Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    6,790
    Location:
    Among the gum trees
    + 1 on one machine running Windows Defender, WFC, MB and HMP.A.
     
  2. turion

    turion Registered Member

    Joined:
    Apr 5, 2006
    Posts:
    60
    MB has made clear WFC shall remain free in the short term plus with the acquisition of Binisoft, MB will provide an all in one solution well beyond having to manage a Firewall through Group Policy Objects or other Microsoft technologies.

    “We’ve seen tremendous demand from our customer base for these capabilities,” said Marcin Kleczynski, CEO, Malwarebytes.

    https://press.malwarebytes.com/2018...xpand-security-offering-and-global-footprint/

    I highlighted the most important parts from the press release. WFC capabilities will be incorporated into this all in one solution. Thus i don't expect the continuation of a standalone WFC in the long run. As for AdwCleaner still available as standalone here's what MB says:

    For the near term, AdwCleaner will retain its current name, supplemented by Malwarebytes branding. Malwarebytes is committed to maintaining the mission of the AdwCleaner product and its features. Malwarebytes will also integrate many of the proprietary techniques and detections into their flagship products.

    So there we have it, the future of these products remain questionable. Many are skeptical whether allowing telemetry will influence the existence of future WFC releases available to us. I guess time will tell.
     
  3. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    427
    Location:
    Germany
    Timely and right thought, let's all support it. If alexandrud realizes this, it will dispel all doubts, and we will all allow telemetry.
    We believe in the honest name of alexandrud, but the scope around it will be squeezed by the employer.
     
  4. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    5,768
    Location:
    Europe then Asia
    stop dreaming people, will never happen. As i see it, they don't care of "old" users opinion who are mostly security geeks in security forums, which is a niche market.
    If they don't see enough potential "paid" users for the standalone version, they will abandon it and just integrate it in MBAM as they planned.
    Companies value only one thing, incomes to finance development, no company will keep developing a product unable to finances itself.
     
  5. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    427
    Location:
    Germany
    Remove duplicate rules. Create a strict allow rule for the svchost.exe only for DNS, Time Service, WU (if necessary). Add svchost.exe in notifications exceptions.
     
  6. Jafea8

    Jafea8 Registered Member

    Joined:
    Aug 1, 2018
    Posts:
    7
    Location:
    Australia
    Be that as it may, doing sc.exe stop _wfcs resulted in:
    C:\>sc.exe stop _wfcs
    [SC] OpenService FAILED 1060:

    The specified service does not exist as an installed service.


    Whereas sc.exe stop wfcs worked.

    Anyway, it's now moot as the problem was MBAM's (v2 in my case) Self Protection being enabled as mentioned by OrangeDoorHinge.
     
  7. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    11,763
    Location:
    The Netherlands
    I'm also against telemetry but I agree with your comments. I wouldn't worry too much about certain negative comments.

    No way, it's way too complex for me.

    Yes exactly, for example Avast admits it's collecting browser history.
     
  8. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    115
    Agreed, and I hope alexandrud knows almost all WFC users still remain very thankful.
    That's exactly the kind of telemetry that is unacceptable for me (at least they admit it, I'm guessing others not so clearly), and that is why it's not a black and white issue. One needs to know in detail what is going on. You can't condemn or applaud all telemetry in general (well you can, but it'd be immature at best).
     
  9. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    115
    Sorry for yet another post and perhaps I've already asked this: please consider adding an option to not add the "U -" prefix for auto-disabled rules. When I re-enable them I always re-rename to keep them tidy (a bit excessive, I know) and the white colour is enough -for me anyway- to mark the disabled ones.

    A cool alternative would be for the "U -" to auto-disappear only when the user manually re-enables the rule.
     
  10. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,767
    Location:
    Romania
    Noted.
     
  11. asampal

    asampal Registered Member

    Joined:
    Aug 3, 2018
    Posts:
    4
    Location:
    Toronto, Ontario, Canada
    Thanks for the advice - are you saying that Learning mode should behave like this?
     
  12. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    427
    Location:
    Germany
    I think yes. Here I do not use the Learning mode, but from the experience of working with Outpost this is the way the Learning mode behaves.
    Try to work in the Medium Filtering, and if something does not work out, look in the Сonneсtions log and create a rule.
     
  13. clubhouse1

    clubhouse1 Registered Member

    Joined:
    Sep 26, 2013
    Posts:
    1,123
    Location:
    UK
    AT THIS TIME! "The following data is sent once a day to Malwarebytes: program version, os version, os architecture (x64, x86)"..Remember folks this is Malwarebytes and they will undoubtedly change and increase the telemetry as WFC gains popularity via their sales publicity...Seems they may be looking at any part of the market that is unaware of WFC atm.
     
  14. clubhouse1

    clubhouse1 Registered Member

    Joined:
    Sep 26, 2013
    Posts:
    1,123
    Location:
    UK
    Need to add that WFC is more important to me than any other security application...Just don't see anything that can better it in the firewall products now availible.
     
  15. Poppeye

    Poppeye Registered Member

    Joined:
    Mar 2, 2018
    Posts:
    5
    Location:
    Internet
    Please remove this link and further quotes as the archive contains more than just the installer.

    Regarding Telemetry:

    Any data that can be potentially used to identify a user must be collected via Opt-In according to the European GDPR. Malwarebytes uses Opt-Out (if any) which is only possible under American law. Such a case may be presented to a Europan data protection agency. The fines range between 1-4% of a companies yearly (!) turnover. As a company, I wouldn't risk that and revert to Opt-In telemetry as soon as possible...
     
  16. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    115
    Thanks alexandrud. Minor issue: in the notification prompt there's the option to create an inbound/outbound customized rule. If selected, both rules are correctly created but the description for both ends with "(TCP-Out)".

    Another minor issue, also occurred in the previous version(s). Sometimes it's difficult to delete multiple invalid rules at once (not sure about valid ones). They are just not deleted (or only one at a time is deleted) and I have to try a few times. Some times though it works.

    And a question/request: I think the default rule sorting method is based on the rule creation date? A cool feature would be the ability to "move" rules up/down so we can bring related rules close to one another. An alternative though already exists with the Groups.
     
  17. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    427
    Location:
    Germany
    Yes, creation date. Earlier, alexandrud already answered this question.
    This is a very desirable function. Earlier, alexandrud said that the Windows brandmauer can not do this. Maybe now he will have new thoughts.
     
  18. Wokok

    Wokok Registered Member

    Joined:
    May 30, 2018
    Posts:
    4
    Location:
    France
    I agree. There is a checkbox for auto-updates, but there is no checkbox for telemetry. Currently, if I were to block wfc.exe in order to block telemetry, then I would block auto-updates.

    I would keep telemetry ON for now anyway, after what the dev wrote. However, I might want to disable telemetry in the future, and keep auto-updates ON, so there should be two checkboxes.
     
    Last edited: Aug 5, 2018
  19. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    867
    Location:
    Member state of European Union
    I agree.
    Microsoft released "Windows Diagnostic Data Viewer" to be more transparent about what's included in telemetry. I know they did that after three years since Win 10 release and some pressure from Data Protection Authorities in some countries and public opinion, but they done that after all.
     
  20. asampal

    asampal Registered Member

    Joined:
    Aug 3, 2018
    Posts:
    4
    Location:
    Toronto, Ontario, Canada
    I wasn't using Learning mode either before 5.4.0.0, but I thought it might be helpful in automatically creating outbound rules for signed applications. The way it seems to work, creating duplicates by the hundreds, is not helpful at all, so either I'm using it wrong or there's a bug in the implementation.
     
  21. asampal

    asampal Registered Member

    Joined:
    Aug 3, 2018
    Posts:
    4
    Location:
    Toronto, Ontario, Canada
    <Edit>It seems I had a public network, created by Docker, defined. So the notifications still showing were for that.</Edit>

    Could someone tell me how to specify a valid allow rule for UDP multicast? I've been trying to make a rule to allow network discovery (the ssdpsrv service) which does a multicast to 239.255.255.250 on port 1900 (there were also already created rules for this), but I still keep getting notification popups about traffic being blocked. As can be seen in this screencap, the rules that are enabled for this service _should_ apply, but for some reason it seems they don't. Does anyone have a clue why these rules aren't working?
     
    Last edited: Aug 5, 2018
  22. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    2,443
    Location:
    Canada
    You might have to enable the third rule from the top, the one that addresses Location "All". That is if you are using a "Public" network location.
     
  23. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    427
    Location:
    Germany
    This does not coincide with the general line of Malwarebytes, but a similar solution could eliminate the contradictions that have arisen
    1.png
     
  24. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    427
    Location:
    Germany
    Information for consideration. After the user complaints, the CCleaner removed v5.45, which added an unswitched data collection function, and returned to v5.44, in which the data collection function can be disabled.
    forum.piriform.com/topic/52360-changes-in-v545-and-your-feedback/?page=2&tab=comments#comment-298509
     
  25. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    115
    The CCleaner analogy is unfair to alexandrud, that's a very different -and nastier- case. I'd concentrate on WFC and let go the telemetry discussion, everything has been already explained and discussed about 5.4.0.0.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.