Farewell, Emsisoft Online Armor

[Alexstrasza]

*sigh* I'd rather not waste time arguing. After all I created this thread to mourn Online Armor's passing, not arguing about antimalware technologies.

You like having full control of your machine - sure, then use HIPS. I prefer not to mess around too much with software, so I use BB. Simple as that.

 

[jasonX]

Again where's the justice in that...? I throw again that quote back to you.

Don't try to apply your thinking to others especially that what you asked for proof has already been shown and proven while you in return cannot.

You just cant' so you say "wasted time". SORRY!

 

[hjlbx]

Hi hjlbx Yeah I know that as a long time user of it's HIPS. I like the granularity. I was under the impression of what Alexstrasza meant to state that BB can do block that trigger-mechanism the same as HIPS can. Bu then again OA is dead now Kaspersky can block that too! Nice and sweet! Love your posts about Kaspersky

Emsisoft is very good software. It has some advanced protections but they are not well documented or explained.

One of EAM\EIS weaknesses is malicious scripts that call interpreters (e.g. cmd.exe, wscript.exe, etc) to perform hidden downloads and other malicious actions. In EAM\EIS interpreters should not be assigned the default "Allowed" rule but instead a "Custom" one.

Same should be done when using Kaspersky.

Comodo on the other hand treats any unknown script the same as any unknown application; it generates HIPS and firewall alerts for any Unrecognized script - dependent upon that script's behavior.

I never bothered with Online Armor as it was clear to me that it was going to be phased out; all the signs were there that Emsi would drop OA.

* * * * *

I understand both your argument and Alex's.

Alex is simply stating that if one application launches another, that in itself, is not malicious... so the Emsi Behavior Blocker doesn't even monitor that type of behavior.

You wish to block "ET call home" syndrome... and that's fine too.

Securing a system following one paradigm versus another is entirely a personal matter involving one's motivation, paranoia level and tolerance for certain inconveniences, maintenance, interface hassles, etc.

 

[jasonX]

Emsisoft is very good software. It has some advanced protections but they are not well documented or explained.
.....I never bothered with Online Armor as it was clear to me that it was going to be phased out; all the signs were there that Emsi would drop OA.

* * * * *

I understand both your argument and Alex's.

Alex is simply stating that if one application launches another, that in itself, is not malicious... so the Emsi Behavior Blocker doesn't even monitor that type of behavior.

You wish to block "ET call home" syndrome... and that's fine too.

Securing a system following one paradigm versus another is entirely a personal matter involving one's motivation, paranoia level and tolerance for certain inconveniences, maintenance, interface hassles, etc.

True. When OA was delayed in it's updating that was it. Rumors have spread and it became evident that Emsisoft is dropping OA. Apart from OA not getting the revenues to pay for it's development it was evident that the new firewall in EIS is the new kid on the block. Just got used to having OA in hand when I need it (and in addition to the licenses I have alongside the EIS licenses). On OA going pooof I have prepared for that eventuality (I have EIS licenses at hand in addition to the exchange of OA license to EIS) and the workarounds that I may try towards that trigger-mechanism via 3rd party apps. Or EAM + XX

As I do want more control and want to be at hand with what's going on upfront/behind my system I mostly rely on "Custom rules creation" -- for programs/application that I have experienced with and know/familiar with. At times my connections turns to borky so the bandwidth I am sensitive with it. Only what I need and allow. No silent backgrounds running eating my bandwidth as much as possible.

The arguments I posted was just in "queue" towards his asking of proof and when "proven" went to a whole new trivia which wasn't there in the first place...it just surfaced after the proof was shown. Fabian already explained that in the early beta months and in the Emsisoft forums.

I also tend to agree with your post's there...

http://support.emsisoft.com/topic/16475-is-this-product-dead-it-has-not-received-a-core-update-since-2013/

also Raul90 also pointed something about the event logs of the BB which there were no other details to see.

http://support.emsisoft.com/topic/1...isoft-internet-security-90-public-beta/page-3

We learn and stay informed by the alerts and from logs) but as you say it's a personal matter / preference. That's just me and I do not apply that to others(may be misinterpreted or misled).