Need your input for NEW zero config application sandbox

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,592
I agree with @Peter2150 according to companies market.
There will be a strong competitor = AppGuard. Additionally, the companies have administrators who will like a flexible and configurable version with GUI, no 0-config variant.
Home users could like a usable 0-config version, but in my opinion, that will be possible on Windows 8+, when using obligatory SmartScreen.
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,592
Maybe, for Windows 7 users, it is better to prepare less restrictive Sandbox = only preconfigured protected programs + folder protection + blocking scripts (PowerShell via System.Management.Automation.dll). Adding folders and excluding protected programs could be managed from the system tray.
 

Windows_Security

Level 24
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
Come on guys, back to reality. Without a GUI, there won't be any income. How many users here and at Wilders use Excubits drivers. And that in itself is the problem. They are drivers, there is no software. I've learned to use them, but I'd never but them on any friends machines. Let me say it again. No GUI, no income.
The zero config should generate the extra income, because it circumvents the need for GUI.

Possible development calendar of ZERO CONFIG could be (when license earnings of ZERO CONFIG, NOT THE DRIVER-ONLY PROGRAMS IT IS BASED ON, would justify this):
  • zero config with default folders
  • zero config with folders scan (for more flexibility) and GUI supported exception rules
  • use experience of GUI exception rules to launch a PRO version with
    • GUI (point is that you have to keep it simple) and
    • central library where rulesets can be downloaded per program.
  • Add a corporate market admin tool for PRO version where exceptions and ruleset application can be centrally managed and deployed
 
Last edited:
  • Like
Reactions: Handsome Recluse

Windows_Security

Level 24
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
For new devs focusing on home users, i believe MT is better than Wilders, you will have more feedbacks and less "technical" critics about this or that not doing like software X or Y.

And if you officially represent Excubits, it is your job to make it visible ; i will tell you, if your product is worthy, you won't have much difficulties to make it visible .;)
I agree about the MT advantage (posted that myself, so should be strange when I would disagree on that), repeat the question: compare number of devs choosen for Wilders or MT is say last 5 years. That illustrates my point on visibility of thread. But I will stop complaining about it. :)
 

Freki123

Level 16
Verified
Top Poster
Aug 10, 2013
753
I would also prefer an Gui. Everytime i look at the Exubits stuff and see no GUI i think i will wait till he does some :D It's 2017 i expect things to click not type or make extra typos and fxx all up. When you wanna go against appguard i guess their Homeland Security Award is what you need to beat for the US market to get companys.
 

Freki123

Level 16
Verified
Top Poster
Aug 10, 2013
753
Guy let's not start drama here im out of popcorn*duck*
@danb The users that accept deny by default are the ones that read security news i would think. The other users would be annoyed if keygen.exe doesn't work for their new videogame. And they would expect to have there programs running whatever they have installed. So you have to protect lots of different offices or emailreader and so on. Just my guess which could be totaly wrong.
 
Last edited:

Freki123

Level 16
Verified
Top Poster
Aug 10, 2013
753
Depends if i like him/her or not and if im willing to spend some time with his pc. Avast hardened and VS (since it doesn't scan large files afaik). Or maybe just use linux *duck*
 
Last edited:

overdivine

Level 2
Verified
Aug 21, 2013
90
default deny would work great in enterprise environment where pc user must have access to a determined number of software.
for average user it will be hard. hell they remove antiviruses for patch/keygen to work
 
  • Like
Reactions: Freki123

klaken

Level 3
Verified
Well-known
Oct 11, 2014
112
A GUI that if for the moment only a modifiable file (like block of note(note pad++)) for the creation of list of folders in white list and protected outside the pre-established rules ..

It would be easy to export.
This ensures that users with knowledge can modify it ..
In addition home users would not use a denial program by default or without GUI

What if a file can only modify elements of its same location (eg folder) .. so they could be updated among others.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,592
Hehehe, wrong (once again). The issue is that most users are not willing to accept deny-by-default.

I have been saying this for years, but very few people get it... either way the computer should be locked when it is at risk.
I agree. So, maybe we define what is the risky situation. I think that it is there, when the user runs any protected program (web-browser, office, media player, pdf reader). But, if those programs are restricted/sandboxed, then the user is protected.
Adding the point 7 (Block executables (MZ-header) located in user folders) has more cons than pros in daily work. Malware usually drops payloads into locations other than Download or Desktop folders, and thankfully those two folders are most popular when running/installing programs chosen by the user.
Anyway, some people would like adding the point 7 to the setup, so it could be available as a switch ON/OFF option.
 
  • Like
Reactions: Duotone

Windows_Security

Level 24
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
I agree with @Peter2150 according to companies market.
There will be a strong competitor = AppGuard. Additionally, the companies have administrators who will like a flexible and configurable version with GUI, no 0-config variant.
Home users could like a usable 0-config version, but in my opinion, that will be possible on Windows 8+, when using obligatory SmartScreen.

I disagree. System administrators don't want end users messing with security. So a zero config foro a single focus appplicaton (extend life for Office 2007) is a no-brainer. The only real threshold would be when protection expands from Office 2007 to other programs, that would require central management (with a GUI).

But you are making a point here. I will discuss this on the 11th. Two downlads, one zero config only focusing on Office 2007 with a volume pricing schedule and the home user version we are discussing here with lifetime license version with possible attractive options to allow a multi, (say 3) device install. This would effectively make the zero config JAIL cheaper than a big mac per device. But Florian is the one who decides on this, so don;t pin me down on this blog post (as a MT forum member I am also representing your interests :) )
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,592
I disagree. System administrators don't want end users messing with security. So a zero config foro a single focus appplicaton (extend life for Office 2007) is a no-brainer. The only real threshold would be when protection expands from Office 2007 to other programs, that would require central management (with a GUI).
System administrators will configure the Sandbox from the location not accessible to the end users. That is the standard practice in Enterprises. Most end users will never see this program.
 

Windows_Security

Level 24
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
System administrators will configure the Sandbox from the location not accessible to the end users. That is the standard practice in Enterprises. Most end users will never see this program.
See we agree :)
 
  • Like
Reactions: Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,592
I am confused a little about the way that an average home user will install the new programs. That will be not possible from the Download folder. So, will it be possible from the Desktop?
 

Windows_Security

Level 24
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
Some clarification on how these rules work together:

Limit write access of internet facing software to Download folder and Desktop
Should prevent malware dropping binaries or changing user data (except own AppData and Download and Desktop folder)

Limit execute access of Download folder (and Desktop) to 'safe' parents
Close down holes where malware is allowed to drop executables

Block executables (MZ-header) located in user folders (documents, photo's, video, music)
Should prevent script based malware (e.g. hidden in office documents and media files) to execute binaries in user folders, allow Downlod

As said no rule in protects 100% protection (except exploits),, but the combination makes them effective while remaining easy to use.
 
  • Like
Reactions: frogboy

Windows_Security

Level 24
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
I am confused a little about the way that an average home user will install the new programs. That will be not possible from the Download folder. So, will it be possible from the Desktop?
No Download and Desktop will be allowed when triggered by safe parents.
 
  • Like
Reactions: Andy Ful

overdivine

Level 2
Verified
Aug 21, 2013
90
to be honest i think support for office 2007 (it's been 10 years) or software past its lifecycle it's counterproductive.
there are already a lot of free alternatives, even online ones.
you should develop for the future or the present not for the past
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,592
to be honest i think support for office 2007 (it's been 10 years) or software past its lifecycle it's counterproductive.
there are already a lot of free alternatives, even online ones.
you should develop for the future or the present not for the past
That is not so simple in companies. They have to use one program office in all sub-companies, and they do not change the software because of backward compatibility. When you install the free office suite, the documents loose the formatting and usually, the document conversion sucks. So, it will be important to companies keeping Office 2007 and secure it with additional software.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top