krw

Member
  • Content Count

    10
  • Joined

  • Last visited

Community Reputation

0 Neutral

About krw

  • Rank
    Member
  1. Fabian, While I appreciate your concern for my depth of knowledge regarding DNS, you should know that I go all the way back to the root origins of DNS, ARPANet RFC 226 (Request For Comment 226), 1967. While I agree that DNS is a complicated technology, that still does not justify, or clarify the mechanics of OA's Banking Mode module. In my opinion, it does not need to run if not engaged (Ctrl + Alt + B). It does not need to second guess if the user has forgotten to engage Banking Mode by adding and trusting CDN's of any kind to the domains list. It does not need to make the decision that all favorites and bookmarks get trusted automatically. Trusting banking CDN's and websites is one thing when "Banking Mode" is engaged. However, YouTube, Google, Twitter, the kennel where I board and watch my dog via webcam? I think not, especially when "Banking Mode" is not active. Trusting those CDN's should be a user decision, not OA's. There is nothing in DNS protocol, not registration, or aliases, (CNAMEs) that require any firewall to run in this manner. Furthermore, your comments on Virus Bulletin's test results make me wonder why I never hear developers complain when their products top that list. However, when their products slide down a few pegs on that list, suddenly, the testing process is sub-standard. If you do not believe in the VB100 testing process, then why does Emsisoft continue to participate and advertise old results on the bottom left corner of your homepage? http://www.emsisoft.com/en/ With that said, I am no (security software) watchdog group leader, or activist, interested in how you run your business. I am an educated paying customer of your product who now disagrees with the product's development direction. In my business, I constantly try to learn something new and I have been at it for 40-years. Perhaps, you should try and adopt that philosophy. That way, you can use the comments made in this forum to perfect the imperfections in your products, and to develop new and better ideas, rather than taking an adversarial posture with the underlying tone of your comments being, "you are right, and everyone else is dead wrong". The next time you try and close a conversation by speaking in technical terms, be sure the person with whom you are speaking to is in over his, or her, head. In closing, this will be my last post regarding this issue whether you reply or not. Good luck, krw
  2. Fabian, I purchased your software based on results from Virus Bulletin 100 last year. At that time, EAM was at the top of the RAP test. I have attached the recent RAP test results as they appear for February through August 2013. EAM is no longer at the top of the list. Now, you can defend your changes any way you like but the reality is, Emsisoft is quite different than it was this time last year. In addition, one of my systems still had OA version 6 because auto update was disabled. An update was performed and that system too experienced adding every CDN it came in contact with on the web to the domains list. With that, I discovered the update process did not go quite correctly where add remove programs still showed OA as version 6 after updating to 7. A complete uninstall and reinstall corrected the addition of every CDN being added to the domains list. However, it still adds 5 or 6 CDN's which I am dead set against. If I want my system to trust a CDN in Banking Mode, I'll tell it which one's it can trust! And why these CDN's get added when the system isn't even in Banking Mode is beyond me. No matter what you say to me, there is no logical reason for this behavior. krw
  3. There is a big difference between a retail store and an online retailer and EAM has never been on the shelf of any retail store in my area, ever! You don't have telephone tech support! And I find it funny that my renewal had a price of $67.46. But promotional costs you give to new users? Way to go... That's great customer loyalty! I find your customer research surprising. Perhaps that explains why I am the only person here calling you out! And lastly we finally agree on something, "The Domain Blocker Doesn't Work!
  4. What good will blocking the domain do when OA will just trust it again?
  5. Here is an image of the CDN's (Content Delivery Network) servers used by Windows update on a 64-bit Windows 7 system if that makes a difference which I doubt. Once these CDN's added them selves to OA"s domain list, they were then blocked. A check for updates was executed with the Windows Update CDN's blocked in OA, and the check for updates still complete successfully. I just thought I would share that one last thought... Thank you Krw
  6. Now that I have moved past my anger I would like to leave you with some truth to consider. There are two kinds of security packages on the market today for end users. Totally automated products, and granular control products. The difference in the two types is simple as you know... Automated products are less effective detecting infections and rarely break any websites. Granular control products are effective in proactively detecting infections but almost always break a website or two. So it is safe to say that users who chose granular control products are ok with not seeing a flashing ad on a webpage, or having to tweak a setting to log-into something, and gladly trade that for a higher security standard. I have yet to see a security product combine both of those principles successfully. It is either functionality, (Automated), or security (Protected). In fact, if you achieved the merging of the two package types, Microsoft would buy you out immediately and you could write your own ticket. However, there is something you must consider before embarking on such a quest. Where do your customers go while you experiment? For instance, MSN is my homepage because I had no need to change it from being the default. Prior to version 7, arriving at my home page I saw a blank spot in the top right section that just said, "advertisement". However, the ad did not display! Now with the so called moot changes to version 7, or transparency of the process as you refer to it, that ad is lifelike and takes up 1/4 of the page. In fact today, it is an "Overstock" clearance ad that I assume is from "Overstock.com". So you understand why I disagree vehemently when I say that this product has not always worked like this, adding CDN's to the domain list in the dark on it's own. And if it was intended to work like that, then it has been broken for a long time which now we know turned out to a be a positive thing. Another thing you need to consider is how you service your customer base in the mainstream product arena if that is the chosen direction for Emsisoft. Mainstream manufactures stock shelves in stores here in the US like Staples, or the Microcenter. They also provide telephone tech support, not just forum tech support. And lastly, those products are half the cost retail here in the US. I can buy this week for example, a three pack of ESS for $29.95 US despite the manufacture's website selling the product for $59.99. You must remember that the majority of your customer's are better versed in technology than 99% of average users. I believe that is why we bought your software in the first place! So the fact that you decided to abandon your customer base with your decision to add CDN's automatically is disappointing to say the least, but directly responsible for my own personal exodus and most likely, countless others, in time as well. Functionality or security, I chose security and this is no longer that... Good luck, Krw
  7. Here is proof that blocking the servers on the list did not stop EAM from updating! Anyway, good luck because now even if you did fix the Banking Mode module I would still leave your products behind. Krw
  8. No Online Armor was not, and is not, in Learning mode. And in today's threat scape, why would you assume and untrustworthy source would not infiltrate a trustworthy one? Isn't that happening as we go back and forth here with Warez? That was posted in the Emsisoft Newsletter for November. The servers Online Armor is trusting return after deleting them. Furthermore, they are predominantly ad servers, and data miners and you're still saying this is normal behavior? Please guys, don't insult me. I didn't insult you. I am just a concerned paying customer who is pissed off because I can't get a straight answer! Perhaps you should provide links to the last stable 6 version for those of us who disagree. At this moment, I am glad that I never include security software in my system images. People who develop security software have a tendency to make mistakes and then defend them just like you're doing now. It makes it easy to evaluate and switch products. Something more customers should get in the habit of doing I believe. As with my previous post regarding this subject, the image attached shows servers that have added themselves to the domain list during navigating to this website without asking. Once here, I blocked everyone of them and I was still able to post this replay. Still think Online Armor isn't broken? Krw
  9. Fabian, I disagree! When online, all webservers are added and trusted to the domain list no matter what. Online Armor isn't even in "Banking Mode" when these domains or servers are added! The program won't block connections to Google-Analytics, or any other data miner I once kept at bay with Online Armor. So I beg to differ, this is a new development and a horrible one... In addition, banking mode in version 5, and version 6 for a little while, didn't allow any traffic not on the allowed list. If you forgot to turn off Banking Mode back then, you could not get online. So I have no clue what you're talking about when you say this has always been this way and the only difference now is you can see the domains... NOT! This product was once head and shoulders above the rest. Those days are gone!
  10. The changes to the "Domains List" in Banking Mode now in version 7 are ridiculous. If I want my system to trust a server or a domain, I'll tell it which ones to trust! This new development in version 7 where normal surfing adds entries such as, c.atdmt.com, or view.atdmt.com is totally unacceptable in my opinion. Why green light one of the worst tracking cookies in the history of the internet? I mean I cannot imagine why the developers thought this was a good idea to implement. If Banking Mode poses that much of a problem in today's landscape, or even the threat-scape, then I would prefer you just do away with the module. Granular controls are not for everyone. If your goal is to make this product mainstream, that too is a mistake. If I wanted software that did things for me I'd buy Trend Micro or Norton for half the cost. With these new changes to version 7, this software may as well be one of the placebos I just mentioned. My license expires in 31 days. You got 31 days or I'm out! Sincerely, KRW P.S. The image attached shows new entries added just from navigating to this site. Not very smart gentlemen and a definite deal breaker as you will learn rather quickly!