Difference in Security between TAM enabled and disabled

Status
Not open for further replies.

Werderforever

Level 1
Thread author
Verified
Aug 8, 2015
37
Hi,

I have read here in the forum in several threads about TAM.

What I don´t understand, why is Security with TAM enabled better compared to disabled TAM?

After enabling, TAM is searching for untrusted Apllications, I suppose with help from KSN. Compared to this, without TAM, Application control checks by starting an Application whether an Application is trusted or not (also with help from KSN) and move them to Trusted or Untrusted and so on.

Why is this Mode less safe then the TAM-Mode? I think Application control is checking reliable.

Would be glad for help, please in simply words, because english is not my motherlanguage.
Many thanks!:)
 
  • Like
Reactions: Ink

Cch123

Level 7
Verified
May 6, 2014
335
After enabling, TAM is searching for untrusted Apllications, I suppose with help from KSN. Compared to this, without TAM, Application control checks by starting an Application whether an Application is trusted or not (also with help from KSN) and move them to Trusted or Untrusted and so on.

Why is this Mode less safe then the TAM-Mode? I think Application control is checking reliable.
Actually, you are right to say that both are roughly the same. However, in default configuration, Kaspersky assigns the unknown program to low restricted, where it can still run. Compared to TAM, where the program cannot run at all, this is less secure. However, if you change the options for Kaspersky to move unknown programs to untrusted, then they would be similar.
 
  • Like
Reactions: Enju

Tony Cole

Level 27
Verified
May 11, 2014
1,639
At present, if you are running Windows 10 64bit OS TAM will do/stop anything - 2016 version TAM is very fast and smooth, just doesn't work, kinda sad for such a big company.

It is a very good, feature rich piece of kit, yes it will block legitimate software, but I would rather have that happen, and not run the chance of a possible ransomware attack. TAM only blocks the software from executing, you can simply go in to the menu and enabled it, application control blocks all access i.e., internet, registry, system level access, application control and TAM work hand-in-hand, if application control is disabled, then TAM is also disabled.
 
  • Like
Reactions: XhenEd

Werderforever

Level 1
Thread author
Verified
Aug 8, 2015
37
Thanks for the Links, but I know them.

That´s very interesting, Cch123 and Tony Cole.

I think TAM blocks all, which is not in trusted Zone. But TAM is not blocking start when the App is in low or high restricted, only in untrusted. Perhaps a restriction of Windows 10 x64?
 

XhenEd

Level 28
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 1, 2014
1,708
Thanks for the Links, but I know them.

That´s very interesting, Cch123 and Tony Cole.

I think TAM blocks all, which is not in trusted Zone. But TAM is not blocking start when the App is in low or high restricted, only in untrusted. Perhaps a restriction of Windows 10 x64?
TAM blocks the "unknown" process and put that process into Untrusted.
KIS 2016 is very limited right now in its protection, including TAM. So, TAM might not really work as expected.
A patch is incoming, fortunately... :D
 
  • Like
Reactions: Enju

Tony Cole

Level 27
Verified
May 11, 2014
1,639
Yes, on Windows 10 64bit OS TAM doesn't work at all. When I asked if one could increase security by changing default configuration he said no, I had to wait until 1st September 2015 for the patch. It annoys me, when I asked he told me not to do online banking, visit dodgy websites or download new software, those who do not have such knowledge could suffer severe consequences of using Kaspersky 2016. Not good at all.
 
  • Like
Reactions: XhenEd

Werderforever

Level 1
Thread author
Verified
Aug 8, 2015
37
First of all many thanks to all, who helps me with your advices. :)

I´m also a little bit disappointed, that Kaspersky has a lot of problems with Windows 10 and basically with x64-OS.

I´m looking for a new AV/Suite and I´m thinking about Kaspersky, Eset an GDATA, perhaps Emsisoft.

Kaspersky has a good reputaion and tst results. But problems with Win 10 and generally x64 let grow doubts...
 
  • Like
Reactions: XhenEd
H

hjlbx

Yes, on Windows 10 64bit OS TAM doesn't work at all. When I asked if one could increase security by changing default configuration he said no, I had to wait until 1st September 2015 for the patch. It annoys me, when I asked he told me not to do online banking, visit dodgy websites or download new software, those who do not have such knowledge could suffer severe consequences of using Kaspersky 2016. Not good at all.

@Tony Cole

Have you heard if K is going to fix the issue with Application Control moving large groups of apps from Trusted to Untrusted zone with TAM enabled and other max settings ?

My general impression is that it will not be fixed, but that could have changed, so I am asking...
 

Tony Cole

Level 27
Verified
May 11, 2014
1,639
Well, only that a patch to activate all area's will be released on 1st September 2015, but you can check, if you are running a 32bit OS Windows 10 all features are active, so at present that's how far TAM has progressed. It's terrible, I'd never use Kaspersky again,to trick users, who will not read a 220 page manual, when he quote "it's a 50 - 50 chance."
 
H

hjlbx

Well, only that a patch to activate all area's will be released on 1st September 2015, but you can check, if you are running a 32bit OS Windows 10 all features are active, so at present that's how far TAM has progressed. It's terrible, I'd never use Kaspersky again,to trick users, who will not read a 220 page manual, when he quote "it's a 50 - 50 chance."

Security softwares have an extremely high incidence of complaints - whether your just a typical home user or a power user...

EIS is the best internet security suite in terms of reliability, dependability, almost bug-free, very high compatibility, very good (but slow - I admit) technical support, easy to use and learn, etc.

EIS protections are not nearly as extensive as Kaspersky, Bitdefender, Comodo, ESET, etc. The Emsi protection model is to keep it off your system via detection, followed by HIPS. There are some holes but they are working on plugging those holes...

Small, high quality team that addresses reported bugs and only adds features needed to keep the typical user safe under typical computing conditions.

This is a little known fact, but most EIS users are age 50 or older... so relatively safe group online...

Emsi has a protection model that works. It is Virus Total based so that helps detection. Behavior Blocker works good. Malicious scripts are a problem at this point in time, but is to be fixed with version 11.

Really can't go wrong with Emsi...

If one gets caught-up in security soft forums - and reads too much IT security news reports - then one will think the sky is falling and that no security soft is good enough...
 
Last edited by a moderator:
  • Like
Reactions: XhenEd

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Kaspersky per default on their application is based on heuristics analyzer therefore Low restricted/Medium Restricted may run and infect a system. This is why a tweak for complete untrusted mode should prevail

+ Kaspersky is same with Comodo where the power comes on custom based however opposite which came to be limited on protection at current stage.
 
  • Like
Reactions: XhenEd
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top