iWarren

Member
  • Content Count

    138
  • Joined

  • Last visited

  • Days Won

    1

Posts posted by iWarren


  1. in regards to steam being safe.  i would say it is as safe, in the context of how safe we believe the Chrome browser to be.

    Which, the chrome browser, would have to make any of the same allowances as any of the other browsers out there,
    in regards to use of javascript and plugins.  We would also have to factor in.... that steam is going to have its own settings for
    what the chromium browser would allow.

    I play a game called "Half life 2: source", and there is an intro page, that back in the HL2 days, it was designed as a portal to offer
    up a custom HTML page.  Apparently, some use it for hosting ads, and judging by what I seen allowed.... it allowed basically the
    same things you would expect from any site riddled with spam links.   Also.... I had observed, literally 50 - 100 steamwebhelper
    connections being opened from various ip's, so i think it is safe to say.... that quite a lot is being allowed.  I used to just block the
    steamwebhelper and that was that.... but now i suspect that maybe it might be defaulting through Steam.exe or maybe even hl2.exe
    as my ping jumps up to 500ms and when given a command to disable ads, it drops back down to 80ms.    so obviously, something
    more is going on behind the scenes here.

    This is one instance that the software firewall used to be helpful to me... i could monitor such events, and could address them
    accordingly, allowing only specific ports for the specific program.

    and even a router solution, in this case, is not ideal... because on some servers, maps get served via port 80.

    i do agree that.... chromium os would use additional rendering instances, but pretty sure that does not apply in this case, at least not
    on such a large scale, and from so many ip's.  The host of the server already said it uses ads to host its server... and in the past, has
    dealt with ads with somewhat nefarious intentions.


  2. I think v9 of 'Online Armor' could be configured to work that way,
    as i remembered having it setup in such a manner.

    You could turn on/off whether OA used settings from trusted applications,
    and if it was off, it would rely on your own settings (via firewall menu)

    Which, then if you had another option in the firewall settings, to always treat
    new connections as "trusted/untrusted/ask for permission",   and this was
    really helpful, because you could be informed of connection attempts by particular
    programs, and then make informed decisions, on whether to allow/deny.

    Once you took care of the basics, of allowing all of the common Windows programs/services
    through. (Which.... case depending, may or may not be in your best interest) 

    Then it just became a matter of your common every day applications being allowed, and then,
    everything else.... you really did want to be notified about what was "trying" to connect. 

    I can remember several instances, where, I was notified about an application making a connection attempt,
    and for one reason or another, i blocked the attempt, because it was not in my best interest to allow it.
    Many programs now days have these sort of "call home" procedures, that you may or may not want to allow.

    I really do like your idea of a router firewall, like pfSense... and idealy, everyones router they use for their
    internet, is taking care of their security like it is suggested.  However, I think there may be, people like me... who
    may have router issues, for example.....

    My current router seems to have some sort of flaw in it, where it won't let me access IRC ports by forwarding them,
    i suspect because it is already listed in a set of pre-set firewall rules, so in order to get certain ports to be allowed in
    conjunction with others, i have to kind of "glitch" the firewall router on/off.   I realize, it is hard to for-see junky router
    setups like this... but perhaps this is why i believe, the hardware router should not be the last line of defense.
    nor do i think that.... reaction to a programs bad behavior should be a last line of defense either.

    It's that middle ground i liked.... where i kind of felt like i had some "control", over what was being allowed and denied.

    Another thing to consider.... I do not consider myself to be an advanced user,  and whether you think i am an intermediate
    user in reference to my knowledge of computers, i leave up to you. lol but... If it is suggested that if i truly want to worry
    about a secure network solution.... that I should acquire router/software like pfSense.... what hope then, is there for people
    with far less knowledge than me?  

    I pose to you a question, that If you could go back in time, and create Online Armor, the exact same way as you have
    created Emsisoft Anti-Malware, today.  Would you have done it?   If you had not created OA the exact way that you did....
    I would have not acquired half as much knowledge of the necessary programs required to run.... and i would not have
    learned all of the ports required for each windows program, for it to function normally.   For me,  OA was an invaluable stepping
    stone.  Sure, it may have been frustrating for me at times when I blocked the wrong program, or blocked a wrong port.... but
    i always knew that "I" did it, and that "I" was responsible for when my system crashed, not OA. 

    I've never seen a system failure, that did not have some good reason behind it... (except for maybe Microsofts Windows 10 "Something happened. error")

    People should be returning to the way of belief that.... Mistakes are a good thing, it is how we learn invaluable lessons.

    Equally so with Firewalls.... Notifications are a good thing, it is how we learn what is happening behind the scenes.  If a firewall has little
    to no notifications, and is just running quietly behind the scenes, is it truly serving its purpose?  

    It goes back to the 3 elements of security,  "Ease of Use" -> "Security" -> "Functionality",   any sacrifice of one, and the security triangle
    becomes weaker.  I think Emsisoft, should be sacrificing some "ease of use", in order to maintain the security of a system....

    It is like a police man, who is always quiet..... is he quiet because... no crimes are being committed, or is he just being quiet so that
    everyone has peace of mind that no wrongs are being committed. 

    peace of mind, can be maintained not just by remaining on duty,  but also by demonstrating it is performing its duty.
    you don't want a worker who shows up to work,  just to say "i am here",  you want to feel the presence of the worker.... by how much
    it is accomplishing.  Whether it is by actually catching something in the act, or by it telling you what its been doing.

    That is one way I had some peace of mind with the firewall system, is that... when i was addressing firewall notifications,  i had a good idea
    of what was going behind the scenes, i maintained a sense of control.   once the system processes, and tpyical behavior is eliminated from the mix,
    you are not faced with an over-abundance of notifications either.

    anyways, i say all of this out of sincerity for computer security in general, and i hope that the developers/tech support, do not take
    this as an insult for their current efforts... because I think the world of their accomplishments with Emsisoft and the efforts to
    maintain security.  

    I just strongly believe the infrastructure that was set up before, really made a difference...  for me, it was an extra layer of security,
    that really put it over the competition.


     

     

     


     

     

     

     

     


  3. it has been but a year, since you have made the changes, to go without a firewall.

    my urge for you to reconsider the firewall.

    I sincerely believe, that your firewall made a difference,
    because the people who used it.... understood that what was not implicitly allowed,
    would be denied. and thus, there would be no service, for what was not implicitly allowed.

    i know i have come a bit late into the game, but i still believe, one year later. that the Emsisoft
    firewall, did me more good, than any other alternative. I do not trust the Microsoft firewall, and for
    good reason... because Microsoft, is only interested in selling itself.

    There must always be a system of checks and balances, one thing, that checks another... i think
    the one thing that needs to be checked, is Microsoft.  and not just that, but its firewall.

    There is a reason why, people were upset with you for giving up on the firewall, its because,
    we knew that you were diligent in your efforts. 

    Yes, a breach of security is often dealt with, with a change of file architecture, which your software
    monitors closely.... but i also believe, the strength behind your software, relied on the multiple approaches
    in security... a close watch on the traffic.

    i say all of this, from a session i have had... i play a game called HalfLife, but it runs from a platform
    called Steam.  

    in order to support the servers, the servers make requests to host ads on their servers, which comes through
    the steamwebhelper.exe application, which seems to accommodate itself as a web application... but now i suspect
    it might even circumvent that..... and may even be going through the steam executable itself.

    in the past, i was able to block the traffic and allow what was absolutely necessary, but now, i am fairly certain,
    my system is exposed, vulnerable to every attack.

    i trust in Emsisoft, to leave no stone unturned... and if all else, an investigation.... into whether the software of today
    is  providing the same service, if not better, from the one of last year.

    My urge to bring back the software firewall, is as dire, as the day it was taken away.  please reconsider.

    • Upvote 1

  4. Well, I didn't quite feel like mucking about and creating BSOD's, so I just reset all my settings to factory default.

    It appears to update correctly now, so I am thinking, either my application rules were corrupted... or,
    my applications rules were not compatible with the previous update... or, more likely.... there is a program
    that may have been monitored and possibly interrupting the normal system operation at the time of update.

    It still seems like there is a bit of a "delay" in between when it says "Installing ..." and when I can open up new
    programs to run... but at very least its only for a few seconds and continues working again.


  5. LUPike, its definitely not a solution, but I suspect if you disable the Emsisoft automatic updates...
    you might be able to correlate the exact timing of the freezes with Emsisoft update.

    I apologize I can't be more helpful, but I just don't feel I should be giving up my whole day (which i would likely do) to try to solve this problem.
    i will keep you apprised if i learn anything new.


  6. I thought maybe my problem was that I had a critical program being monitored, so i added some
    of the system files to the trusted status... and then tried the update.   It cycled through the update
    really quickly, and i think the log said it only updated one file. Then said it was all up to date and
    wouldn't let me do another update.

    Then about half hour ago I tried it again... disabled my other firewall, and pressed Update... the logs
    said it was installing something like 30 files... but when it got to the installing part, it started locking
    up like it usually does.  This time i pressed the 'X' to 'cancel updates'.  and i had managed to do this
    once before.... I ctrl+alt+delete to let the cpu "catch up" and it managed to pull it out of its tail-spin.

    I checked event viewer, and i didn't notice anything in the time window... other than one event said
    a dcom event failed to register.

    since I have the emsisoft debug_log enabled, I did manage to catch the information at that given time,
    but I don't really see anything useful.

    also note... since these freezes started... i haven't done any factory resets, or re-installed emsisoft.


  7. Update:  my system will still not complete the install of whatever it downloads from Emsisoft Anti-malware
    and continues to freeze.  Emsisoft reports that it is 'up to date', even though it didn't finish the installs that
    were in its queue.  So I can only assume I 'might' be several days late on my malware updates at this point.

    I am curious whether Emsisoft AntiMalware logs a successful installation at the beginning of the install
    process, or after the update install finished.

    If its freezing at the point of install and I have to manually reboot, and it reports that everything is installed in
    logs and all is well and up to date... that would seem to indicate that it is counting the update as successful
    pre-install. 


  8. i think i narrowed it down to the last update that is trying to be pushed.
    when i tried clicking Update, it got to "Installing... 1%" and froze up again.

    now that i have the debug_output turned on, it doesn't want to give up the update.

    i recall my last freezing issues, also coincided with Emsisoft updates, getting to 1%


  9. I am also getting the PC freezing issue.


    Anti-Malware 2018.1.0.8407
    Windows 7 Professional sp-1 (32-bit)
    Intel i3

    My PC specifications are different in some ways, so that should help
    you rule out some particular architectures.

    My system had been running flawlessly for several months.... until these last installations you did.

    System has been freezing up as well... I checked the event viewer, and the emsisoft logs, but there
    doesn't seem to be anything that stands out as being a cause for the PC freezing.

    I do have a "lot" of applications now under the "monitored" status, but I would think if there was
    some critical issue with one of them, it would provide me with an alert.

    If it helps.... the system freezing seems to happen most frequently while I am using my browser...

    I thought I had nailed it down to the fact that I had 'explorer.exe' monitored, and it seems like
    the frequency of the freezing has changed.... but it is still occuring.

    So far, it seems to happen more often while I am in a browser, but I have had it occur other times
    as well.

    I have noticed in my Emsisoft logs, "Around" the time time of the system freezes, i notice there is
    an entry "Auto- Game mode enabled" ... I've never heard of this feature.... but I am quite certain,
    that I don't like the sound of it.

    The freezing starts out with the round cursor button saying the system is "busy". Usually i can get
    1 or 2 other programs open... like taskmgr.exe at about that stage, Firefox becomes unresponsive and
    and then explorer.exe refuses to open any new programs... other programs that are still in the active
    state work for a short time, before 'everything' seems to bind up and stop working.

    I am also using Comodo as a personal firewall.


  10. over time i discovered i needed what IP's to allow for svchost, as the bare minimum to connect.... i think,

    if Emsisoft is going to throw us to the dogs, they need to tell us the bare minimum, of what we need to change.... to keep us secure.

    If you won't let us use your firewall to connect with the bare minimum settings.... then you should offer a configuration, and telling us

    what Windows Firewall settings we NEED to change.

    And if you dare say that Windows Firewall has the perfect configuration as it currently is, as a default setup.....

    then i will know you are full of it.

    Because Windows is designed to connect with everything under the sun for compatability.

     


  11. i had a similar setup with Charter before... its internet service.... directly through a modem setup.

    a firewall setup is crucial, and who wants to remove edit, delete, add all of the existing rules.

    has anyone even iterated through the current microsoft rules... is there not a rule to allow

    Windows Media Player?

    Seriously, who uses that, and feels safe about their computer.


  12. i have had some time over the past week or two, to consider the things i've said here... and how i felt about the EIS change.

    I still, sincerely wish that it was the same... the setting changes were so simplistic in nature.. if only you could overlay your firewall

    protection, with that of the Microsoft Firewall.

     

    but anyways.

    I accept this is the direction you have chosen.

     

    I went with Comodo, and the protection is the same... but not equal,

    i do highly enjoy its verbosity in whats going on, but sometimes its like i say something is "okay", like i did with Emsisoft,

    and I keep getting pestered with additional messages, lol and its like, even those don't "stick"

     

    anyways, thats not your problem,

    as a programmer, i appreciate your choice... i know doing what you did, was never easy.

    and I regret now, my support messages i put in with complaints, lol well... i still wanted things fixed, but i wanted

    them fixed on your terms.

    To this day, I sincerely believe you had a better firewall protection system.

    So regardless of what has been said, or what has been done, you did a good thing... in the time, that it was needed.

    Companies like Microsoft have thousands of people, and you are just 1 person, but...
    just know, the people who really loved this system, had faith in a common principle.

    That it took but just 1 small stone to take down goliath.

    Looking professional is one thing.... but being professional, is quite another.