Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Other security for Windows, Mac, Linux
WiseVector Free AI Driven Security
Message
<blockquote data-quote="Decopi" data-source="post: 976665" data-attributes="member: 67091"><p>Thank you [USER=76851]@WiseVector[/USER],</p><p></p><p></p><p></p><p>Finally, now is clear.</p><p>And unfortunately that's a problem!... because I was right.</p><p>In real world, running a file is one thing, and its network connection is another thing. They're two very different functions, complementary, independent, never subordinated.</p><p>If I allow an exclusion file to run, it doesn't (necessarily) mean that I allow its network connections.</p><p>Hope you receive my interpretation as a possible future WV upgrade, allowing WV firewall (rule) functions to work as a complement, never as a subordination of other WV functions.</p><p>It's not a matter of hierarchy. It's a matter of different functions. It's wrong to subordinate "firewall (rule) functions" to "running functions".</p><p></p><p></p><p></p><p>With all due respect, this is not a solution, this is a bad workaround.</p><p>The "unsafe" category is determined by WV, not by the user. So, if WV determines that a file is "unsafe", and the user wants to run it, then there is no choice, the user is forced to create a WV exclusion. And if by chance the user has lots of "unsafe" files determined by WV, well, then in this case is ridiculous to disable the WV realtime protection, lowering security level for the whole device.</p><p>Your suggestion is a particular workaround, negatively affecting the general solution.</p><p></p><p></p><p></p><p>Bingo! Excellent question.</p><p>I can think about several examples where a user needs to create a WV exclusion (allowing an unsafe file to run), but same user at same time wants to block its (particular) network connections.</p><p>One example is "average Joe" (user) dealing with "unsafe" files. When WV determines that a file is unsafe, and average Joe needs this file running, the common (wrong) behavior is to allow this file to run. If this file is just a FP, no problem with network connections. But if WV is right, and the file indeed is unsafe, then blocking networking connection (rule) may reduce damage.</p><p>Another example is "advanced Joe" (user) dealing with FPs. I have at least 20 files that WV identified them as "unsafe" and I'm 99% sure they're FPs. So I allow them to run. But for many reasons, I want to block their network connections. Unfortunately, that can't be done with WV, I need a separated Firewall program to block WV "unsafe" (allowed exclusions) network connections. And no, reporting FPs to WV won't help when these FPs are constantly changed due to frequent updates/upgrades (also, if FPs detected by WV as unsafe are portable software, at any location change (drive, folder etc) WV always will block this FP again an again as a new unsafe file).</p><p></p><p>Please, let me be clear, I love current WV simplicity and minimalism. And I don't want to see WV bloated with endless options.</p><p>But in this case, will be very useful a simple option inside the exclusion function, asking the user if the exclusion should include "internet connections", "hips" etc (category of rules). It can be done by adding simple check boxes inside exclusion popup (for category rules). Unchecked boxes will mean actual WV default behavior, 100% allowing an unsafe file to run (overwriting all WV rules). And checked boxes will mean allowing to run the unsafe file, but subordinated to WV category rules (firewall, hips etc).</p><p></p><p>Thank you once again.</p><p></p><p>EDIT:</p><p></p><p></p><p></p><p>IMHO this is bad UI.</p><p>I understand that normal or maximized WV window will affect the visualization of excluded paths. No problem with that!</p><p>But at normal WV window, if user copies/pastes a long exclusion path, then the long path is not only hidden, but worse, is cut (automatically reedited) by WV (without user knowing that).</p></blockquote><p></p>
[QUOTE="Decopi, post: 976665, member: 67091"] Thank you [USER=76851]@WiseVector[/USER], Finally, now is clear. And unfortunately that's a problem!... because I was right. In real world, running a file is one thing, and its network connection is another thing. They're two very different functions, complementary, independent, never subordinated. If I allow an exclusion file to run, it doesn't (necessarily) mean that I allow its network connections. Hope you receive my interpretation as a possible future WV upgrade, allowing WV firewall (rule) functions to work as a complement, never as a subordination of other WV functions. It's not a matter of hierarchy. It's a matter of different functions. It's wrong to subordinate "firewall (rule) functions" to "running functions". With all due respect, this is not a solution, this is a bad workaround. The "unsafe" category is determined by WV, not by the user. So, if WV determines that a file is "unsafe", and the user wants to run it, then there is no choice, the user is forced to create a WV exclusion. And if by chance the user has lots of "unsafe" files determined by WV, well, then in this case is ridiculous to disable the WV realtime protection, lowering security level for the whole device. Your suggestion is a particular workaround, negatively affecting the general solution. Bingo! Excellent question. I can think about several examples where a user needs to create a WV exclusion (allowing an unsafe file to run), but same user at same time wants to block its (particular) network connections. One example is "average Joe" (user) dealing with "unsafe" files. When WV determines that a file is unsafe, and average Joe needs this file running, the common (wrong) behavior is to allow this file to run. If this file is just a FP, no problem with network connections. But if WV is right, and the file indeed is unsafe, then blocking networking connection (rule) may reduce damage. Another example is "advanced Joe" (user) dealing with FPs. I have at least 20 files that WV identified them as "unsafe" and I'm 99% sure they're FPs. So I allow them to run. But for many reasons, I want to block their network connections. Unfortunately, that can't be done with WV, I need a separated Firewall program to block WV "unsafe" (allowed exclusions) network connections. And no, reporting FPs to WV won't help when these FPs are constantly changed due to frequent updates/upgrades (also, if FPs detected by WV as unsafe are portable software, at any location change (drive, folder etc) WV always will block this FP again an again as a new unsafe file). Please, let me be clear, I love current WV simplicity and minimalism. And I don't want to see WV bloated with endless options. But in this case, will be very useful a simple option inside the exclusion function, asking the user if the exclusion should include "internet connections", "hips" etc (category of rules). It can be done by adding simple check boxes inside exclusion popup (for category rules). Unchecked boxes will mean actual WV default behavior, 100% allowing an unsafe file to run (overwriting all WV rules). And checked boxes will mean allowing to run the unsafe file, but subordinated to WV category rules (firewall, hips etc). Thank you once again. EDIT: IMHO this is bad UI. I understand that normal or maximized WV window will affect the visualization of excluded paths. No problem with that! But at normal WV window, if user copies/pastes a long exclusion path, then the long path is not only hidden, but worse, is cut (automatically reedited) by WV (without user knowing that). [/QUOTE]
Insert quotes…
Verification
Post reply
Top
