App Review Heilig Defense RansomOff Bypassed

[stefanos]

I advertise which product?

I'm a motorcycle painter. A while ago I had a page and channel on youtube. I always used the devilbiss paint gun, and I had the title of the motorcycle. Usually susuki. After a while I painted all of the susuki motorcycles from my city's susuki dealership.

 

[stefanos]

RoxasDev Because my English is very bad. And the translator does not help me explain what I want correctly. Check out these videos from our member and the titles he has.

So I believe you will understand what I mean. Good morning to everyone.

 

[93803123]

if the program detects that it is confined it will not do any action which could force the user to run this program outside the sandbox.

Well, of course, if the user thinks a program is clean they will run it outside the sandbox. Heck, most users will already assume that a file is clean based upon where they obtained the file from or the presence of a digital signature - and that is for the very tiny % of users that will pay attention to those details. If the security solution does not explicitly identify a program as malicious, most users will just run the program.

How many people will take a sample and run it in a virtual machine and make a manual determination of its safety before running it on their system ? No one except for an uber-security geek.

if COMODO through allow the execution outside the sandbox makes a kind of whitelist in the HIPS module I find a pity and it represents a security risk.

This issue has been debated at COMODO forum.

 

[HeiDef]

A little late to the party here but we will be releasing an update shortly. Not necessarily in response to this video but it has just been a long time coming. About the video, Roxas doesn't share his secret sauce on how he disables RO but fact of the matter is there are a number of ways to bypass security tools. The self-protection that RO implemented was geared towards specific use cases but we have expanded it a bit in the upcoming release.

 

[upnorth]

we will be releasing an update shortly.

Looking forward to that.

 

[ForgottenSeer 823865]

Everything is bypassable, what is ridiculous, is that some people getting emotional and deny it even with the proof under their eyes.

 

[davisd]

Have Heilig has something to do with CIA? I would not be happy finding out something shady going on in the background. Was about to try, now I am cautious about this tool. Is there any quarantee that there's no sniffing and suspicious behaviours happening? I'd be more happy to hear users opinions not Dev's, wich is unknown to me, nothing personal. Thanks in regards.