Offline Sword

Member
  • Content Count

    76
  • Joined

  • Last visited

Posts posted by Offline Sword


  1. I agree that at the moment the rule dialog is a bit confusing. That is why we will likely drop it entirely in one of the next versions and essentially reduce it to either allow or block the entire process. At the moment essentially every behavior corresponds to a group of actions and triggers the behavior blocker uses internally to detect malicious behavior. Setting a specific behavior to block will essentially instruct the behavior blocker to prevent any of the actions that make up the group. We do not document the exact actions we are looking for and we never will. Doing so will only make it easier for malware authors to get around the behavior blocker by specifically avoiding the actions and conditions we are looking for.

    In general though the majority of all our users will never have to use the application rules as in almost all cases EAM/EIS will make the correct decision for them. At the moment they are only there to allow users to correct mistakes they made during rare manual decisions or in case they disabled all automatic decision making in EAM/EIS.

     

    Thank you for your response.

    I do not think that dropping the rule dialog entirely is a good idea. Could you consider to provide a new rule dialog in a more granular manner, just like online armor?

    I should say that I do not like the behavior blocker of online armor, since it lacks of intelligence and generates too many alerts. But I think the cloud-based behavior blocker of EAM/EIS is much more intelligent. In such case, adding a fine-grained behavior blocker will not disturb the users too much.


  2. Emsisoft 10.0 has a new behavior blocker panel.
    it enables us to allow/block some activities of applications.
    But I find that this function is confusing.
    In my opinion, the activities that can be controlled by the behavior blocker are not explicitly defined.
    For example, I cannot understand what a "backdoor related activity" refers to.
    I think a "backdoor activity" should be blocked, but what about a "backdoor related activity"?
    What will happen if I block the "backdoor related activity" of a certain application?
    It will stop the application from accessing the Internet? Or forbid the application to access some sensible areas in the local computer?
    It seems that there is no such information provided to the users to help us determine whether an activity should be allowed or blocked.

     

    • Upvote 1

  3. 1. In the recent special offer, the customers can get two "gift" licenses when purchasing one. My problem is that, if the customer renew the purchased license, would the "gift" licenses be renewed automatically for free? Or should the "gift" license be renewed independently?

     

    2. Could I activate EAM with an EIS license?

     

    Best regards.