ShadowDefender 64 bit

Discussion in 'sandboxing & virtualization' started by trjam, Jul 10, 2009.

Thread Status:
Not open for further replies.
  1. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    Just a FYI. Tony says early fall to have it ready. That is good news. And maybe 2 other surprises.
     
  2. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    And while I am at it, let me throw a plug out there to all new members who are not familiar with it. To me, it is likely the one most overlooked piece of software. It is a truly amazing software that if I could only pick one, it would not be NIS but ShadowDefender. You really should try it.
     
  3. hany3

    hany3 Registered Member

    Joined:
    Dec 2, 2007
    Posts:
    207
    hiii trjam
    i'm so happy , but i'll wait till i see this by my eyes
    i've already talked many times with tony about 64-bit versions and he promised me to do something in this point

    in fact that's the only reason that always separated me from 64-bit OSs
    if SD supported 64bit OS this will be a great step for this wonderful product beind the only virtulazing software to do that "as returnil still in beta"

    BTW , did he tell u the expected date to release this version ?
    i expected that after this long period of silence on the shadow defender website there will be a storm for sure
     
  4. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    I think Tony is like alot of others here. Microsoft really holds they key. And with the image that Bill Gates portrays, it would kind of go against the grain of his public image to just, throw away that key for other vendors.
     
  5. hany3

    hany3 Registered Member

    Joined:
    Dec 2, 2007
    Posts:
    207
    i;m sorry trjam but i can't translate or just understand ur last reply
     
  6. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    dont feel bad, neither can I.:D
     
  7. deanmartin

    deanmartin Registered Member

    Joined:
    Sep 6, 2007
    Posts:
    231
    Location:
    USA/KY
    When Windows 7 is ready my next PC will be 64 bit, That would be good timing for me. Im using Shadow Defender basically 24/7. :thumb:
     
  8. Montecristo

    Montecristo Registered Member

    Joined:
    Dec 23, 2008
    Posts:
    72
    This is long-awaited good news. ShadowDefender is a big part of my setup. I have never had a single problem with it. :thumb:
     
  9. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,214
    Shadow Defender's developer, when asked he replied " in several months" as a matter of fact I'm back to Vista32 because I'm too addicted to SD. Some people say that the kernel patch guard in the 64-bit versions cannot be bypassed. I don't really understand these terms, what is the truth: is it a matter of time or just impossible?
     
  10. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    As far as I know it's a matter of legality.
    Lawless Rootkits are allowed to bypass the patch guard but law-abiding security software vendors are not allowed to bypass it - or MS will not invite them to their candle-light dinners anymore.

    Cheers
     
  11. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,214
    On the other hand, I've read somewhere that it is meant to stop rootkits. Basically what you are saying is that developers need to have a license from MS to bypass patch guard.
     
  12. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    No, there is nothing to buy. Vendors can just water down their products (e.g. Comodo or Kaspersky) or stay away from patch guarded Windows versions (like Sandboxie).

    It looks like MS has just thrown the baby out with the bath water.
    Every Malware can easily remove the user mode hooks of CIS or KIS.
    So what's the point of HIPS, Sandboxes etc. with this Windows versions?

    Cheers
     
  13. Einsturzende

    Einsturzende Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    390
    Location:
    neubauten
    khm... not just every malware, must be designed for this to do, also there are some protection techniques from unhooking, so it is not just every malware and not easy
     
  14. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    From Kernel Patch Protection: Frequently Asked Questions:

    Q. Is there any mechanism that allows a particular application or driver to patch the kernel?

    A. No. There is no mechanism on systems that support patch protection that allows an application or driver to patch the kernel, for the following reasons:

    • There is currently no reliable way for the operating system to distinguish between "known good" components and unknown components that might potentially be malicious. Therefore, it is not possible to grant patching capabilities only to "known good" components and deny them to unknown components.

    • Even if "known good" components could be distinguished in a secure, non-spoofable, and reliable fashion from other components, patching would still introduce the reliability and performance issues that were described earlier. The attack surface of the kernel would also be increased to include the additional components.
     
  15. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    and:

    Q. Patch protection prevents my application or driver from running. What are my options?

    A. Modify your application or driver to use only Microsoft-documented interfaces. If the functionality you want to enable is not supported with Microsoft-documented interfaces, then you cannot safely enable that functionality. There is no mechanism to selectively disable patch protection or "special-case" a given application to work around patch protection. If an application or driver patches the kernel, it generates a bug check and shuts down the system...
     
  16. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,214
    My interest is really directed to virtualizers like Shadow Defender which cannot at the moment run on x64. Why then DeepFreeze (also a virtualizer) has no problems with x64? That explains why Avira can't scan for rootkits in the x64 version.
     
  17. hany3

    hany3 Registered Member

    Joined:
    Dec 2, 2007
    Posts:
    207
    and what about windows 7 support by shadow defender

    any one tested shadow defender with windows 7 ??
     
  18. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,214
    It works perfectly.
     
  19. hany3

    hany3 Registered Member

    Joined:
    Dec 2, 2007
    Posts:
    207
    thanks for the answer
     
    Last edited: Jul 15, 2009
  20. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Patchguard pretty much excludes kernel mode rootkits but not user mode, although an adequate defence should prevent these also.
     
Loading...
Thread Status:
Not open for further replies.