Terra Privacy's Hacker Deterrent Pro

  • This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Will you try Terra Privacy's Hacker Deterrent Pro?


  • Total voters
    65

Umbra

Level 61
Content Creator
Verified
May 16, 2011
17,471
30,678
Operating System
Windows 10
Installed Antivirus
Default-Deny
#1
Innovative Approach

Hacker Deterrent’s innovative approach is surprisingly easy-to-use:

1. Hacker Deterrent initially blocks all applications (except your browser) from accessing the internet.

2. Hacker Deterrent then discovers and displays the actual name to whom each application wants to connect (e.g. “Microsoft Corporation,” “Adobe Inc.,” etc.).

3. You just click on the names of makers of software/hardware you own (which tells Hacker Deterrent to allow them).

That’s it. You’re done. After all, everything else remains blocked — including invisible backdoors, spyware, and trojans.

Incredibly simple. Incredibly secure.

Dynamically Generated Whitelists

Industry leaders recognize that a security method known as whitelisting is the most effective approach to stopping hackers.

Traditional whitelisting effectively stopped hackers by restricting traffic to a predetermined list of sites. But the problem is that traditional whitelisting is too cumbersome to setup and it’s far too restrictive to use. Therefore, the industry conceded the point and used the opposite approach (blacklisting) in its mass-market antivirus and firewalls.

Unfortunately, widespread use of blacklisting gives hackers free reign over any computer they want. Genuine protection can only come by finding a solution that maintains the effectiveness of whitelisting while also being easy to setup and easy to use as well.

The secret to Hacker Deterrent’s unparalleled strength is found in a brand new invention: Dynamically Generated Whitelists. Dynamically Generated Whitelists are the answer that the cybersecurity industry has been searching for. After all, Dynamically Generated Whitelists don’t require any setup whatsoever because they start out with zero entries. There’s literally nothing to even setup.

Take the Name-Based Whitelisting described above. Name-Based Whitelisting starts with zero entries and then you simply click to allow your apps to talk to their makers — generating the whitelist on-the-fly, in realtime. You finally have the effectiveness of whitelists that’s also effortless to setup and easy-to-use as well.

Browser-Based Trojans

Name-Based Whitelisting is so powerful that it stops app-based trojans that popular security programs don’t even touch. (See video above.) However, as discussed above, it works for all your apps but not your browsers. When it comes to internet communication, browsers are very different than apps:

  • Apps typically only talk to their makers. Therefore Name-Based Whitelisting stops app-based trojans by ensuring that apps only talk to their makers.
  • Browsers rarely talk to their maker. Instead browsers are designed to talk to an unlimited number of different sites.
Therefore, the creator of Hacker Deterrent needed to invent a completely different form of dynamically generated whitelisting to protect browsers.
Interesting :D
 

SHvFl

Level 32
Content Creator
Verified
Nov 19, 2014
2,161
16,402
Operating System
Windows 10
Installed Antivirus
Emsisoft
#2
Interesting but sounds too good to be true. Will give it a go when i get some more time and see if it actually does what they are saying I am pretty sure it's really hard to confirm it.
 

Umbra

Level 61
Content Creator
Verified
May 16, 2011
17,471
30,678
Operating System
Windows 10
Installed Antivirus
Default-Deny
#5
Video :



The interesting facts :


1) Once you install Hacker Deterrent Pro, open multiple tabs each with different webpage. Then, in each tab, click on the Hacker Deterrent Pro icon in the browser. For each tab, you will see the sites that are required for that tab's webpage, and that tab's webpage only. For example, let's say you open two tabs (apple.com and cnet.com). When you click on the Hacker Deterrent Pro icon on the apple.com tab, you will only see the sites needed by apple.com; when you click on the Hacker Deterrent Pro icon on the cnet.com tab then you will only see the sites required by cnet.com. Thus, you can verify that Hacker Deterrent Pro is indeed keeping track of which sites are required by each of the webpages.

2) Now, to confirm that Hacker Deterrent Pro blocks everything else, you can install any plugin from any company that requires an internet connection. For example, you can install Ghostery or NoScript (both of which communicate with their company servers). You will notice that regardless of which plugin you choose, that plugin will automatically be blocked from connecting to the internet (until you click on the lock to allow it). Browser-based trojans are blocked in the identical way that your chosen plugin was blocked.

Hacker Deterrent Pro's novel approach blocks browser-based programs regardless of the manner in which they've injected themselves into the browser. Thus, even unknown zero-day injection techniques are still blocked since Hacker Deterrent Pro doesn't concern itself with how the injection occurred in the first place.
When you first open your browser, the Transient Whitelist is empty. In other words, all browser traffic is blocked. Therefore, by definition, all browser-injected trojans are blocked. :)
We use a digitally-signed kernel-level firewall that blocks all internet traffic not in the whitelists. Only corporate trackers are blocked by the plugin whereas trojans are blocked by the kernel-level firewall. Our design principle is tight. If a hacker disables our plugin then no browser traffic is in the whitelist. This automatically results in the kernel-level driver blocking all browser traffic. In other words, if a hacker tampers with the plugin, he only shuts himself off from the internet anyway! Neither Ghostery nor uBlock have anything remotely close to this. In fact, if a hacker disables the Ghostery or uBlock plugins then he has unfettered access; unlike Hacker Deterrent Pro.
The architecture of the commercial release will have the following components:
  • WFP Transport Driver: Used to distinguish which apps are sending/receiving which packets.
  • NDIS Driver: For lower-level control (for use in MAC-based LAN packet whitelisting which is forthcoming)
  • WebExtension Plugin: For cataloguing which webpages connect to which sites.
  • Cloud Services: Provides domain owner info services, site geolocation services, trusted DNS servers list, etc.
  • User-Mode GUI: All four of the above connect to and are coordinated by the user-mode GUI.
In a forthcoming version of Hacker Deterrent Pro a MAC-based bridge driver will also be included to allow you to use your computer as a HotSpot for every smart device in your home or office. This too will connect to the GUI so that every device in your home or office can be protected by dynamically generated whitelists.
Each time you open your browser, Hacker Deterrent Pro's kernel-level firewall blocks all browser traffic until your browser loads the security plugin. This is necessary (otherwise trojans could take advantage of this window of time). Therefore, your homepage needs to be registered with Hacker Deterrent Pro so that it can tell the security plugin to launch it after it loads.
 

Umbra

Level 61
Content Creator
Verified
May 16, 2011
17,471
30,678
Operating System
Windows 10
Installed Antivirus
Default-Deny
#6
so in the screenshot , you can see the monitored stuff and terminate what you don't want connecting to the net.

The second screenshot show what the page uses.
 

Attachments

Last edited:

_CyberGhosT_

Level 52
Verified
Aug 2, 2015
4,177
27,272
Operating System
Linux Mint
Installed Antivirus
Default-Deny
#8
Cannot the same be accomplished by setting up the rules in the firewall?
Agreed, but it does look interesting. The problem is I have a setup that accomplishes this softwares goal already, and I
am not ready to dump what I have. "for me" it would not be filling a gap, it would be useless overlap.
I hope that makes sense.
Cool share anyway.
 

Michael Wood

From Terra Privacy
Developer
Jun 13, 2017
101
119
#9
Cannot the same be accomplished by setting up the rules in the firewall?
Firewall rules cannot accomplish what Hacker Deterrent Pro does. As but one example, let's say that you visit a site such as cnn.com. Hacker Deterrent Pro automatically discovers all the sites that cnn.com needs to generate the page (usually around 100 other sites) and it automatically adds these sites to the Transient Whitelist. The moment you close cnn.com, all of these entries are immediately removed from the Transient Whitelist. No firewall rules accomplish this.

Transient Whitelisting offers many security benefits that traditional firewalls don't provide. First, Transient Whitelisting only allows traffic to the webpages you have open and the sites needed to generate those pages. All other browser traffic is blocked. In other words, all browser-injected trojans and browser-imitating trojans remain blocked. Second, by automatically removing entries from the whitelist, you are protected if you are tricked into accessing a malicious site. The moment you leave the malicious site, all your connections to the site are immediately removed from whitelist, closing off the possibility of the website establishing a permanent backdoor.

Hacker Deterrent Pro offers numerous protections that cannot be obtained through firewall rules. Kindly see the bottom of the website at TerraPrivacy.com for both a list of those protections along with links to video demonstrations of each.
 

Michael Wood

From Terra Privacy
Developer
Jun 13, 2017
101
119
#10
Agreed, but it does look interesting. The problem is I have a setup that accomplishes this softwares goal already, and I
am not ready to dump what I have. "for me" it would not be filling a gap, it would be useless overlap.
I hope that makes sense.
Cool share anyway.
What security do you use to block trojans from connecting to command and control centers after they've successfully injected themselves into your browser? This is one of the many features we believe is unique to Hacker Deterrent Pro. However, if there's other software that accomplishes this then it would be helpful to know.
 

Slyguy

Level 28
Jan 27, 2017
1,756
7,050
Operating System
Other OS
#11
I've been using this for months now.

It's how I discovered Trend Micro Processes sending data to telemetry/data mining firms and Booz Allen Hamilton. Strangely, my Fortigate 200D didn't show this traffic but I don't have the Fortinet RCA installed to peel open encrypted traffic so it probably skipped my observation. I also don't have the Untangle RCA so it passed that. But this showed the traffic.

One good part is, you don't have to dig around and whois anything it finds, it does that for you.
 

Lockdown

From AppGuard
Developer
Oct 24, 2016
2,918
12,630
#12
1. Hacker Deterrent initially blocks all applications (except your browser) from accessing the internet.
This can be done with Windows firewall.

Alexandru, the developer of Windows Firewall Control, sets his system up precisely as above.

Then he enables Windows Update firewall rule, updates Windows, then disables the firewall rule.

Basically, he blackholes his system with the bare minimum firewall rules.
 

Michael Wood

From Terra Privacy
Developer
Jun 13, 2017
101
119
#14
This can be done with Windows firewall.

Alexandru, the developer of Windows Firewall Control, sets his system up precisely as above.

Then he enables Windows Update firewall rule, updates Windows, then disables the firewall rule.

Basically, he blackholes his system with the bare minimum firewall rules.

It can really be done with anything.. My Fortinet on the gateway and Untangle in transparent already do some of this..

Personally, it's something I would use as a diagnostic tool in testing then uninstall it and if necessary put appropriate blocks in the UTM.
Hacker Deterrent Pro offers numerous protections that aren't found anywhere else. For example, what other software solely allows the webpages you have open and the sites they need to generate the page while blocking everything else? To the best of our knowledge, only Hacker Deterrent Pro does this.

For example, if you open cnn.com, Hacker Deterrent Pro only allows traffic to cnn.com and the sites that webpage needs. All other traffic is blocked. In other words, browser-injected trojans and browser-imitating trojans remain blocked. To the best of our knowledge, this type of (necessary) security is unique to Hacker Deterrent Pro. If you could kindly share other software that does the same, that would be helpful.
 

Slyguy

Level 28
Jan 27, 2017
1,756
7,050
Operating System
Other OS
#15
Hacker Deterrent Pro offers numerous protections that aren't found anywhere else. For example, what other software solely allows the webpages you have open and the sites they need to generate the page while blocking everything else? To the best of our knowledge, only Hacker Deterrent Pro does this.

For example, if you open cnn.com, Hacker Deterrent Pro only allows traffic to cnn.com and the sites that webpage needs. All other traffic is blocked. In other words, browser-injected trojans and browser-imitating trojans remain blocked. To the best of our knowledge, this type of (necessary) security is unique to Hacker Deterrent Pro. If you could kindly share other software that does the same, that would be helpful.
Hey Michael,

Your software was priceless in my testing. It established the link between Trend Micro and 'suspect' firms, as well as their links to Booz Allen Hamilton(NSA). That's changed everything for me and a few people I know.. See this thread;

Why does Trend Micro send telemetry to data mining firms?

I'm building out a spare box at home into a test machine for your program to see what I can find other AV/Security products doing behind the scenes.. It should be eye opening!
 

Michael Wood

From Terra Privacy
Developer
Jun 13, 2017
101
119
#16
Hey Michael,

Your software was priceless in my testing. It established the link between Trend Micro and 'suspect' firms, as well as their links to Booz Allen Hamilton(NSA). That's changed everything for me and a few people I know.. See this thread;

Why does Trend Micro send telemetry to data mining firms?

I'm building out a spare box at home into a test machine for your program to see what I can find other AV/Security products doing behind the scenes.. It should be eye opening!
I'm glad our software helped. Thanks for letting me know.

Here's a test you can include if you'd like:
  • Install any security software you'd like.
  • Install any browser plugin that communicates across the internet (such as Ghostery, NoScript, etc.).
  • See if the security software allows the plugin to communicate without requiring your express permission.
The reason this test is important is that browser plugins communicate via the same internal channel as browser-injected trojans. If your plugins don't require your express permission than neither do browser-injected trojans. However, if the security software does separate this communication channel from webpage traffic then it's doing the same thing as our software. However, to the best of our knowledge, our patent-pending approach is unique in this essential regard.

I'm looking forward to hearing the results of any testing you perform.
 

Slyguy

Level 28
Jan 27, 2017
1,756
7,050
Operating System
Other OS
#17
I'm glad our software helped. Thanks for letting me know.

Here's a test you can include if you'd like:
  • Install any security software you'd like.
  • Install any browser plugin that communicates across the internet (such as Ghostery, NoScript, etc.).
  • See if the security software allows the plugin to communicate without requiring your express permission.
The reason this test is important is that browser plugins communicate via the same internal channel as browser-injected trojans. If your plugins don't require your express permission than neither do browser-injected trojans. However, if the security software does separate this communication channel from webpage traffic then it's doing the same thing as our software. However, to the best of our knowledge, our patent-pending approach is unique in this essential regard.

I'm looking forward to hearing the results of any testing you perform.
I can already tell the answer.. Every AV product I have tested doesn't differentiate between plugin and web traffic. Heimdal might actually do this though, I've had it stop some malicious plugins on some test boxes. I can't validate that with any actual lab results however. I'm thinking your product might be really effective against state sponsored threats as it's validating the paths back to servers from all processes and denying those that aren't explicitly assigned to the core domain.
 

Slyguy

Level 28
Jan 27, 2017
1,756
7,050
Operating System
Other OS
#18
From a marketing standpoint, I fear this won't appeal to the majority but will find a home with the hardcore, IT guys and truly paranoid.

My opinion on that is - offer a 'lite' version, that blocks/notifies of background process activity, such as Trend Micro connecting to Booz rather than Trend domains. Leave it at that. Then offer 'advanced' options or advanced version that has all of the other stuff like the browser things.. I can't install something like this on a normal PC because it would block way too much browsing on normal websites without constant whitelisting.

I'd create the lite version, drop the product into the tray, then have a sliding notification that pops up when something like Avira connects to Mixpanel or Trend connects to Booz. Auto-Block that crap, then allow the user to manually whitelist. I'd pay solid cash for something like that which I can run un-attended on a large number of PC's to keep that background trash from stealing telemetry.
 
Oct 2, 2014
792
2,293
#19
I played with it a bit this afternoon found it very handy when you want make sure everything is in order. Clean interface. Does well what it says it does. More impressive is that it did work with no issues alongside Comodo FW and MBAE. I just had to release the padlock for these ones but that's it.
 
Last edited:

Slyguy

Level 28
Jan 27, 2017
1,756
7,050
Operating System
Other OS
#20
I played with it a bit this afternoon found it very handy when you want make sure everything is in order. Clean interface. Does well what it says it does. More impressive is that it did work with no issues alongside Comodo FW and MBAE. I just had to release the padlock for these ones but that's it.
Did you find your apps running pretty clean?

So far, I have found Heimdal, CCleaner Cloud, Sync, Dr. Web and any other apps not mentioned to all be very clean apps. Previous dirty ones already mentioned. But as soon as I get time I am going to toss this on an Optiplex 780 and run through all of the AV products to watch where there processes phone home to. I was a bit surprised, Dr. Web is absolutely clean and actually has very very limited traversal of data (with cloud on). Heimdal is as clean as a whistle in terms of background activity, only checking cloud/updates and GoogleDNS once in awhile.