Amaroq_Starwind
-
Posts
700 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Amaroq_Starwind
-
-
The whole reason the recycle bin exists in the first place is so that stuff that gets accidentally deleted still has a chance to be recovered. My main intention with suggesting a feature like this is to make it possible to prevent accidentally deleted stuff from being accessed by the wrong set of hands, and in the case of any malicious executables trying to hide in there, it could be used to prevent them even being able to find their own files. Effectively speaking, everything that goes into the recycle bin would be automatically quarantined, with only authorized applications (such as virus scanners) being given access to the data in question (through their own private decryption keys) for the purposes of scanning for malicious data.
But wait, what about those users who are fans of secure deletion? There's a middle ground there; automatically put an expiration date on anything which goes into the recycle bin; this means that while the requirements of secure deletion are still satisfied (Delete on Reboot + Bitwashing), there is still a grace period for recovering from any accidental deletions.
With all of that said, I'll go ahead and ask to have this thread moved into the General Chat section. No harm, no foul. -
So, I just learned of something going on that may be of interest to anyone who currently follows Quantum Computing. Anyone else getting a renewed sense of optimism?
https://csrc.nist.gov/Projects/Post-Quantum-Cryptography
The short version is, for those who don't wish to follow the URL; there are currently on-going projects to develop new forms of Public-Key Encryption which are still compatible with classical computers and existing infrastructure, but which are also exceptionally resistant to attack by both classical and quantum computers. The Post-Quantum Cryptography (PQC) group in particular is having a competition-style research and development campaign, and they are currently on the second round of candidates. You can sign up for their mailing list on Google Groups, and even join the on-going effort if you so wish.
What this means is that Quantum Computing is actually going to soon lead to the development of encryption algorithms and protocols the likes of which the world has never seen, and it might only continue to get better from there. For once, we might actually be ahead of the bad guys. -
Here's an idea; create a fork of Android (it is open-source, after all), designed with the sole purpose of being as secure as absolutely possible while compromising on the user experience as little as possible. It could be called... Jawbreaker.
Once I've done enough class in college, I might start working on this, or contribute to its development if it's already in progress by then.
-
I wasn't trying to cause any trouble, quite the opposite... But I understand. I'm really sorry.
Maybe it'd be for the best if I took a short break from the community. -
Wait, what? Where did the rest of the thread go?
-
Instead of trying to protect multiple virtual machines simultaneously with duplicate installations of Malwarebytes, and requiring a separate license for each VM, wouldn't it be more practical to just have the main Malwarebytes application installed on the host system and a thin client installed on each VM that inherits a license activation from the host system?
And while I'm on the subject of VMs, what about using a Malwarebytes installation on a host machine to protect any guest machines imaged with older operating systems (for instance, Windows 2000/ME virtual machines), and/or randomizing scheduled task times to prevent overstressing the server's resources?
Sincerely,
Amaroq -
@AndrewPP Any update on the status of the status update utility? I wouldn't mind being able to help out in a more official capacity.
-
That said, if a threat does manage to get past Malwarebytes, specifically one which could be easily detected by an Anti-Virus engine that detects scripts, then you are more than welcome to use both Malwarebytes and an Anti-Virus product since Malwarebytes is designed to work alongside those without issues. Just don't use multiple Anti-Virus products at once.
If you happen to use Windows 10, then Malwarebytes and Windows Defender are both adequate. If you're running Windows 10 Enterprise or Windows Server 2016/2019, then you could also try using Malwarebytes alongside Windows Defender Advanced Threat Protection. However, as I do not have an Advanced Threat Protection subscription, I cannot test that to tell you if that would end well or not.
If you wanted to turn Malwarebytes into an anti-virus (which specifically targets viruses and scripts), then you would have to add another detection engine entirely, breaking its compatibility with other security products in the process. -
For anyone who doesn't wish to purchase ESU, but also doesn't wish to move on to Windows 10, I sincerely hope that whatever vulnerabilities are fixed by the updates in ESU can also be fixed by third-party security solutions such as Malwarebytes.
In the future, though, if Microsoft ever changes their mind on Windows 10 being the last version of Windows and plans to do an End of Life on the OS... actually, maybe let's not worry about that just yet. -
If Malwarebytes doesn't yet have supply chain threat detection, they ought to start working on that soon. Meanwhile, somebody seriously needs to get to work on a more investigative, or more aggressive, cybersecurity system. Something that can actually track down the original source of a threat by any means necessary. It would take an insane amount of development resources, though, and it probably wouldn't be super practical. I estimate no more than a 0.5% success rate in an absolute best-case scenario, but I'd love to be proven wrong.
Mass telemetry might actually be able to do something good for once, because that's probably the single most practical implementation of a threat-seeker. -
Well, that's just lovely. I have to use ASUS software on my computer in order to use my printer because said printer is connected directly to my ASUS router, instead of just letting me use the printer directly, something I could probably do with literally any other router. Additionally, one of my other computers uses an ASUS motherboard, and all of my computers except the laptops use ASUS networking cards.
TL-DR: I'm screwed! -
Speaking of Symantec, I learned the funniest thing; turns out my dad has an old friend who's pretty high up the Symantec ladder now.
Back on the main subject, there might be a new user registering some time in the near future. I discussed the subject of Recycle Bin hardening with him (her?) just a little bit ago, and they had some interesting ideas regarding two-factor authentication and asymmetric encryption.
-
Here we go:
https://community.spiceworks.com/topic/1065273-av-on-host-vm-or-both
Turns out there's actually a VM manager with built-in anti-virus capabilities for your VMs, and it supports the tried and true Kaspersky engine.
I know that it's not exactly an Anti-Malware system for Windows 2K and 2K3, but it's better than nothing IMHO.
Maybe in the future, Malwarebytes Endpoint Protection will have accommodations for protecting virtual machines.
-
Hmm... I'll have to dig around. I'll let you know if I can find anything.
If you're able to convert your hard disks for those servers into virtual hard drives, though, then you could probably run them inside of virtual machines. Maybe there's a modern anti-malware utility that can scan what's happening on a VM from the outside. -
I'd just reimage them, personally. However, legacy versions of Malwarebytes which still run on Windows XP might be able to run on Windows 2000 or Windows Server 2003, with some tweaking. With the amount of tweaking that would probably be needed however, it probably wouldn't be worth the effort if you're just going to get rid of the servers. Hence, reimage.
-
By the way, whatever ideas people come up with, remember that there are three goals here:
Practicality: Could it be achieved with a simple redirect or filter driver, or would it require a significant rewrite of the operating system? Would it require management by the end user with specialized software, or would it be a Fire-and-Forget solution?
Creativity: This one is a bit harder to judge, being more of a subjective spectrum. On the one hand, there's the "if it ain't broke, don't fix it" camp, but on the other, there's just something really satisfying about innovation and originality.
Versatility: Whatever idea you have, does it have a very niche use case, or can it be applicable to a wide range of situations? Bear in mind that people are finding new ways to use old stuff all the time, so there's a lot of wiggle room here.
Again, this is mainly just brainstorming. I don't need to see any specific technical implementations, so don't worry if you don't have those details worked out. And if you're not sure about your idea, feel free to pitch it anyway so that other folks here on the forum can discuss it with you. Everything has the potential to inspire something else. -
Come on, isn't anyone at least a little excited? This is a big moment for me.
-
I've been thinking about the Windows Recycle Bin. Or more specifically, I've been thinking about how there's no way to secure it, and prevent unauthorized users and applications from attempting to view or restore sensitive information that has been deleted. And no, I'm not talking about permanent file deletion, since on a personal scale sometimes you'll forget to permanently delete something, and on a company-wide scale you can't guarantee that every employee's first instinct will be to permanently delete a file.
While I'm at it, I can't help but notice that the recycle bin doesn't seem to have any form of compression or deduplication, but that seems like far less of an issue than security.
I guess this is more of a brainstorming thread than anything else; if for some reason you needed to secure (or at the very least, optimize) the Windows Recycle Bin, how would you go about doing it? What techniques would you opt to use, and for which scenarios? -
The image should say it all...
I honestly don't know what to make of this...
-
This is less of a support request (since I already know how to fix it) and more of a bug report: The Malwarebytes Windows Firewall Control application, when you set the service to Automatic (Delayed Start), will show an exclamation mark in the tray and won't be able to connect to the service. The only way to fix it is to manually restart the service in the Service Manager (services.msc), since the application doesn't auto-restart, nor is there a context menu option to restart the service manually. I have confirmed that this issue only occurs when the service is set to Automatic (Delayed Start)
I have the service configured to restart automatically after 5 minutes when it fails, and I have the "FailureActionsOnNonCrashFailures" REG_DWORD set to 1, but it doesn't help since the service is not technically failing, rather it's the tray application which fails. Also, Malwarebytes Windows Firewall Control is not covered by the Windows script to display Malwarebytes Endpoint Protection Agent Health and Service Status available elsewhere on this forum, nor is it covered by the Malwarebytes Toolset or the Malwarebytes Support Tool. In fact: despite Malwarebytes' acquisition of Binisoft being a while ago, you can't even get it directly from the Malwarebytes website yet, and you need to go over to the Binisoft website to get it.
If these issues could be addressed in some fashion, I would much appreciate that!
Sincerely, Amaroq
P.S.: Dear moderators, I sincerely apologize for the minefield of URLs. I promise that none of the links are malicious, however. You can double-check! -
You really ought to watch Person of Interest. AI doesn't have to be a crapshoot. The future is already here, whether we want it to be or not, so all we can do now is make the most of it. Or pray that we get hit by a solar flare which sends us back to the dark age.
-
@kenzolicious I'm with Exile on this one. Please show some more respect to the Malwarebytes team.
-
19 hours ago, exile360 said:
Actually, because Malwarebytes is not case sensitive, it doesn't matter, and that's the point. It will protect the process regardless. Implementing case sensitivity in Malwarebytes would actually break this functionality and then the user would have something to worry about with the process name using a different case, but because Malwarebytes disregards case it is able to protect the process as it should without any changes regardless of how it is spelled.
What I meant by implementing Case-sensitivity was to implement the ability to detect Case-sensitive filenames and folders that normally wouldn't be accessible otherwise, not to make the scanning itself Case-sensitive >.<
-
After reading some threads by AdvancedSetup (here, and here), I've been messing around with Windows services, both through the Services Manager (Services.msc) snap-in, and through the Registry Editor, and an idea struck me. I would like to configure the Malwarebytes Support Tool to automatically launch whenever a Malwarebytes-related service fails, but I can't seem to locate the directory of the installed support tool executable on my computer, nor do I know which specific command line parameters and arguments (if any) that I should use when specifying the Failurecommand registry value (data type: REG_SZ) or the "Run a program" option in the Services Manager. Could somebody give me a place to start, @dcollins perhaps?
Hidden UWP File Explorer in Windows 10. Spoiler: It currently sucks.
in General Chat
Posted
So, this is funny. Turns out a UWP version of Windows Explorer has been hiding inside of Windows 10's files this whole time...
...and it still sucks, at the moment. I mean, it's pretty fast (much faster than the default Windows Explorer, at least on my crappy computer) and it seems really stable, but it is severely lacking in features and it's pretty hard to navigate at the moment. The UI has been completely redesigned for touchscreens, at the cost of many of the features that power users take for granted. I mean, it doesn't even have a Details view yet, and it's been here for almost two years. Perhaps that's why Microsoft hasn't officially announced it yet...
The article above has instructions on how to enable it. Turns out all you have to do is make a desktop shortcut pointing to a certain directory, and you're good to go. In fact, let me just quote the article:
So, do I have a sneaking suspicion that Microsoft isn't even working on this thing anymore...?