wojtek

Cryptolocker, Critroni, Cryptowall and others vs. Online Armor

Recommended Posts

Has anybody tested Online Armor protection against all that crypto-something malware

(CryptoLocker, CryptoWall, TorrentLocker, CoinVault, OphionLocker, etc.)?

 

Is OA a good and sufficient tool to protect against them, or should we look for other,

more specific programs devoted to the anty-ransom, crypto-preventing protection?

I mean also the new generation (whatever it means) of that kind of malware.

Share this post


Link to post
Share on other sites

It's the same for all major crypto malware families, cutting_edgetech. You will be literally flooded with alerts. So even if you miss to block it right from the start, you will have plenty of opportunity to block it at later stages before it is even able to encrypt even one of your files.

Share this post


Link to post
Share on other sites

Thank you! So, it wouldn't be a good idea to discontinue such a good product, am I right?

Perhaps instead of this, some promotional activities would help to further develop OA...  :)

Share this post


Link to post
Share on other sites

Thank you! So, it wouldn't be a good idea to discontinue such a good product, am I right?

Any product that just alerts you on every file you start like Online Armor does will have 100% prevention rate in that case. That does not mean it is a good product. EAM's behavior blocker blocked all of them as well, but without completely overwhelming the user with pointless alerts that the majority of them can't decipher.

Share this post


Link to post
Share on other sites

In case you cease further development, are you going to sell it or turn into free abandonware?

We don't know. There isn't even a decision to cease further development at this point. So why bother speculating about what to do if we do decide to cease its development?

Share this post


Link to post
Share on other sites

Maybe because each party can benefit from this scenario...

 

You sell it-you get and save the money, it continues to live.

You abandon it-you save the money, we get the free product.

;)

Share this post


Link to post
Share on other sites

Any product that just alerts you on every file you start like Online Armor does will have 100% prevention rate in that case. That does not mean it is a good product. EAM's behavior blocker blocked all of them as well, but without completely overwhelming the user with pointless alerts that the majority of them can't decipher.

Online Armor should not overwhelm the user with prompts. If the user chooses to block the threat when they are first prompted they probably will not receive anymore prompts. OA usually has remember action checked by default. If they do then it should not be many. The user will only continue to get prompts if the user continues to allow the infection to proceed. So if the user makes a mistake, and chooses to allow the infection they will probably still have the opportunity to block the infection from doing additional harm. This all depends on the design of the malware though. I think the only prompts I have received from Online Armor all week was when Adobe flash updated. Online Armor rarely ever even prompts me when installing Microsoft's monthly updates. I didn't receive a single prompt when installing Microsoft's updates this month. Online Armor's whitelisting works extremely well so it eliminates the user from having to respond to most prompts for harmless actions.  UAC will prompt you a lot more than OA will.

Share this post


Link to post
Share on other sites

Online Armor should not overwhelm the user with prompts. If the user chooses to block the threat when they are first prompted they probably will not receive anymore prompts.

I am not talking about that and I am pretty sure you know that. I am talking about the flood of alerts Online Armor causes for benign applications in general which is significantly higher than EAM/EIS.

Online Armor's whitelisting works extremely well so it eliminates the user from having to respond to most prompts for harmless actions.

It does not. It still happens plenty of times. Did we manage to improve the amount of alerts the user is confronted with over the past years? Yes, mostly by utilizing the much bigger user base EAM has to build rather large white and black lists. Is it nearly as silent as you try to suggest on an average user's PC? No.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.