Advice Request If you could pick only one program for protection.

Please provide comments and solutions that are helpful to the author of this topic.

9

93803123

So, you would be probably wrong. It is as true as saying that any human is just a mammal.:giggle:
I will try to explain my experience with AppGuard (I was a beta tester for some time).

Appguard is designed for semi-static setup. You can adjust it to get no alerts, but this is not a task for an average user. If AppGuard is properly configured, then the computer protected by AppGuard can be used by the average user. People who install frequently new applications will not be happy, as you could see by yourself.

If you will try to run something from the folders normally available to non-admin user (for example from the Desktop, USB drive, etc.) then it will be usually blocked (scripts, unsigned programs) or restricted, to prevent the infection of System Space. The restrictions are similar to sandboxing (with memory and registry guard) because they are automatically applied also to child processes. This is the first layer that can protect the system.

The second layer includes Guarded Applications installed in System Space (web browsers, Office applications, media players, webmail clients, etc.). They are restricted similarly to those from the first layer.

There are also other features like: IstallGuard (for MSI installers), ProtectedFolders, Publisher List, Power Applications, TamperGuard, Privacy Mode, Privacy Folders. The full info can be found in AppGuard manual:

Generally, AppGuard is suited as a companion to any AV, and this is strong protection against all kinds of malware (including fileless).(y)
I hope that @Lockdown (former MT member who worked for AppGuard) forgive me if I missed something important.:emoji_pray::giggle:

It comes down to what works best for the user.

SRP is simple ON-OFF. That makes it possible to add\remove software hourly. :)

For school I set up my laptop and I don't like changing it. I have put on it what I need to do. There's no need to change it. I've learned through experience that I wont find anything better than what I've chosen. I find constantly installing and uninstalling software to be disruptive. Annoying. But whatever, very few people are like me.

I would think that most people here avidly change their systems
 

Thales

Level 15
Verified
Top Poster
Well-known
Nov 26, 2017
732
It is a dead project. Releasing a BETA version in 2016 and then nothing afterwards means it is dead. It is 3-years dead. Probably ran out of money or key people left.

This illustrates the fundamental problem with FOSS.

You are probably right! My eyes are not getting better and I saw 2018 instead of the 2016. My bad :emoji_cold_sweat:
 
F

ForgottenSeer 58943

Sure, why not :) But seriously, I think that rather than not trusting all software from a particular country, you should treat all software on a case by case basis. I use plenty of Chinese software, including 360 Total Security and the browser I'm typing this on.

In the case of some countries, you can't really treat it as a case by case basis because these are authoritarian regimes where the govt. trumps all corporate interest and they don't have things like the Constitution to fall back on. There is nothing a company can do when compelled to comply by simple mandate from the current regime. Also given the history of some countries, their lust for telemetry/data, corporate espionage, sabotage and patent theft I think it really mandates that we simply avoid some countries products overall, and not render judgement based on a case by case basis.

We should be careful about where the products we use/install/purchase come from. Especially in the case of the aforementioned country which routinely is found to be in violation of safety standards, privacy, and lacking intrinsic consumer protections.
 
F

ForgottenSeer 58943

Not dead it is in Beta stage. However the devs are kinda slow.

Linux can progress glacially slow. But given the stable, secure, and boot-method of Discreet you aren't using it as an installed OS. Many of the privacy oriented Linux Distros have sort of all gone into development holding patterns and some, like Liberte' have been abandoned.

Here's a list of a few privacy oriented ones. Kodachi is very popular but less likely to please newbs. Tails is pretty popular. As with all Linux Distros, you need to try a few to find one that suits you for the purpose you want it for.. As with Linux in general, it's convoluted, lackluster, and filled with half completed projects.


I might move to Debian on my small, lower powered, but highly secure notebooks (they replaced Chromebooks) since my wife needs permanence on her notebook.. It will take some effort to re-pack the distro how I want it though but in the end it will be an LTS solution and very secure.
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,796
Idk, maybe until Linux is a thing? Personally, I can't go down the road MS has gone with 10. 10 ruins the experience of the business machine for me...

hummm can you elaborate? I've been running win7, but just installed 2 vm guests Ubuntu 18.04 LTS and win10 pro. so far for me, w10 has been ok, or even better than expected. Ubuntu good too.
 

Handsome Recluse

Level 23
Verified
Top Poster
Well-known
Nov 17, 2016
1,242
Linux can progress glacially slow. But given the stable, secure, and boot-method of Discreet you aren't using it as an installed OS. Many of the privacy oriented Linux Distros have sort of all gone into development holding patterns and some, like Liberte' have been abandoned.

Here's a list of a few privacy oriented ones. Kodachi is very popular but less likely to please newbs. Tails is pretty popular. As with all Linux Distros, you need to try a few to find one that suits you for the purpose you want it for.. As with Linux in general, it's convoluted, lackluster, and filled with half completed projects.


I might move to Debian on my small, lower powered, but highly secure notebooks (they replaced Chromebooks) since my wife needs permanence on her notebook.. It will take some effort to re-pack the distro how I want it though but in the end it will be an LTS solution and very secure.
Adguard's Social Media filter blocks the content of the site.
Why Debian/non-Ubuntu Debian-based distros specifically?
 

ebocious

Level 6
Verified
Well-known
Oct 25, 2018
252
It comes down to what works best for the user.

SRP is simple ON-OFF. That makes it possible to add\remove software hourly. :)

For school I set up my laptop and I don't like changing it. I have put on it what I need to do. There's no need to change it. I've learned through experience that I wont find anything better than what I've chosen. I find constantly installing and uninstalling software to be disruptive. Annoying. But whatever, very few people are like me.

I would think that most people here avidly change their systems

Which explains why it did not work well for me.

I can think of other setups which work better for largely static setups. Deep Freeze, Bitlocker... don't like them.

Thanks for the explanation Andy.
Maybe this can help? How to use AppGuard
 
Last edited by a moderator:
F

ForgottenSeer 58943


In defense of Burrito here.. It's not that we can't figure out Appguard or that we feel Appguard is hard to use. It's just that it really seems basic and a bit like an expanded GP tool. To me, it looks a bit like freeware, something the OSArmor guy would knock out in a few months of coding and testing.

I'd love to play with it more, but I don't see that it would be worth spending money on for what it does - IMO.

Has anyone tested Appguard with hub packs?
 

Burrito

Level 24
Verified
Top Poster
Well-known
May 16, 2018
1,363
In defense of Burrito here.. It's not that we can't figure out Appguard or that we feel Appguard is hard to use. It's just that it really seems basic and a bit like an expanded GP tool. To me, it looks a bit like freeware, something the OSArmor guy would knock out in a few months of coding and testing.

I'd love to play with it more, but I don't see that it would be worth spending money on for what it does - IMO.

Has anyone tested Appguard with hub packs?

True.

I was not going to go into it... but yes, it is not a matter of not understanding AppGuard. I used it.

It's a matter of being uninterested in AppGuard.

Even though security nerds love the concept of default-deny..... I'm over it.

No longer interested.
 

ebocious

Level 6
Verified
Well-known
Oct 25, 2018
252
In defense of Burrito here.. It's not that we can't figure out Appguard or that we feel Appguard is hard to use. It's just that it really seems basic and a bit like an expanded GP tool. To me, it looks a bit like freeware, something the OSArmor guy would knock out in a few months of coding and testing.

I'd love to play with it more, but I don't see that it would be worth spending money on for what it does - IMO.

Has anyone tested Appguard with hub packs?
Sorry if I came across as condescending. I believe @Burrito mentioned at one point that he'd gotten a lot of alerts, and was surprised that people were commenting on AG being quiet. I wanted to post this for people who may be interested, but are unfamiliar with AG.

Blue Ridge makes a bold claim that their customers haven't reported a single breach in 20 years. Whenever somebody has said they could defeat it, it always seemed to be with physical access. So if you're concerned about your nephew coming over and installing infected crapware, then I might suggest a limited account and UAC at always notify. :)
 
F

ForgottenSeer 58943

Appguard causes so many issues. I installed it today again to test. Played a steam game, it failed to exit the game correctly, locking up system. Disabled AG, it worked fine. EA's Alpha test of their streaming service, ran that, failed. Disabled AG, it worked.

Honestly, it may have uses, but not on a daily-driver, and certainly not on a gaming rig. I can see where installing on a stable, mostly web-browsing/office product use system for max protection might be fine. But otherwise, more trouble than it's worth IMO.
 

ebocious

Level 6
Verified
Well-known
Oct 25, 2018
252
Appguard causes so many issues. I installed it today again to test. Played a steam game, it failed to exit the game correctly, locking up system. Disabled AG, it worked fine. EA's Alpha test of their streaming service, ran that, failed. Disabled AG, it worked.

Honestly, it may have uses, but not on a daily-driver, and certainly not on a gaming rig. I can see where installing on a stable, mostly web-browsing/office product use system for max protection might be fine. But otherwise, more trouble than it's worth IMO.
Probably so. That might explain why Blue Ridge doesn't market to consumers. I can see AppGuard causing problems on a gaming rig, but saying it doesn't work on a daily driver raised my eyebrows. I use it on a daily driver, and my reliability history is a flatline 10.0 all the way back to before it was ever installed.

Gamers and download junkies would probably be better off without AG. But of course, I can't see myself playing Steam games and banking on the same unit, anyway. A gaming rig should be something you are free to tinker with, crash, and redo; not a productive machine that needs to stay up and running. And for God's sake, I hope you know better than to be playing MMORPGs on a unit that stores sensitive information. That's just begging for trouble.
 
Last edited:
F

ForgottenSeer 58943

Probably so. That might explain why Blue Ridge doesn't market to consumers. I can see AppGuard causing problems on a gaming rig, but saying it doesn't work on a daily driver raised my eyebrows. I use it on a daily driver, and my reliability history is a flatline 10.0 all the way back to before it was ever installed.

Gamers and download junkies would probably be better off without AG. But of course, I can't see myself playing Steam games and banking on the same unit, anyway. A gaming rig should be something you are free to tinker with, crash, and redo; not a productive machine that needs to stay up and running. And for God's sake, I hope you know better than to be playing MMORPGs on a unit that stores sensitive information. That's just begging for trouble.

Gaming rigs are gaming rigs. I consider them compromised devices. So sensitive information wouldn't be stored there unless precautions are taken, like a dual boot system with a segregated drive and active encryption. However, to be honest, anything really sensitive wouldn't even be on a computer capable of connecting to the internet at all.

However, in all fairness, how do we define 'sensitive' information for the average consumer? What does sensitive entail? We're not dealing with state secrets, and the simple act of using a good password manager, anonymous browser, VPN, and file encryption is going to be more than enough to guard those family photos and resumes. (even on gaming rigs) Financial accounts are generally by default well protected these days. Anyone that has tried to login to their Chase Account from a different device/IP/location/browser knows the struggle is real and any compromise of a card/account is protected and insured anyway.

Personally, I would classify my own sensitive information as things like medical records, birth certificates, various legal documents, registrations, stock options and other such things. None of those would ever see life sitting on anything connected to the internet. They're physically locked in a safe. Family photos encrypted, then placed on an encrypted zero knowledge cloud drive is going to exclude any potential compromise and deploying them on that is supremely easy to accomplish.
 

ebocious

Level 6
Verified
Well-known
Oct 25, 2018
252
Gaming rigs are gaming rigs. I consider them compromised devices.
Which defeats the purpose of installing AG on them, unless you have money to burn.

However, in all fairness, how do we define 'sensitive' information for the average consumer?
Anything that pertains to you or your finances. Address, phone, DOB, SSN, DL, CC/bank account, medical/legal documents... etc. Even your email address is valuable.

Financial accounts are generally by default well protected these days. Anyone that has tried to login to their Chase Account from a different device/IP/location/browser knows the struggle is real and any compromise of a card/account is protected and insured anyway.
Really?
97% of the world's largest banks are vulnerable to web and mobile attacks
 
Last edited:

Burrito

Level 24
Verified
Top Poster
Well-known
May 16, 2018
1,363
However, in all fairness, how do we define 'sensitive' information for the average consumer? What does sensitive entail? We're not dealing with state secrets...

But you are Sly.

People here are pretty much onto you.... you are some kinda secret-squirrel Military Intelligence Industrial Complex guy.

I personally don't hold that against you though.

I support your good work.

(Any phone taps that indicated otherwise are just jokes..)
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top