Independent review of DefenseWall is published here: http://security.over-blog.com/article-3030160.html by NicM and Kareldjag. Thanks a lot to them and to Todd for the proof-reading!

Quite a nice review considering the extreme torture applied. My head is still spinning a bit. I am guessing that the majority of the Malware would be found on Adult, -- not allowed here --, p2p sites and surely the average user is likely to be safe using Defence Wall only. The key logging issue is the main one that concerns me and I have not read anything that will solve that with any product but if I read correctly just checking un trusted processes or hitting the big red button before doing any typing of confidential information is all that is needed. Reading the article just reminds me how much I don't understand even though I would consider myself an advanced computer user.Quite a nice review. My head is still spinning a bit. I am guessing that the majority of the malware would be found on Adult, -- not allowed here --, p2p sites and surely the average user is likely to be save using defense wall only. The keylogging issue is the main one that concerns me and I have not read anything that will solve that with any product. Reading the article just reminds me how much I don't understand even though I would consider myself an advanced user.

Well, as I've already mentioned, DefenseWall is the part of "protection-in-depth" conception. Nothing more and nothing less. There is no Internet connections and traffic control system, for instance (that is why many of the backdoors tests are failed, same with browser hijack). As about keylogers- well, that is correct, that is a huge problem under the Windows architecture. I still don't understand if it is possible to fix it. That is the problem for all the HIPS, even for the so old one as ProcessGuard (NIcM have mailed me that it doesn't block hidden keyloggers during his tests).

As about "advanced user"- well, the fact is that "advanced" is not the person who knows everything (it is impossible), but the one who understand that their knowlege is incomplene and ready to learn something new every day. The same with the "professinals"- many of them think that they know everything about something (computer security, for instance) and don't want to learn every day any more. But if you ask him any non-standard questions- they won't answer or their answer will be sounds like "you are too naive, you do understand nothing in it". I know that my knowlege is incomplete and I'm ready to learn every day, to dig inside the Windows core, to answer on everyday life's chellange.

Hello Ilya,

Congratulations on a job well done! Based upon the test results, DefenseWall has not only met, but exceeded my expectations. I have been using DW for the past six months and am quite satisfied with the protection that it offers.


Peace & Love,

CogitoErgoSum

Too true, I was commenting that if I am having problems all the issues that it is near impossible for a non computer geek to have the slightest understanding. These are the people who put on Norton Internet Security suite that bogs down their computer and gives a false sense of security and most of the time they never update it or the subscription expires. These people are not at risk of day zero Malware but day 360! What is great about your software is it is mostly silent and I believe that is the key, the average computer person just will not keep software if it keeps asking questions that they have no ability to answer the pop ups and they are driving them mad. I think DW will keep computers clean for these people in the majority and it will be 10 times better than what they are running.

Now about Browser hijacking and toolbars that get added to the browser, what is the easiest solution to this with minimal pop-ups. I see mentioned Firewall’s but my understanding is a firewall will block incoming and outgoing that is not safe. You must be talking about Firewall’s that have other features to protect the browser.

Thanks for your time. I had problems with earlier versions but I have installed 1.6 and everything is working well.

Ian

Thanks, Dexter!

I do my best with my software and user support!

Well, good firewall's job is blocking Internet connections and traffic (both inbound and outbound) and protect it's trusted processes (processes that allowed to be connected to Internet and exchange traffic with it, browsers or e-mail clients, for instance) from being hijacked. If you look at firewall's tests, they "protect" their trusted processes from being hijacked. That is their job. Why I write "protect"? Because I know couple of ways to bypass such the reverse sandbox and I don't know good way to be protected from those methods.



My pleasure! :dance:

Ok so I need a firewall that will not pop up every minute, settings I can disable that won't duplicate what DW is doing. Are toolbars that auto install what you call search bars attach to your browser. I don't understand how they can install in IE if it is untrusted? What am I not understanding?

It is impossible to install IE/Opera/FireFox toolbar as untrusted. You need remove it's module (it is within "Rollback" window) from your disk, run your browser as trusted, go to the site and install this toolbar.

This was a general question about people who come to me with many toolbars infesting their browser. I don't want them to install toolbars like yahoo etc but avoid them being installed into the browser. I thought DW was not able to stop browser hijacking or are toolbars not in that category? I am confused on exactly what is or isn’t a browser hijacking and the type of firewall required to stop this.

Thanks for your fast response and trying to explain something that is simple in your mind to someone who is struggling to get a simple solution for other computer users in place to save me a lot of work ;-)

Iansbrainstorm,

you guys are getting mixed up here


If you browser is untrusted, it is impossible to install a toolbar.
What Ilya was saying is that if you wish to install a toolbar, you must run IE as Trusted in order for it to install.

Yes thanks toadbee. I am not sure my question is understood so perhaps I have not written it very well. I will keep reading and see if I can learn more.

Congratulations Ilya to the overall results on this test!

What will happen with DW based on these test results - what impovements are we to expect?

What can I do about protection during bootup - is there any complementary software I should use?

What can I do to better my keylogger protection? Any complementary software I should use? I try to remember to hit BIG RED before I go ie banking, but is that sufficient? Do I need to do more.

At present I rely on the 3 you can read in my sig. Previously I used more, but I took some off - like Process Guard - and would be careful to add new software on. Will do so only if I get strong recommendation on a particular software from you guys.

Best Regards

Thanks.



In fact, I'm going to concentrate now on program sales, because I need additional revenue to start my work under v2.0. There are still a lot of my work with sandbox hardning and improving user interface.



I don't know such the programs. Don't warry- it is a little bit synthetick test, DW protects MBR fdorm being modified by untrusted when it is on.



As I've already mentioned- non of the current solutions won't give you true anti-keylogger defense (some of them- only false feeling of defense). That is Windows security flaw, if I could do something with that- I would already implemented it. I still don't know how I could compencate such the hole of the operation system's architecture, but I clearly understand why it is implemented such the way...

The program "I hate keyloggers" says it blocks hook-based keyloggers from recording whats typed, but if I remember correctly DW stops untrusted from installing hooks - so that would be an unnessecary overlap in protection - wouldnt it?

Best Regards

Yes, DefenseWall block hook-based keyloggers.

Excellent article :)
I hope it drums up some sales for you

DW is THE best :)

Thanks a lot!

I hope so.... Anyway, I keep my work on it.

Correct me if i'm wrong, but the only places DW fails (that DW is meant to protect) are:

When DW is disabled beforehand

When CD-rom is trusted

Screen Captures

DW not starting early enough

Edit: besides the above and hardware keyloggers, what keylogger methods cannot DW stop? global hooks?

DW stops standard windows global hooks keyloggers. It doesn't protects from screen capture (I'm just not sure I really need block this).

So what keyloggers doesn't it protect from?

Screenshots can be considered a form of keylogging... "A picture says a thousand words" ;D

I think if you are down to the point of screen shots then you have a significant problem. You can not protect everything. I am running the Vista beta and every time you touch something it asks permission, it is so bad a lot of people have disabled the security.

Ilya how does Denfense wall fit in with Vista? How good is the Vista browsing security as it is. It appears to stop a lot of potential problems to me.

Ian

I'm going to write an article about it's Kernel Patch Protection and DW.

Well, my point is that blocking keyloggers isn't affective if you allow untrusted applications to take screen shots. It's like you mise well disable keylogging.

Well I guess you are more informed than me :-) I would not call screen captures key logging as such. Anytime you type in a password in applications these days they password is masked with **

From my view it appears that peoples problems with computer security mostly rests with the user themselves and their online behaviour although you can get unlucky.

I am sorry if I have appeared dismissive about this issue, I am only responding to my life experience and it is a big world out there.

Ian

http://www.softsphere.com/articles/boycott...-windows-vista/

If you can- support with your diggs!

http://digg.com/software/Boycott_Microsoft_Windows_Vista

Don't warry, I understand your feelings. I just have preliminary job that need to be done first time. Then I'll be able to think about screen capturing and so on.

Ok I digg but not sure if you will like the comments. I know your pain as I have had problems with large businesses using their power to squash the life out of the little guy but that is life and we have to adapt to the new environments. I sent details to a Microsoft Employee about DenfenseWall and they had never heard of it but thought it was a good idea. The problem is even though it is mostly simple to use I have paid for trailed it with a family member and they did not like it because it restricted their use of the computer despite that most of the restrictions are for their own safety. A lot of software and sites do not like protection software. What will DW solve that VMware would not other than it will work too slow on a speed challenged computer?

Check my sanity@
www.iansbrainstorm.com

The fact is that it not only my pain. It is pain for Symantec, McAfee, Trend Micro, ZoneLabs, Agnitum (just find and read their whiteperper!), Kaspersky and so on. It is impossible to implement good security software without full control under the OS. Only Microsoft will be able write security software for Vista and higher. That is why the only legitimate choise for security software vendors (especially for small one)- call to boycott Vista. There is no other ways out to be listened by MS.

Well for Symantec they will just market Internet Security Suit and everyone will be blissfully unaware just like they are now. Norton Internet Security in my experience is bloated and murder to remove from computers, I call it malware ;-)
Ian

most likely, but they have a whitepaper of their own trashing vista, poking holes in it, don't they?

but Ilya you should link to other papers from yours so it looks more legit.

If its the previously so safetywise poorly constructed MS OSes that has been the reason for most of the growth of 3rd party security vendors I suppose it is to be expected that MS want to improve their product to make their future OSes safer. Basically I see nothing wrong in that.

If that shuts out others from trying to compete with this new "safe" OS because their products would not work on that OS - its not acceptable in my opinion.

The problem is that MS has been so clever businesswise so they now dominate the market in a way that is not acceptable for the end customer price-competitionwise and that has been questioned in America and in EU as you all know. If MS now construct their new OS in a way that makes it more difficult to choose other securitysolutions they might be making a itching bed for themselves. US and EU will keep an eye I on this so it might be worth while to write to politicians also since they normally seem to be a cuople of steps behind in these matters.

If then this new "safe" monopolistic OS proofs to totally leak securitywise and customers cant buy alternative protection cause it want work on this OS - then maybe finally MS has shot themselves in the foot? So hopefully many will wait and see before they upgrade.

Just my thoughts when I read this.

Best Regards

Well said. I won't ever use MS as my security provider. Using their OS is more than enough.

Done.

Well you do have a valid point, but please keep in mind that Instant Messenges, E-mails, and other private matters are not treated with asterisks like passwords are. Keylogging my passwords wouldn't even matter to me as much as my personal information would since I use different passwords for everything. Although I keep everything encrypted, it is while it is being used (unencryped) that is is vulnerable to such problems, which is why keylogging is such an important issue to me.