PostHEX

Read this a while ago, but too good not to share. Of course you can't expect a very technical indepth explanation given the subject, but it's still interesting to get wind of some of the cutting edge protection measures cutting edge industry relies upon. Continued: http://www.theregister.co.uk/2015/06/02/spacex_anti_hacker_startup/

You sure it isn't a file system error? Or just corrupt memory?

I probably should've waited with posing the question before W10 was actually out of beta. I can see as you're saying that it'll be difficult to make something work universal considering how close protection software indeed works with its host. Regarding the mobile stuff, if it helps, I've got MBAM Mobile installed for a year now. And all this time I thought Malwarebytes was laughing all the way to the bank, getting rich by datamining me. No but I can see what you mean.

Well with the whole universal app thing MS is pursuing, a dev won't have to make a specific app on a per platform basis, but just write 1 app for everything that runs Windows. As for the disposable part, I'm baffled. The phone is physically disposable, but you know that your apps stay with you as they're tied to your account of the platform's store. Malwarebytes makes MBAM Mobile for Android. So again, I don't understand your conclusion. But the main question is; does Malwarebytes have got any plans to convert MBAM into a universal app? Or are there technical limitations to that?

Edit: come to think of it, if Malwarebytes would develop a MBAM version for Windows Phone, wouldn't it automatically be a universal app? So the bigger question would then be; what would happen to the regular desktop version?

MBAM in its traditional desktop app version is being prepped for W10, but I couldn't help but wonder; are there any plans to ever make MBAM a universal Windows app? Or would it be more likely that every Windows platform would get its own separate version developed instead, given when a platform (i.e. Windows Phone) has grown sufficiently?

OP you don't know what you're talking about. Malwarebytes was one of the first companies to offer detection and prevention against Cryptolocker, which is the main reason I'm using their paid product on all of my Windows machines. At that time, barely any definition based protection software company had an answer against Cryptolocker (I believe Sophos was one of the few that offered protection as well). The technology that drives protection is important, but more importantly is the rate of adoptions for new definitions. The latter is never a finished product, but a continuous effort that never stops, and can only be evaluated by frequent testing by the end user in order to conclude if a protection company is doing a bad job or not. And to my knowledge, Malwarebytes is fast enough, at least pertaining Cryptolocker variants, which is in my opinion currently one of the most important threats.

I understand. It s*cks though, but I understand why the restriction is in place. If it were the other way around, a say household or corporation would technically onlyneed 1 license for all users, given that said household or corporation would run something like a server-VM-thinclient setup. Hmpf, so it's either allocating additional licenses to the VMs, or run an other OS less targeted than Windows in the VM optionally alongside an application whitelist. Not sure if Hyper-V plays nicely with say Linux though. But hey, good to experiment with Linux regardless!

Thanks for the link Dale! I tried to find if the question was already posed and answered, but found nothing. That answer helps a lot. As for issues with Hyper-V, I hope not. By the looks of it it will be the only VM application that I can afford that has got/will have lifetime support.

With the upcoming release of W10 I'm considering to purchase the pro version, and use Hyper-V along with it for daily non-testing usage. Using a VM will be a premier for me, but it sounds obvious that you can't run the same installations from your host onto your VM as well (unless I've missed some features that Hyper-V offers regarding the subject). My question is then, if I do need a separate installation of both MBAM on the host, as well as the VM, and if I would want both installations to have the premium features enabled, does Malwarebytes offer some leniency in that it is allowed to use 1 account for the same physical machine? Or do you have to use 1 account for the host, and a separate 1 for the VM?

To be honest, any company that doesn't care about implementing a basic safeguard straight on the product to protect its customer's investment(s) is not a company worth caring about. Now I know Malwarebytes isn't such a company as it actually does listen to feedback from its users (at least in my experience following progress on 2.0, 2.1 and 2.1.7) -- but I don't care if you're on the Fortune 500 list or run something from a basement, if you as a company are fine with a mentality of unnecessary negligence, you and your product or/and service needs to die and die quickly so it makes place for something better. Adobe is a prime example for this -- with all due respect. Sure the chance that someone steals your credentials is small, but I just can't see the logic why so many companies take that risk and wait to lock the stable door after (too many) horse have bolted, yet implementing such a protection feature takes such little effort & cost. And yeah you can probably as a user get replacement credentials if you prove that you are the true owner, but why the satisfaction with more unnecessary helpdesk calls? It certainly doesn't improve the customer's product or service experience in such a disaster, that's for sure. Anyway, I'm probably beating a dead horse as Bdub's answer was all that was necessary. For once I am not kicking and screaming to get what I want...

I can imagine that eyetracking could be one way to expose such a password system (with face facing cameras on phones being ubiquitous these days and all). The system is still better than what the average netizen uses though (qwerty, myname123, 1111 etc). Personally I had my hopes set on NFC. Not so much protection against fysical driveby copying attacks, but rather better protection in virtual space. It would be an excellent way to handle very long complex passwords, without having to remember them or typing them out, and especially without relying on some password managing software suite. So I bought an NFC reader that was marketed as "with built in 'keyboard emulation function', no software and drivers needed!". "Great!", I thought. The brickwall is, those devices only type out in hexa or deci. Subsequently I tried to look for an alternative reader that would deal with it in a plantext fashion, which apparently isn't an option in the NFC reader world (no clue why it isn't). So I looked for a program for the PC that could automatically translate hex to plain while running in the background, but so far nothing found. It truly boggles the mind why the NFC ecosystem for the PC is so vastly underdeveloped, yet for Android it's very well established. For the PC it looked like last year that NFC was finally going to be taken serious, but OEMs are actually going backwards. Lenovo and HP both had business laptops with built in NFC (albeit with barely any functionality), but since the Broadwell refresh they've stripped it out. They do cling onto their fingerprint readers though. But goodluck using something as a steal-able password bound to an unchangeable fysical object. Perhaps I should've opened a separate thread about this NFC project of mine. Maybe I should. Eitherway.

Thanks once again Bdubrow. Best PR person ever.

I understand that it is easier this way to retrieve your account information if you've lost your backup directories, but the account detail area really needs a password wall. Illicit remote access via malware or a general exploit is still a thing. I wouldn't dare to imagine someone snatching up my ID and license key > enter it on a MBAM installation > the same account runs two installations > Malwarebyte's genuine verification system detects it and disables said account due to illicit activity. But even more imminent are for people who share their device. Even without admin rights, any guests can copy the account details and trip MBAM's fraud prevention, just to antagonize you.

Have you got admin rights? That's what prevented me once from disabling/enabling malware protection and malicious web protection.

Well I haven't used the licenses. Currently all my devices are satured with paid MBAM licenses, but bought these for future expansion. And I don't know if they're fake or not. I've bought licenses from this vendor of where this issue is about, so I know they sell licenses that work. As I said, the issue is that I can't find out what type of license it exactly is. I'm not out to pass my misery onto someone else.

Just asking for the state of the matter. Any news about the investigation? Also an update from myself: I think I've found an easy solution to my problem for now. I've found a vendor whom I am 100% sure I can trust that also still sells the lifetime licenses. I'm considering buying from that vendor, and just keeping my current 'unsure of what type of license this is' purchased product and wait for a year to see if they expire or not. If they expire I've obviously been scammed, but at least I've got replacing lifetime licenses, so that it won't be the end of the world. If I haven't been scammed and the licenses are indeed lifetime, I can always resell them at the end of the year I guess.

Owncloud + 100/100 WLAN is my saving grace. Not sure how one would stop badHDDs regardless of any option though. But yeah, if one must outsource their data, at least encrypt it and take comfort that any three letter agent will be able to decrypt it around year 2100.

Well one license isn't expensive indeed, but I purchased several. Sorry for the confusion on that point. PMing you now.

Last question for now. I coincidentally just received a mail from the reseller of which I had bought these licenses from. Now this hasn't got anything to do with the issue at hand, but I still want to ask here instead of starting another thread for such a small question. Has Malwarebytes ever sold a lifetime license that is valid for up to 3-PCs at a time? The reseller says that they offer such a product. It smells kind of funky to me. Again, if any of the staff members want to know the reseller's store, I'll be happy to share the link.

Correction: Shrugged pointed out one obvious thing I had overlooked; the license should only work on 1 PC at a time. Before I test, I need to ask. If I would have the 1-PC/user license on 2 PCs active at the same time, what would exactly happen? I assume the license would become invalid, and become valid again after deactivating it from one machine. Is that correct?

I've just received a message back from Cleverbridge, and they stated that they couldn't find any purchases with my email address, which is obvious from my side. I then sent them a mail back and asked if they could check the database if I were to just send them the ID & Key. I'm awaiting a response from Cleverbridge (though as stated by the late Hunter S. Thompson , my chances of getting any further with Cleverbridge are limited). But in the meantime, I'll post the same last question here of which I asked Cleverbridge: If I just provide the ID & Key of the license, wouldn't that be sufficient to find it in 'the database' (wherever that may be)? I mean, if MBAM phones home to a database (I assume this is the case, because how else would an MBAM installation know if you're using a pirated license, or are using a legal license, but have exceeded the limit of machines activated with it?), what would it stop a human with access doing the same? The situation is a bit of a pickle as you can see. My hands are tied in terms of verifying my rather expensive purchases. Currently the only way to know the state of things is to wait an entire year to find out the quality of the purchase, which would be absurd. Within a year a lot of stuff could happen. For example if the reseller were to go bankrupt or just plainly disappeared. Then a refund would definitely be out of the question. If a feature was built into MBAM itself that the program would tell what type of license is active, it would help out a lot. Though according to Marcin/RubbeR DuckY this last feature should be in the upcoming 2.1 build that will hopefully (again, according to him) be released in march. By the way, if any of the staff members want to know the reseller's name, I'll gladly PM it.

That's nothing. A while ago Tencent gave a 100x that. Just had to install... one app and bend your private behind over. http://thenextweb.com/asia/2013/08/30/forget-1tb-chinas-tencent-is-giving-away-10tb-worth-of-free-cloud-storage/

Am interested in the beta as well. The only feature I'd really want on top of what 2.0.X already has got, is to clear indication whether you've got a premium lifetime or premium subscription based account, which from prior posts in this thread I understand 2.1 has.

Okay. Thank you again for answering.