Jump to content

Amaroq_Starwind

Members
  • Content Count

    334
  • Joined

  • Last visited

Everything posted by Amaroq_Starwind

  1. Amaroq_Starwind

    Windows DCH Drivers - It's about time!

    Awesome!
  2. Amaroq_Starwind

    Computer Science: Ravioli Memory

    So, lately I've been starting to wonder if Ravioli Memory might also provide security benefits, on top of the more efficient and robust memory management.
  3. Amaroq_Starwind

    Computer Science: Ravioli Memory

    So, here's a series of blog posts that I feel like would be worth a read~ https://www.reenigne.org/blog/rethinking-memory/ l The short version: Basically, this is intended to give bare metal languages like C++ and Assembly the benefits of a Garbage Collected language, sans most of the associated downsides. Everything is explained in depth, and there's also a link on the blog to the source code. @exile360 I bet you'd be intrigued by this!
  4. Amaroq_Starwind

    Microsoft Finally Begins Testing Windows Updates

    I wonder if it will soon finally be possible again to install AMD graphics and HDMI audio drivers. My father's computer is absolutely desperate for this. Mobile Hotspots (and even the ability to use Wi-Fi at all) have also been horrifically broken lately.
  5. Amaroq_Starwind

    The value of bottom-up ASLR in Windows XP

    I wonder if any of WehnTrust's features should be incorporated into Malwarebytes. It could potentially improve security with its SEH Overwrite Protection, its Format String Vulnerable preventions, and its own ASLR capabilities, especially on older versions of Windows. And it's open source, which is really nice and makes adapting its features seem a lot more viable to me. https://archive.codeplex.com/?p=wehntrust Another security feature which is similar to Bottom-Up ASLR which could be a good supplement is Library Load Order Randomization (though that might require changes to the OS on Microsoft's part). Further still, additional security measures such as Shadow Stacks and Random XOR Canaries could both also be used to compliment ASLR if they haven't already been worked on. https://en.wikipedia.org/wiki/Buffer_overflow_protection#Random_XOR_canaries https://en.wikipedia.org/wiki/Shadow_stack One way to offset the potential compatibility problems of using Shadow Stacks; you could notify the user every time a program encounters an error as a result of an exception or a longjmp. Also of note for ASLR; making the program and drivers PAE aware and allowing then to use large memory pages could be used augment ASLR on Windows XP and Windows Server 2003 on systems with at least 4 Gigabytes of RAM (even if most of the operating system is unable to use it in the case of the 32-bit version of XP). And while it wasn't explicitly designed for security, experimenting with a Ravioli Memory implementation (which I made a thread about in General Discussion) might possibly have ancillary security benefits on top of avoiding memory fragmentation and providing more robust management of system resources. Now in response to @exile360, I was merely trying to point out that you seemed omit XP SP2 on the list of supported operating system for DEP. I'd like to share some final thoughts on that subject; though Data Execution Prevention is great, better implementations do exist which allow even more flexibility, such as separating the bits for Write Access and Execution Access, and/or separating the bits for Privileged and Unpriviledged Execution, or even enforcing Sandboxed Execution. However, those various implementations are only supported in-hardware on non-x86 architectures, and even then, not all of those support the same features, and I'm not certain how viable software-based implementations could be without at least a partial rewrite of the operating system itself.
  6. I think I should probably take a break from all these suggestions. Asperger's, you know how it is. Anyways, one more thing which I feel Malwarebytes would benefit from is an option to use a Dark Mode GUI, perhaps even integrate it with Windows 10's Dark Mode setting, and/or perhaps even the current Color settings. Another thing that would be a neat GUI feature, even if it's just a codec for the Windows Imaging Component, is displaying an Identicon thumbnail generated from the hash of a file if said file is of an unknown type, or otherwise does not possess a thumbnail. Not only is it pretty, but also functional, and you could even see these same identicons for scan reports in the GUI itself. For those unfamiliar with Identicons, see here for more information: https://en.wikipedia.org/wiki/Identicon I'm sure that if the Malwarebytes team ever does decide to use Identicons for anything, they can find other creative uses for them.
  7. Amaroq_Starwind

    The value of bottom-up ASLR in Windows XP

    Data Execution Prevention was actually added in XP Service Pack 2:
  8. Amaroq_Starwind

    Feature Request: Dark Mode and other GUI stuff

    Well, seems that Dark Mode is spreading even further now: It will take quite a bit of design work for a Dark Mode to actually look good though. In the meantime, use of a dyslexia-friendly typeface would be another great option for the UI.
  9. Hello, all! So, you may have noticed a new piece of art in my forum signature: This was actually drawn by my friend @ToxicBlitzX3. If anyone here also has art to share, be it their own creation, a commission, or a gift, want to share it? As is the rule on the forum, please keep it clean!
  10. Amaroq_Starwind

    Ever wanted to play with a Quantum Computer?

    Wow. I guess I'm losing my touch...
  11. Turns out D-Wave systems actually developed an API so that you can utilize their quantum computing resources through a remote connection. https://docs.dwavesys.com/docs/latest/doc_rest_api.html Before anyone asks... Yes, D-Wave is the real deal, I've been following them for years. They've even got a contract with Lockheed Martin, IIRC. So, does anyone here have ideas on what they'd use a quantum computer for~?
  12. There's another issue, however, with taking offensive measures to deal with the threat. Besides the risk of possible collateral damage, there could also be severe legal repercussions... Anyways, here are some of the articles I was looking at: https://www.symantec.com/connect/articles/malicious-malware-attacking-attackers-part-1 https://www.symantec.com/connect/articles/malicious-malware-attacking-attackers-part-2 https://whatis.techtarget.com/definition/offensive-security
  13. Oh crap! 😱 Maybe more offensive security measures have to be taken if infrastructure is actively being targeted, actively striking back at intruders... But there aren't any obviously practical solutions that I can readily think of. On the Symantec website, there are a couple old articles titled along the lines of "Malicious Malware: Attacking the Attackers, but it is from 2006 and I don't know if those ideas are even viable anymore now that we have to worry about things like Ransomware, Botnets, and victim computers being hijacked as proxies. I posted a thread about D-Wave Systems very recently, so perhaps it might also be time for security providers to get on the horn with them about possibly using their resources to tackle infrastructure-wide cyberdefense.
  14. Amaroq_Starwind

    Ever wanted to play with a Quantum Computer?

    Actually, they have q whole bunch of neat documentation stuff now, and even an SDK sort of thing. https://docs.dwavesys.com/docs/latest/index.html
  15. Amaroq_Starwind

    Is it worth to get a VPN in 2019?

    Well with payment information at the very least, there's a new thing called privacy.com. It's basically a financial proxy so that you can use throwaway payment credentials on online websites.
  16. Amaroq_Starwind

    OpenACC; GPU Compute for Malwarebytes?

    Heya, MBAM Team, it's Amaroq again! Yes, that vulpine who says things. And I'm back again with yet another rapid-fire idea coming at you fast, if you catch my meaning~ 🦊 https://developer.nvidia.com/openacc Nvidia has a thing called OpenACC which you can put into existing C++ code, and through the use of a special compiler, you can instantly get a program that has the option of running on a GPU to leverage its parallel processing capabilities, which might drastically increase performance, especially for longer scans, as many things could now be scanned in parallel, among other things, like running more complicated heuristics at breakneck speed. Would this be a viable thing to testrun? As always, let me know your opinions. This is probably my second-to-last suggestion for the day, because I'm getting pretty burned out.
  17. Amaroq_Starwind

    OpenACC; GPU Compute for Malwarebytes?

    Well... I recently found out that OpenACC also runs on the integrated graphics on Intel CPUs and AMD APUs, and is compatible with conventional C language. Rad! Unfortunately, I am still not sure if MS Visual Studio can be made into an OpenACC compatible compiler or not (I mean, maybe it can through plug-ins?), or if OpenACC can run on ARM64. Additionally, it also seems like the demand for Malwarebytes on OpenACC is still extremely low, and this there is a negligible probability that it will happen any time soon...
  18. Amaroq_Starwind

    Adding websites or domains to be INCLUDED into the block list

    Attempting to edit the HOSTS file on Windows 10 will actually screw up Microsoft services (such as Windows Update) royally... Or even screw up your ability to connect to the internet. I learned this the hard way with the hpHosts files.
  19. Amaroq_Starwind

    Logitech Options software vulnerability

    Just going to plop this in here: ...yup. Malwarebytes should definitely start blocking unauthorized sockets.
  20. Amaroq_Starwind

    Protection for Whatsapp, Telegram and iMessage chat

    Unfortunately due to the sandboxed nature of iOS apps, I don't know if Telegram and WhatsApp protections would be possible. They'd have to get in touch with the app developers directly, and I am not sure how Telegram's staff to a request from Malwarebytes. I mean, it's worth a try, but it would be potentially a very risky proposition from Telegram's perspective due to their almost religious focus on user privacy (which I'm very thankful for at times). Now, Telegram is open source, but I'm also not sure if Malwarebytes would want to make their own version of the Telegram client. Even with open source software, it takes a lot of time and effort to develop a client.
  21. Amaroq_Starwind

    ANSWERED False positive on cash.me

    So, I was trying to send some money to my friend, but both Malwareybtes itself and the Malwarebytes chrome extension separately blocked the website https://cash.me when I tried to use it.
  22. Amaroq_Starwind

    Legitimate MWB Download URL?

    Yeah, I think you might be right. I looked up Zingtree, and it seems to be some kind of plug-in for support tools based on decision trees, or something like that.
  23. Amaroq_Starwind

    Legitimate MWB Download URL?

    Give us one of these Zingtree URLs, with the wrapped in the following tag: [code]<some URL> [/code]
  24. Amaroq_Starwind

    Portable MBAM

    This should probably go in the Comments and Suggestions section. This actually already exists as part of the Malwarebytes Toolset, aka Malwarebytes Techbench. However, it's not available for normal consumers, you need to be the owner of (or work for) a computer repair shop and sign up for the Techbench program.
  25. Avast and Malwarebytes have no conflicts with eachother regardless of which versions you are using, unless they detect eachother through flawed definitions, but that hasn't happened in a long time.
×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.