecting the system when trusting by just the publisher signatures in SecureAge's whitelist, but I've never seen a single test where S.A.P. failed when set to trust based on the name and thumbprint.

    Again, all other changes to the free version as of 6.0.0 are acceptable. Just unlock the whitelisting settings and every one of your users will be happy.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.