Jump to content
Amaroq_Starwind

More configurationoptions for Advanced Web Protection

Recommended Posts

Some features I would like to see for more advanced configuration of the Advanced Web Protection VPN hook:

- Configuring multiple secondary VPN profiles within the app using importing VPN profiles on your phone. One example use would be combining the web protection of other apps with the already existing Advanced Web Protection, if said apps also rely on VPN hooks. I have attached two examples:

Images: 

https://drive.google.com/file/d/1w4Woy5PDINcgOsU63o5YPs6SJ46Tcsab/view?usp=drivesdk

https://drive.google.com/file/d/1HXT9FjxCWZ9hc4y71IdLzl5g0JkwXmKe/view?usp=drivesdk

- Configuring the Advanced Web Protection to disengage automatically in apps where it is not required, such as in Safari where regular Web Protection will suffice, or in apps such as Netflix, KAMI 2, Telegram Messenger, etc. These apps do not need to be routed through the Malwarebytes VPN, and if the user can add their own apps to the list, then more power to them!

- Being able to configure the AdBlocker and/or VirusTotal scanning for Advanced Web Protection.

Thanks! 🦊

Share this post


Link to post
Share on other sites

Greetings,

Can you please elaborate a bit on some of these items?  I'm not intimately familiar with the feature set of the iOS version but would like to document these requests for the Product team so that they may review them.

First off, you propose importing additional VPN profiles; does this mean include the option of adding additional third party block lists to it, or is it something else you're referring to such as engaging multiple VPN services simultaneously?  If it is the latter, I'm not certain if that's even possible or not, but if it is, could you please explain a bit more as to how this might be accomplished just because it is my understanding that you can only connect to one VPN at a time (though I may be wrong).

Next, regarding VPN, why would you not want Safari (your browser) to go through the VPN?  Isn't the entire point of a VPN for the sake of security for tasks like online banking, communications, logging into websites like online forums, email accounts etc. without needing to be as concerned about privacy and security?  I can certainly understand why it's unnecessary for Netflix and other high bandwidth/high data services such as other streaming providers and the like, however for everything else I would think users would want the additional security and privacy provided by a VPN, though I could be wrong.

With regards to configuring the ad blocker and VT scanning, are these features which are already included and you just want more options for them to provide greater control and customization, or are you requesting that these features be added to it?  Again, I apologize, I'm just not familiar with the full feature set of the iOS version and saw no mention of a VT scan function.  If they are existing features, what options/functionality would you like to see added specifically?  An exclusions function to exclude specific sites etc., or something else?

Thanks

Share this post


Link to post
Share on other sites

The first thing is a VPN-based blocklist. Using the normal Web Protection feature to block websites will only protect Safari, but the Advanced Web Protection uses a "VPN" that connects you to your local host to filter out a list of blocked addresses and such on all web browsers. Malwarebyts, unfortunately, does not host an actual VPN. McAfee and Fyde both do the exact same thing as Malwarebytes in this regard.

Not routing Safari through the Malwarebytes "VPN" on the other hand, is simply because the Advanced Web Protection is redundant when you're already using Safari, because the "VPN" doesn't offer any additional protection that's not already available to Safari.

As for VirusTotal, SmartScreen, etc... those are not implemented yet. Everything else on the other hand, I mainly just want more options to configure everything,

Share this post


Link to post
Share on other sites

Another idea; Peer-to-Peer VPN Service, using a combination of RSA encryption and transparent asymmetric encryption. By adopting a Peer-to-Peer model as early as possible, this can minimize the demand on resources for ever hosting a real VPN in the future, while also preventing excruciating slowdown (see thread: Slowing iPhone Down) because the service would be hosted by the people using it (complete with load-balancing, latency optimization, and redundant pathways for network traffic). The use of RSA private key encryption between devices and Under-the-Hood public key encryption at the start and end points will be a surefire way to maintain privacy and security, even with multiple users acting as Peer-to-Peer hosts, and you could also piggyback off of other VPN services via setting up a second VPN profile as the final destination. Perhaps compression could also be implemented, to minimize the drain on people's bandwidth.

Share this post


Link to post
Share on other sites
Quote

Another idea; Peer-to-Peer VPN Service, using a combination of RSA encryption and transparent asymmetric encryption.

Probably a good feature, but IMHO, not something that Malwarebytes should be undertaking. And there are already apps that perform the same capability (e.g. WhatsApp and Signal) without the overhead imposed by VPN.

Edited by alvarnell

Share this post


Link to post
Share on other sites

Peer-to-Peer VPNs don't exist yet, but hypothetically speaking;

A Peer-to-Peer VPN is basically a network of VPNs between devices. The origin point of a packet is encrypted with the destination's public key, and then passed from client to client using additional RSA encryption between devices until it reaches its final destination. That final destination then acts like a traditional VPN server normally would, sending your data to the website on your behalf.

Share this post


Link to post
Share on other sites

So since the packets are decrypted at each intervening node, you have to trust that node won't harvest the data? I don't see any chance that I would subscribe to a system like that, especially since I doubt that I would even have a way of knowing who owns those intervening nodes.

Also, I think I need to point out that what you are suggesting is a privacy service, which is a different animal from the Security, Anti-Malware business which is the focus of Malwarebytes. Perhaps a company that deals in privacy would be a better match for this idea.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.