Jump to content

Amaroq_Starwind

Members
  • Content Count

    495
  • Joined

  • Last visited

Everything posted by Amaroq_Starwind

  1. If you'd like, I can share a list of various security-related apps from the AppStore via PM, so that you can go over the various features they have.
  2. A lot of other security suites available for iOS include a variety of Anti-Theft measures, such as locating your device with GPS (including sending a signal flare right before the device runs out of battery), and providing a Thief Cam. I think having a Thief Cam would be really helpful, because not only would it show you who tried to get into your phone and kept getting the password wrong, but if it were to automatically upload the photos at the first opportunity, then it could also tie into facial recognition in some form. I also have a few ideas to expand on the Thief Cam concept; GPS/Bluetooth Signal Flare during photo burst(s). Recording a Delta-compressed photo burst, instead of just a single photograph, in case the perpetrator looks away... with a second photoburst on a short delay, triggered to fire as soon as the camera detects a face. A smart crook would likely try to look away during the first photo burst, but they probably wouldn't expect a second one. Taking a photo burst from the phone's rear camera, in order to get a good look at the phone's surroundings. Could also include camera flash, partly to disorient the perp. Ambient sound recording, to help identify the location based on ambient sound and/or identify the perpetrator by voice. Audible alarm, to draw attention. Perpetrator Fingerprint Capture. Thoughts? 🦊
  3. Another idea; Peer-to-Peer VPN Service, using a combination of RSA encryption and transparent asymmetric encryption. By adopting a Peer-to-Peer model as early as possible, this can minimize the demand on resources for ever hosting a real VPN in the future, while also preventing excruciating slowdown (see thread: Slowing iPhone Down) because the service would be hosted by the people using it (complete with load-balancing, latency optimization, and redundant pathways for network traffic). The use of RSA private key encryption between devices and Under-the-Hood public key encryption at the start and end points will be a surefire way to maintain privacy and security, even with multiple users acting as Peer-to-Peer hosts, and you could also piggyback off of other VPN services via setting up a second VPN profile as the final destination. Perhaps compression could also be implemented, to minimize the drain on people's bandwidth.
  4. Some third-party browsers allow it... I'm sure that Apple would eventually make it part of Safari if enough people requested it though.
  5. I want a Malwarebytes Screensaver that includes a real-time threat map.
  6. My imagination is betraying me lately, it seems. It's not coming up with original ideas anymore, only stuff people are already doing 😢 Maybe registry auditing could eventually become part of Malwarebytes though, best-case scenario.
  7. Far too many websites try to force the mobile version onto me, even when I use the Request Desktop Site button. A lot of mobile websites are actually completely broken, and even on a phone, the desktop sites are often far more functional. If it were somehow possible to force specific websites to always give me the desktop version (without me having to click the button every time I visit), that would be awesome.
  8. I wish there was a background process that would audit every change made to the registry by specific processes, users, etc... That way it would be easier to uninstall programs cleanly, remove adware, rollback from tweaks gone awry, recover from corrupted registry files, etc. Something like that might have other benefits too!
  9. To amend this post, it's worth noting that not all types of Machine Learning are suitable for all applications, and many have their upsides and downsides. However, combining different types of Machine Learning could have its own benefits. Here is some further reading, for those who are new to Machine Learning. Even I learned quite a bit today! https://towardsdatascience.com/types-of-machine-learning-algorithms-you-should-know-953a08248861 https://www.digitalvidya.com/blog/types-of-machine-learning/ https://en.wikipedia.org/wiki/Machine_learning For those of you who are more deeply familiar with it however, especially the Malwarebytes team, definitely share your thoughts.
  10. So, I've been doing some personal research regarding Machine Learning, and I came across some interesting stuff... Blog: https://chriscummins.cc/2017/deep-learning-in-compilers/ <-- at the time of this writing, currrently a False Positive on MBAM web protection Academic Paper: https://arxiv.org/pdf/1805.03441.pdf Academic Paper: https://arxiv.org/pdf/1801.04405.pdf Blog: http://jayconrod.com/posts/94/machine-learning-and-compiler-optimization Quora Post: https://www.quora.com/What-changes-can-be-brought-in-compilers-if-we-include-machine-learning-deep-learning-algorithms What applications could you think of for using Machine Learning in a compiler? I can easily imagine using Machine Learning to automatically debug code for compatibility issues, security vulnerabilities, and other miscellaneous bugs... it would be interesting to see what other things it could be used for.
  11. Okay, another bit of registry talk... Does anyone know of any good third-party registry editors?
  12. Oh, and on that note... SInce QWORDs can still be used on 32-bit Windows, provided you're running at least WIndows XP, there really isn't any reason I can think of that you shouldn't use them.
  13. If you gave me enough time, I could probably think of a use, such as storing a seed for a random number generator as just one example.
  14. This blog post got blocked by the Malwarebytes Chrome extension while I was doing my research. https://chriscummins.cc/2017/deep-learning-in-compilers/ I guess Malwarebytes doesn't like computer science >.<
  15. You can't update a Windows installation that's not running, even with an online rescue disc? Aw man...
  16. To start off this thread, I would like to ask a question. https://en.wikipedia.org/wiki/Windows_Registry How come nobody ever uses QWORDs in the registry?
  17. Ah... Well, godspeed then. I hope you guys figure something out. In the meantime though, here's another tool that would probably be helpful to include on a hypothetical Rescue Disc, in the event that one eventually can get made... it could also probably be bundled with future versions of the Malwarebytes TechBench, @AlexSmith: Windows Update Manager (open-source) by David Xanatos. https://github.com/DavidXanatos/wumgr/ https://www.thewindowsclub.com/wumgr-free-and-open-source-update-manager-for-windows-10/ https://piunikaweb.com/2018/09/20/windows-update-manager-wumgr-windows-10/ Very handy because it not only allows you to block unwanted updates (and automatic updates) on Windows 10, but it also helps you install those stubborn updates that just don't want to install correctly, even on earlier versions of Windows. Not to mention, it can even access the Windows Update servers if they're blocked by a firewall, by way of built-in proxies and the like (or at least, I think that's how i t works). If you were to use the open-source .NET Core stuff, instead of the traditional .NET framework, then you could even work around corrupted or out-of-date .NET framework installations, again, especially on older versions of Windows. (Plus, for Wine users, you could potentially even get around Windows Update blocks.)
  18. But it doesn't take that much longer, only a few minutes at worst on every machine I've used it on.
  19. I admit, it would be nice if the Scan for Rootkits option in Malwarebytes 3 was enabled by default.
  20. The first thing is a VPN-based blocklist. Using the normal Web Protection feature to block websites will only protect Safari, but the Advanced Web Protection uses a "VPN" that connects you to your local host to filter out a list of blocked addresses and such on all web browsers. Malwarebyts, unfortunately, does not host an actual VPN. McAfee and Fyde both do the exact same thing as Malwarebytes in this regard. Not routing Safari through the Malwarebytes "VPN" on the other hand, is simply because the Advanced Web Protection is redundant when you're already using Safari, because the "VPN" doesn't offer any additional protection that's not already available to Safari. As for VirusTotal, SmartScreen, etc... those are not implemented yet. Everything else on the other hand, I mainly just want more options to configure everything,
  21. Some features I would like to see for more advanced configuration of the Advanced Web Protection VPN hook: - Configuring multiple secondary VPN profiles within the app using importing VPN profiles on your phone. One example use would be combining the web protection of other apps with the already existing Advanced Web Protection, if said apps also rely on VPN hooks. I have attached two examples: Images: https://drive.google.com/file/d/1w4Woy5PDINcgOsU63o5YPs6SJ46Tcsab/view?usp=drivesdk https://drive.google.com/file/d/1HXT9FjxCWZ9hc4y71IdLzl5g0JkwXmKe/view?usp=drivesdk - Configuring the Advanced Web Protection to disengage automatically in apps where it is not required, such as in Safari where regular Web Protection will suffice, or in apps such as Netflix, KAMI 2, Telegram Messenger, etc. These apps do not need to be routed through the Malwarebytes VPN, and if the user can add their own apps to the list, then more power to them! - Being able to configure the AdBlocker and/or VirusTotal scanning for Advanced Web Protection. Thanks! 🦊
  22. The fact that the full Chameleon system hasn't been updated to 3.x actually concerns me a little bit, even if the need for it is seemingly absent. The fact it's out of date can still potentially cause trouble when it actually matters. I still feel like there could be a lot of room for improvement though.. there's always ways you can make your defense systems more robust, sneakier, and smarter, and on the other side of the coin, there's always an unknown threat that's gonna try to outsmart you in some fashion. At the bare minimum, it would be interesting if you had managed to capture samples of Malware and developed Chameleon processes that spoofed their process names and the like, or even spoofed process names of things that would likely be monitored by spyware such as Steam, Discord, Chrome, etc... And I think using packers, encryption and other forms of obfuscation on Chameleon processes would be another helpful layer of security. So, I hope that you guys at least consider my input here. Chameleon should at the very least be maintained more regularly.
  23. Okay, update: According to Wikipedia, the Windows Preinstallation Environment actually Freeware now. https://en.wikipedia.org/wiki/Windows_Preinstallation_Environment You can probably try to obtain it via the Windows Assessment and Deployment Kit (which I used to get Windows Configuration Designer, as the MS Store continually failed to correctly install it), and/or the Shared Source Initiative (allowing you to get some access to the source code). https://en.wikipedia.org/wiki/Windows_Assessment_and_Deployment_Kit https://en.wikipedia.org/wiki/Shared_Source_Initiative There are derivatives too, such as the WinRE and Microsoft DaRT.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.