Jump to content

Amaroq_Starwind

Members
  • Content Count

    495
  • Joined

  • Last visited

Posts posted by Amaroq_Starwind


  1. I received a similar email once, which is actually what prompted me to start taking cybersecurity more seriously. However, it was appended with some spiel about saying that the email had been edited in transit and translated by somebody else, and that it was safe, even recommended, to report to the authorities, and that if I did so then no harm would be done. I didn't respond to the email at all, though, and I do not recommend responding either. It's not only a bitcoin ransom scam, but also a phishing/data harvesting attempt to trick people into sending sensitive information in an encryptionless reply.


  2. My hypothesis: It records whenever a user proceeds to a website that is/was a false positive, detects when web elements hosted by malicious domains try to appear on a web page, or when exploit prevention detects and prevents an exploit. This way, it can upload information to the Malwarebytes servers and say "Hey boss, this website looks clean!" or "Hey boss, this website looks infected!", thus reducing the risk of false positives and increasing the detection rate of malicious websites and domains. However, as the Web Protection module is primarily database-drivem rather than heuristics-driven, your guess is as good as mine.

    If a clean website is hosted on the same IP Address as an infected website however, then it will usually produce a false positive. Similarly, some VPNs and TOR connections could also produce false positives.


  3. Actually, I just found out about the MalwareBytes Academy thing, which is apparently exclusive to Endpoint Protection customers. Since I'm trying to get a Computer Science (Associate of Science) degree as my minor and a Cybersecurity (Associate of Applied Science) degree as my major, this Malwarebytes Academy thing is particularly enticing, and I now have renewed interest in MalwareBytes Endpoint Protection / Malwarebytes for Business. The Cloud Management Console could also help me troubleshoot protected computers regardless od where I am, and there are a lot of computers in my family that are currently protected by Malwarebytes.


  4. @6yearuser Besides databases, MalwareBytes will primarily use machine learning to determine whether or not something is hostile, including scanning websites. As with everything based on machine learning, false positives are bound to happen, and yes while some tools that produce false-positives do have a political or socioeconomic motivation (just look at Google), not all do. MalwareBytes (as both a company and a product line) does not care about politics or choosing sides, only about maintaining your privacy and protecting your computer from threats. This is especially true with the software itself, which is literally incapable of caring about sides or politics.

    Welcome to the forum, by the way!


  5. That's... Not what I'm trying to do... I'm actually against Patent/Copyright Law normally (if it were up to me, everything would be Creative Commons), but cybersecurity is a pretty big deal. There are a lot of technological innovations that could change everything, but the patents for them are being sat on by companies who aren't doing anything with them.

    In this particular case, though, I kind of don't want the open internet to know about my designs because... Well... What if Malware developers start using the techniques I've come up with?


  6. So what Gonzo is saying...

     

    Is that if I had a really good idea (a security technique) that could cause a lot of trouble if the information got into the wrong hands (ie, Malware devs), I could trust them to keep it safe from prying eyes (other companies, rogue governments, and Malware devs) and/or put it into use in some form (because they have the engineers, researchers and developers, while I'm just one person).


  7. I still feel like MalwareBytes should compile a version of MB3 for ARM64 builds of Windows 10, as ARM devices running Windows 10 are becoming increasingly popular. Even before threats specifically targeting the ARM64 version become a thing, it could help protect against common exploits that don't care which version of Windows you're running. If you're running Windows 10 for ARM, you won't be able to run the current x64 version of MalwareBytes, and you'd have to do icky workarounds to install the 32-bit version which probably wouldn't work too well.


  8. Before your response, I felt accomplished. Now, I feel like a talentless hack. Maybe I should just wait for the professionals...

    I wasn't completely ignoring your advice; I'm fully aware that what I am doing is at my own risk.

    My only intention in running it multiple times was to provide that self-healing-ness I was looking for, due to inevitable corruptions that can occur between restarts if the computer goes for a long period of time without restarting. However, "1 hour" is the longest I could specify in the GUI, and I didn't realize that you were specifically trying to get me to use the command-line; I can see now why the command-line is the better option, though.

    Using the Task Scheduler GUI, due to the limited amount of control and information that it gave me; I was hoping that by specifying the order of DISM first and SFC second, that it would respect that order and not run SFC until DISM stopped running. But rather than going entirely off of assumption, my intention is to test my hypothesis and see what happens when I run the task in its current state. Since I didn't see SFC in the process list in task manager upon running the task, this has led me to the belief that maybe it will actually perform the actions in serious rather than in parallel.

    I still intend to figure out how to make it actually wait until DISM actually reports a successful operation before running SFC, so what I just uploaded could be considered a prototype of sorts. That specifically is what I'd like to figure out.

    So, I still learned some important lessons here:

    1. The Task Scheduler GUI is far too limited to do any real work.
    2. Command-line tools are better for anything involving automation, remote administration or headless operation.
    3. Though I have "good" ideas (like a DIY setup for self-healing OS components), I don't listen to instruction, and if I am not explicitly told that I have to do something the hard way, then I instead just do it with whatever tools immediately come to mind.

  9. The GUI version of the Task Scheduler really needs a "Run Minimized" checkbox when setting an action to run a program. As for DISM and SFC, the main issue I have is setting the latter to only run when the former has finished successfully. Thank you for the materials, I'll come back if I still can't figure it out.


  10. I wasn't disagreeing with you on citing Google, I was merely elaborating on the issue so that others who weren't as well-informed wouldn't be super confused when reading this thread. As it stands, Google never was a search company in the first place, they have always been a marketing company. Their revolutionary search engine was just the first step in their master plan. We live in a world run by con artists. We live in Shadowrun, but slightly less violent and without all the awesome fantasy and science fiction elements.


  11. On the Amazon video app for the PS4, a short commercial will play in between episodes of shows, including ones that we've actually purchased and aren't available for free via an Amazon Prime membership.

    Oh, and Google also explicitly puts advertisements in the middle of YouTube videos to try to get people to pay for YouTube Premium with the "No more interruptions" selling point. And even though a lot of people use YouTube or Twitch as their primary means of income, they won't actually get that income anymore because of copyright abuse, where something that falls within fair use (or in some cases,  has nothing at all to do with something that's copyrighted) will either receive a copyright claim (at which point, all revenue goes to whoever placed the claim), or will receive a copyright strike (where the video is taken down entirely).

    After three copyright strikes, your entire channel is deleted. And we have bots all over the internet looking for anything that even barely resembles copyrighted material in the loosest sense of the word and basically machineguns copyright strikes at people.

    And let's not forget the demonetization bots, which will flag your videos as being "unsuitable for advertisers" if your video contains anything which the bot classifies as offensive or controversial, which is A LOT of things (not only needlessly broad definitions, but false positives on top of that) and you won't get any revenue from it at all. And yet advertisements will still play. What exactly does "unsuitable for advertisers" even mean, anyway? People would still be watching the video, and would still be forced to see advertisements. And if you get a false positive, tough luck, because YouTube support is specifically trained to be as unhelpful as possible.

    By the way, Google's official reasoning for demonetization bots? "To stop terrorism". Yeah, because clearly, all anyone ever watches on youtube are videos of people wearing ski-masks beheading anyone who's not also wearing a ski-mask.

    The demonetization and copyright strike bots on YouTube, which rely on machine learning, have hardly any training at all before they're released into the wild and given administrative privileges. It would be like taking a toddler with only the barest sense of right from wrong, giving them a box of superhero cartoons on VHS and a five minute crash course on the law and criminal justice, and then giving them a badge and gun and putting them in charge of an entire swat team with the purpose of "stopping bad guys" with a license to completely disregard collateral damage. And by the way, this entire paragraph is being extremely generous. Those bots need to be put on a leash,  and the people who authorized their release are long overdue for their rabies vaccine.


  12. Amazon still makes you watch advertisements, though... which pisses me off more than a little bit. As much as I love and rely on the internet, I feel like only after a complete collapse of the system would things have even a chance of improving. Same thing with current economic and political structures.


  13. I have a mix of reasons.

    For starters, it's Windows 10 running on an old laptop, and Windows Update has never been the most reliable for me. Also, I have an old hard-disk that isn't doing too well, and I'm paranoid about file corruption, but until I can afford an SSD to replace it (or better yet, a new computer entirely) I need to make do with what I have and make sure that the system integrity is always as close to intact as possible. I often encounter random issues on my computers that don't seem to have any discernible root cause, which I have begun to attribute to gremlins. That, and having a sort of "self-healing" thing already in place in the event of future errors occurring somewhere down the line just seems like it would be a smart idea.

    This isn't a proper long-term fix or treatment plan so much as a stopgap solution to extend the life and usability of my system a little longer, albeit also having elements of being a bit of an experiment where I actually put an idea I have to the test. In this case, having a continuous version of DISM / SFC running was inspired by the self-healing capabilities of ReFS, along with the frequent risk of filesystem corruption caused by various other factors.

    I do have both Windows Defender and MalwareBytes set up to protect my system from threats, but the one enemy they can never truly defend against is entropy itself.

    On a semi-unrelated note, once I know how to create a script such as this, I can also set it up on my grandparents' computer to make their lives just a little bit more reliable, since I will often have to go over there to fix problems that unexpectedly develop for a variety of reasons.


  14. I'm looking to create a scheduled task, PowerShell script, or command executable that would automatically run the commands DISM /online /cleanup-image /restorehealth and sfc /scannow in the background, and specifically in that order, both on startup and on a regular schedule, and most importantly without requiring a prompt for user input or requiring a UAC prompt. However, as I am not experienced with the task scheduler or with PowerShell, and I've never created a command executable before, I don't have the first clue how actually go about creating what I'm looking for. Could I have some help?


  15. It is no secret that companies have trade secrets. In fact, I would be more surprised if security vendors like MalwareBytes didn't have any trade secrets. But while trade secrets aim to protect a design through obfuscation, they serve no good once somebody else has already copied the design, which is where a patent comes in. However, filing a patent requires exposing details of the design. This  leaves me with two questions:
    1. For my own purposes (future endeavors), is it possible to get the benefits of having a patent on something while still keeping the really important stuff a trade secret?
    2. Purely to satisfy my curiosity, does MalwareBytes happen to own any software patents?

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.