pallino

Suggestion for Emsisoft 13 or Emsisoft TS

Recommended Posts

Hello Emsisoft Team,

 

Why don't you add voodooshield to Emsisoft (acquisition, partnership,....)?

This would add a lot to Emsisoft:

- higher static as dynamic detection

-AI engine

-Sandbox capability

-Vt scan

....

 

Or, looking at it from another point of view.... what it another AV does it before you?

It will get a great advantage vs other vendors.

 

What do you think of this? 

 

 

  • Upvote 1

Share this post


Link to post
Share on other sites

Think differently. EIS that track user validations when he is away and remake the same when he is near his system. Already done ? How about virtually creating the entire replication that certain applications are user-sensitive and can be only used indicating the above validations through an automated response when sometimes we like to lock everything that always appear anywhere through a simple option in the cloud that is associated with an app in mobile or a response that dials a virtual platform even when I like to reinvent how I am browsing incognitively when no one expect my virtual yet tracking identity will not be displayed anywhere ? This is still more simple. Yet I didnt find a unique profile matching system that can clean my system from crash when EIS has encountered some vulnerability as it ask me to reboot the system. There must be a fine tuning for this default reversing button. 

No sensitive file storage that is applicable along with next EIS for retrieval anywhere with an equally censored restriction applicable which says that my restoration of all applications can be done in my new netbook just with one click yet saving my personal preference with all licenses wherever it is valid so that I can return where I started using my personal widget.  This widget provided can synchronize my daily activity telling me a waking signal if I am wrong stationed in a place just working like a hardworker who produces result for what it means to be delivered for this promise.

You never asked me if there can be a news I like to avoid being tracked by google yet the search engine can be refined to tailor what it is doing for no privacy for anyone at this high user profiles. Can I bypass any isp I am using without vpn or virtual dns yet just by creating a lookup as I want to view anywhere through an synchronous name I like to do repeatedly anywhere but showing me what I want to visualize my identity through a systematic approach that lots of information matters but define only what I wanted for my quest ? In this way my guest will only feel that I also made something for him through a public profile for this gateway everyday like something new never before.

What EIS never did till now is that it didnt validated windows 10 preview updates so that my system restore points are fixed if it will encounter any problem ? I want EIS to work better in this regard. What I want is that if my system crash I only have to update a remote file in your server for usb reboot and it automatically validates my subscription credentials and restore my system perfectly like never before ? The apparent risk factor for my system apps and software must be mentioned in a proactive insight keeping in view how I am using every software whether it is licensed or pirated as I like always experimentation.

Nothing much. But would like to contribute more if you have time. 

Share this post


Link to post
Share on other sites
4 hours ago, Fabian Wosar said:

I don't see anything in there that Online Armor didn't implement like 5 years ago. If we wanted to implement any of that technology, we can legitimately just copy the code from Online Armor, which already includes all of that and a lot more. The fact that we don't and even discontinued Online Armor should be an indication of what the likelihood is of any of these techniques being included in EAM or EIS.

Did online armor check VT with 60+ other Av?

Was it an whitelist/anti-exe?..Or a firewall with Hips?

Did it have AI?

Sandbox possibility..... with  cuckoo sandbox/VM ?

Does Emsi detect as much as voodooshield when running files/ did OA check them on VT before allowing them to run or does Emsi do it now?

I really don't think so.

It's just a suggestion, so of course you do what you think is best.

Luckily as of now we can use voodooshield for free, so no problem for users that want it with Emsi. ..If another AV decides to add it to his program, things will be way different.

 

 

 

 

Share this post


Link to post
Share on other sites

Your contribution is commendatory. I have only added some notes that rethink every online identity that requires good reasoning for technological vulnerabilities inclusion in your future products.

When you generate solutions next generation challenges must be foreseen. We dont end up system securities through checklist in firewall or virus database signatures. Technical complexity must solve every online identity for making implementations secure their asset. This asset is truly what matters. Emsisoft internet security is a superior product in this regard. But when it comes to Emsisoft Total Security virtually it must be seen like every corporate solution an entire encryption of the device that fall into some criteria for expert users who choose such products that there is not any threats but unrealistically can safeguard from any risk. This is what is meant by Total Security that any additions like tuneup or some extra safeguards. How this must be implemented must be virtually simulated for each user that can be tailored with respective profile associated with their support community status. I have lot to add here.

I have added my comments only regarding the title EIS 13 or ETS. My feature depicts how the role we adopt can solve technical inclusion of security vulnerabilities here in a time when cloud and other IoT must skin bigdata solutions. May be you like to associate this criteria with true genuine solutions. If you are interested write to me.

 

  • Upvote 1

Share this post


Link to post
Share on other sites
2 hours ago, Fabian Wosar said:

Yes. Also Jotti via OASIS.

HIPS. But you can limit it to only care about non-trusted/unknown programs starting.

OASIS performed cloud analysis based on file meta data, the same way VoodooShield appears to do.

OA did have a run safer which isolated applications from the rest of your system.

We do pretty well.

Nobody will. Every test lab on the planet will completely rip those products apart for the sheer amount of false positives. Anti-executables are nerd tools. Nothing else. They are only sustainable when you have 1 or 2 people working on it and even in those cases they tend to not survive for long without an external source of funding. There is a reason why there are no companies who provide only standalone HIPS, anti-executable or even firewalls anymore.

But now Emsi does not check all files on VT with 60+AV, does not have AI (but a great BB), no sandbox, is not a anti-exe/whitelist capable...With VT+AI+whitelist voodooshield is able to block earlier malware and probably more (in terms of nr, might still not be 100% ready for some tipes of files, e.g .J's or need the payed version ).

I really think Emsi+voodooshield is (considerably) better than Emsi alone.

If we had a big malware pack and run it against Emsi alone or against Emsi+VS I bet the ladder combo will detect/prevent considerably more.:)

 

 

 

Share this post


Link to post
Share on other sites

You cannot test an anti-executable by trying to execute files which you obviously don't intend to run. Why click on them in the first place only to answer the AE popup with No? The correct way to test an anti-executable would be to install it on your computer-illiterate friends' computers and then tell them to call you in case there is a problem. They will either hammer you with calls for every popup they get or they will get infected by allowing everything. People, who can handle these tools, don't need them and those, who need them, can't handle them.

Share this post


Link to post
Share on other sites

OK, thank you.

Last thing.. I m not sure voodooshield uploads all files but rather think it upload the Sha.

Privacy issue? I don't see one when uploading new files on VT.

Many FP? I m using it on always on and don't get FP, alerts some, but very very few FP...In smart mode it is way better.

Did you try it?

Anyway, thank you for your answers.:)

Share this post


Link to post
Share on other sites

Eis 13 convey us a rethinking beyond a security software. Voodooshield may be better solution that suggest we need to refine uninterrupted support for blocking unwanted activities without our knowledge. Yet it does not keep status for intelligent results that can help users when issues arise from network interuptions. I mean we have a scenario where each application require a native patch, when their responses are validated by a server, how much details may be collected, it doesn't matter how long we are away, nothing happens vulnerable and we can be away when only the activity we have started always go easy, can all such services be executed without failure? Can we verify such status what goes wrong be switched for restarting without leakage of security? Voodooshield must be framed to leave a live response tailored to each time and activity in a self automated fashion.

Share this post


Link to post
Share on other sites
17 hours ago, stapp said:

Thank you for sharing, interesting thread!

It was 2013, Vs changed since then.

I don't have problems with VS: if and when it alerts, the alerts are clear...In smart mode it's very, very discrete.

It could be added to Emsi with an expert mode for the VS always on settings if wanted.

FP and privacy issues are not present in my opinion.

 

 

 

 

Share this post


Link to post
Share on other sites
5 hours ago, Fabian Wosar said:

We already established you don't care telling everyone all the programs you are running. That's why you constantly bring up that we really should just check everything against our cloud database. However, just because you do not care, doesn't mean nobody else does. Our customers are incredibly cautious when it comes to their privacy and the fact that we do value their privacy as high as we do is one of the biggest reasons why they chose us in the first place.

Process Hacker, API Monitor, Debuggers, essentially every application I compile myself. Just go to a download portal and download the top 100 applications and try to run them and you will see.

<sarcasm>No, I always comment on software without having a clue about what it does.</sarcasm> Obviously I tried it.

I already said many times I do care, a lot but still think few file hashes sent to VT are not a privacy issue.

You also do it when BB detects something, or?

You upload less than maybe VS does, probably.

Is this a huge difference? I don't think so and as everything , it can be discussed, criticized.

Same with the increased security VS would add to Emsi.

<sarcasm> I also use VS, daily for some time..I also speak without knowing VS...You know it better? Of course, why shouldn't you.

Finally, don't worry, this was my last suggestion.

Users that care to suggest improvements or highlight problems as missed detections should deserve  kindlier answers, a "thank you" sometimes would also not hurt...But no, the "impression" I as other I know get is you know everything, Emsi is pretty "perfect"/already does it (again, our impression), what we say is worthless since all was already thought, done, detected....I don't remember seeing a "thank you", a "good idea"...maybe a "we'll discuss internally"....Of course I don't read/read all posts, might have missed plenty of these.

Is all so worthless? No, examples? I have 3 just for me (anti-exploit protection, firewall blocks outbound connection->BB alert of suspicious activity, BB alerts file in memory had bad reputation even if is not doing anything suspicious yet).

Nice weekend

 

 

 

 

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.