Advice Request Are you using Excubits products?

Please provide comments and solutions that are helpful to the author of this topic.

Are you using Excubits products?

  • Excubits Bouncer

  • Excubits MemProtect

  • Excubits Pumpernickel

  • Excubits MZWriteScanner

  • No, I don't like the products

  • I have never tried / used Excubits products


Results are only viewable after voting.
Status
Not open for further replies.

Glashouse

Level 4
Thread author
Verified
Well-known
Jun 4, 2017
174
From my point of view, I don't care if there is no GUI. Start using the products can be quite a hard time but as there is the chance to set the configuration not be "LETHAL" at the beginning to get feedback what would happen without destroying your system, it should be usable...
On the other hand, having the pure config files gives you the flexibility you will not get from most of the GUIs.

I really like the way I can finetune the configs to my needs and the pricing for the "full versions" is fair!
For Example, you could do something like this (bouncer):

[PARENTWHITELIST]
!C:\Program Files (x86)\Mullvad\mullvad.exe>C:\Windows\SysWOW64\schtasks.exe


[PARENTBLACKLIST]
*>*schtasks.exe


Which is really powerful: schtasks.exe is not allowed to run except when it is called by mullvad.exe.
If you are super paranoid you could also tie this to the SHA256 Hash.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
From my point of view, I don't care if there is no GUI. Start using the products can be quite a hard time but as there is the chance to set the configuration not be "LETHAL" at the beginning to get feedback what would happen without destroying your system, it should be usable...
On the other hand, having the pure config files gives you the flexibility you will not get from most of the GUIs.

I really like the way I can finetune the configs to my needs and the pricing for the "full versions" is fair!
For Example, you could do something like this (bouncer):

[PARENTWHITELIST]
!C:\Program Files (x86)\Mullvad\mullvad.exe>C:\Windows\SysWOW64\schtasks.exe


[PARENTBLACKLIST]
*>*schtasks.exe


Which is really powerful: schtasks.exe is not allowed to run except when it is called by mullvad.exe.
If you are super paranoid you could also tie this to the SHA256 Hash.
Thanks for the tutorial! Sounds like a great tool, after all.
 

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,342
that's kinda sad, because they give you protection unlike anything else
They sad part is that we are almost in 2018 and devs keep thinking it's a good idea to go ask me to type stuff. In my opinion that is the sad part. Protection wise even though i haven't tested the program in theory you need to pay a huge attention to rules to minimize the attack vector. Good luck for the 99% of the users to know enough to do it even if they decide to mess with a notepad. It's just not a viable option for most people and i don't think the dev is targeting the average user.
You can use other programs that require almost 0 clicks or typing and have a similar level of protection so why bother.
 

Deletedmessiah

Level 25
Verified
Top Poster
Content Creator
Well-known
Jan 16, 2017
1,469
They sad part is that we are almost in 2018 and devs keep thinking it's a good idea to go ask me to type stuff. In my opinion that is the sad part. Protection wise even though i haven't tested the program in theory you need to pay a huge attention to rules to minimize the attack vector. Good luck for the 99% of the users to know enough to do it even if they decide to mess with a notepad. It's just not a viable option for most people and i don't think the dev is targeting the average user.
You can use other programs that require almost 0 clicks or typing and have a similar level of protection so why bother.
True and Lockdown said it right, the dev doesn't want to be annoyed by home users.
 

Glashouse

Level 4
Thread author
Verified
Well-known
Jun 4, 2017
174
They sad part is that we are almost in 2018 and devs keep thinking it's a good idea to go ask me to type stuff. In my opinion that is the sad part. Protection wise even though i haven't tested the program in theory you need to pay a huge attention to rules to minimize the attack vector. Good luck for the 99% of the users to know enough to do it even if they decide to mess with a notepad. It's just not a viable option for most people and i don't think the dev is targeting the average user.
You can use other programs that require almost 0 clicks or typing and have a similar level of protection so why bother.
I totally agree I think that the products are more targeted to the enterprise with fixed configurations and the ability to exchange configurations in seconds on many clients. There are lots of good options out there for the average user but if there are people who want to find out what is going on and invest the time there's a huge chance to learn something :)
At the end when it comes to really tighten the security of a system it is up to the knowledge of the person building the configuration and people who don't want to deep dive into this topic should avoid messing with config files. For the rest, give it a try :)
 

Deletedmessiah

Level 25
Verified
Top Poster
Content Creator
Well-known
Jan 16, 2017
1,469
I have exchanged emails with the dev several times and I really can't complain that he is not taking care, even if I am a home user with only one license for each of his products....
But you've more knowledge about security and Windows than average forum users, the average forum users like me will annoy the dev with asking for help all the time.:p And if the soft doesn't have GUI, I'll never try it.
 

Glashouse

Level 4
Thread author
Verified
Well-known
Jun 4, 2017
174
It's for the Do-It-Yourself type, I guess. Most people will go and buy a house, and a few will build it themselves, exactly the way they want.
Correct and that is why we are here :) Discussing topics and finding our way to security!

And if anyone wants to give it a try feel free to ping me, I am happy to share a generic config which is likely to work on most of the systems with a little tuning. but at the end, no guarantee at all :) @Windows_Security also has a great threat about MemProtect...
 
  • Like
Reactions: shmu26 and SHvFl
5

509322

They sad part is that we are almost in 2018 and devs keep thinking it's a good idea to go ask me to type stuff. In my opinion that is the sad part. Protection wise even though i haven't tested the program in theory you need to pay a huge attention to rules to minimize the attack vector. Good luck for the 99% of the users to know enough to do it even if they decide to mess with a notepad. It's just not a viable option for most people and i don't think the dev is targeting the average user.
You can use other programs that require almost 0 clicks or typing and have a similar level of protection so why bother.

99 % of average Joe couldn't use Windows at a high level if their lives depended upon it. 98 % of Admins have to go begging other Admins for infos on undocumented Windows stuff. That's the real state of Windows affairs. Being paranoid about Windows security adds nothing to overall security. It just adds complexity to the system and sates some psychological need on the part of the paranoid user. The average user is simply going to avoid or disable any complexity added by paranoid level security.

The average Windows user would be best served not using Windows but instead using Chrome OS.
 

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,342
99 % of average Joe couldn't use Windows at a high level if their lives depended upon it. 98 % of Admins have to go begging other Admins for infos on undocumented Windows stuff. That's the real state of Windows affairs. Being paranoid about Windows security adds nothing to overall security. It just adds complexity to the system and sates some psychological need on the part of the paranoid user. The average user is simply going to avoid or disable any complexity added by paranoid level security.

The average Windows user would be best served not using Windows but instead using Chrome OS.
Sadly, in most places you work you will have to use a windows pc so switching to a different OS will not do much. We people like to use what we believe we know and anything new feels bad and weird. Unlucky for us windows has as so well hooked that we can't go away from it.
 
5

509322

Sadly, in most places you work you will have to use a windows pc so switching to a different OS will not do much. We people like to use what we believe we know and anything new feels bad and weird. Unlucky for us windows has as so well hooked that we can't go away from it.

Most average Joes do not use a PC at work, so they don't need a Windows PC. However, I understand that if one does use a PC at work, then it makes a certain sense to have a Windows PC at home. For granny grayson, Uncle Buck and junior "I am not a techy just want to surf the net and use a text editor now and then," they are better off on Chrome OS.

Chrome OS = Chromebook. It does not get any easier than that for a user. The more initiated security conscious user can add VPN to Chromebook.

Microsoft has its claws in everything - it almost has more power than the world's central banks. In some respects Microsoft does have more power, but the power to regulate how much money a person pays for this or that is the greatest power of all - and that power rests with the world's central banks.
 
Last edited by a moderator:
D

Deleted member 178

Excubits products seems good and efficient based on what i read but for me:

1- need a GUI to set it up, why? not because i'm lazy to do it or i don't have the required skills, but i'm busy! don't have time to research and type lines of codes.
2- By principle, i won't pay for something requiring me to do all the job, as if i pay for a car and i have to assemble it...no thanks.

If i was excubit's dev, i would make the actual GUI-less versions free and make paid GUIed versions.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top