G
Guest
Defender lists some startup programs as 'Not yet Classified'. How can I tell
defender these programs are OK to run on my PC and should be 'Permitted'.
defender these programs are OK to run on my PC and should be 'Permitted'.
G
Guest
brianjcook said:
This is a guess, but I think this classification is more "global" in
nature. That is, WD is checking some master data base to see if the
program in question is safe or dangerous. "Not yet classified" means
there's no entry.
It could be that if you set the "Join microsoft spynet" option to "join
with advanced membership" your choices will influence that database. I
have no idea how it truly works
G
Guest
I tried that ... no visible change!
I can't believe I am the only Vista RC1 user running AVG antivirus or Skype!
I can't believe I am the only Vista RC1 user running AVG antivirus or Skype!
N
NewScience
Some apps will be 'classified' by setting "Join with advanced", but it takes
a long time ... months.
What's funny, is a lot of MS own software still hasn't been classified ...
even after all this time (specifically all versions of SVCHOSTS)
For months RoboForm would not get classified ... after joing advanced ... a
copule months later ... it became classified.
But it takes quite a while.
a long time ... months.
What's funny, is a lot of MS own software still hasn't been classified ...
even after all this time (specifically all versions of SVCHOSTS)
For months RoboForm would not get classified ... after joing advanced ... a
copule months later ... it became classified.
But it takes quite a while.
G
Guest
brianjcook said:
I think you're missing the point. It's not enough to just have 2
end-users classify a software as "allowed" for WD to allow it! I sure
hope it's not that easy...
I can't speak for AVG, but I know that Skype has been listed in the past
as questionable from a security standpoint.
http://www.securityfocus.com/columnists/357 - Google will find other
discussions. I'm not saying it's bad or good, but that the jury is still
out...
I think that someone with expertise in security should pass the final
decision about what is allowed and what is "not yet classified" -
perhaps public opinion can help, but it should not be the sole factor.
In my opinion, anything in the gray area should remain "not yet
classified" to avoid giving a false sense of security.
This is one reason I decided not to join as an advanced member - I think
MS is more interested in other things - my opinion as an end user about
whether or not something is legit, should not matter! This is not
"security by democracy" because most end-users are not security savvy
(nor should they be expected to be).
G
Guest
I whole heartedly agree with the points you make about security not being a
democracy. I have worked administering security (albeit in a mainframe
environment) and know well it is a thankless task where there are always many
more users attempting to circumvent the security than enforce it.
I need more information about the classification process so that I know what
WD is telling me. I also feel MS could be applying more effort to
classifying software, as it created the need for the classification,
especially those packages used by many millions of end users worldwide. I
sincerely hope this is in place by official release.
I would hate to think ALL programs running under Vista must be 'approved' by
MS. That would be a subject for debate!
democracy. I have worked administering security (albeit in a mainframe
environment) and know well it is a thankless task where there are always many
more users attempting to circumvent the security than enforce it.
I need more information about the classification process so that I know what
WD is telling me. I also feel MS could be applying more effort to
classifying software, as it created the need for the classification,
especially those packages used by many millions of end users worldwide. I
sincerely hope this is in place by official release.
I would hate to think ALL programs running under Vista must be 'approved' by
MS. That would be a subject for debate!
P
plun
brianjcook skrev:
Hi
Well, this is a totally abnormal way to handle software....
Really primitive form of HIPS functionality compared with
latest security packages from other vendors.
I am also sure that Europe will have a N-version without WD.
If MS can fix this little challenge they are welcomed again
with WD.
UAC and WD messages.... I have turned of everything inside
Vista...
regards
plun
Hi
Well, this is a totally abnormal way to handle software....
Really primitive form of HIPS functionality compared with
latest security packages from other vendors.
I am also sure that Europe will have a N-version without WD.
If MS can fix this little challenge they are welcomed again
with WD.
UAC and WD messages.... I have turned of everything inside
Vista...
regards
plun
G
Guest
Hello Brian,
I think you may have to work at excluding it from the scan, as an interim
measure. Tools, Options, scroll down to Advanced options, and fill the box,
by adding the full path and file name to the Tools/Options/ do not scan box,
hit the add button, and Save.
For the benefit of the community reading this post, please rate the pºst.
I hope this post is helpful.
Let us know how it works ºut.
Еиçеl
-
I think you may have to work at excluding it from the scan, as an interim
measure. Tools, Options, scroll down to Advanced options, and fill the box,
by adding the full path and file name to the Tools/Options/ do not scan box,
hit the add button, and Save.
For the benefit of the community reading this post, please rate the pºst.
I hope this post is helpful.
Let us know how it works ºut.
Еиçеl
-
B
Bill Sanderson MVP
brianjcook said:
Some debate along those lines has started already, in the form of full page
newspaper ads by McAfee and others in European newspapers. What they are
apparently taking issue with, and I haven't seen the ads, is the requirement
that drivers and code which hooks the kernel in 64-bit Vista must be signed.
For an informal discussion of this issue see:
http://www.rockyh.net/Posts/Post.aspx?postId=6d119600-53a9-4bf4-b491-2b04127f4022
(scroll down)
G
Guest
Hi Brian,
Just out of interest, are you using Norton Worm Protection?
Just out of interest, are you using Norton Worm Protection?
G
Guest
Hi Brian,
Disregard my previous post, I notice you are running AVG.
Disregard my previous post, I notice you are running AVG.
P
plun
Bill Sanderson MVP skrev:
Well , I believe this is better, McAfee and Symantec burned
themselves up years ago.
http://news.com.com/European+rivals+turn+wary+eye+on+Microsoft/2100-7350_3-6120476.html
2 pages...
In the end:
"F-Secure has not yet spoken to the regulators, Siilasmaa
said. "We trust Microsoft
will do the right thing, and if they don't, everyone will be
talking to the Commission," he said.
"I believe that Microsoft will come to understand and accept
that, and they will change
some of the plans they have regarding Vista."
It is only small changes, i don´t believe that the
"PatchGuard" is a trouble.
Remove ads/offers for One Care and make it possible to turn
off WD.
I get angry every time I sees that "offers" from
Microsoft....
Every user must think.... themselves...!!! visit
www.microsoft.com and find out.
regards
plun
Well , I believe this is better, McAfee and Symantec burned
themselves up years ago.
http://news.com.com/European+rivals+turn+wary+eye+on+Microsoft/2100-7350_3-6120476.html
2 pages...
In the end:
"F-Secure has not yet spoken to the regulators, Siilasmaa
said. "We trust Microsoft
will do the right thing, and if they don't, everyone will be
talking to the Commission," he said.
"I believe that Microsoft will come to understand and accept
that, and they will change
some of the plans they have regarding Vista."
It is only small changes, i don´t believe that the
"PatchGuard" is a trouble.
Remove ads/offers for One Care and make it possible to turn
off WD.
I get angry every time I sees that "offers" from
Microsoft....
Every user must think.... themselves...!!! visit
www.microsoft.com and find out.
regards
plun
N
NewScience
I TOTALLY agree. I assisted my sisters, aunt and uncles in purchasing Dell
computers ... all with McAfee.
I spent months, reverse engineering McAfee, to find out why if constatly had
problems dealing with Spam, ....
Forum help was useless, and the only solution I ever got from phone, online
and forum ... was to uninstall and reinstall.
Even the uninstall does not work ... you have to download batch files to
cleanup the uninstall.
computers ... all with McAfee.
I spent months, reverse engineering McAfee, to find out why if constatly had
problems dealing with Spam, ....
Forum help was useless, and the only solution I ever got from phone, online
and forum ... was to uninstall and reinstall.
Even the uninstall does not work ... you have to download batch files to
cleanup the uninstall.
B
Bill Sanderson MVP
Near as I can tell, Windows Defender is designed parallel to antispyware, in
terms of the firewall--I'm not an ISV, and I haven't tried asking this
question in a developer forum, but it sure looks like the security center is
designed for third parties to plug their own antispyware in just the way
antivirus works in XP.
--
terms of the firewall--I'm not an ISV, and I haven't tried asking this
question in a developer forum, but it sure looks like the security center is
designed for third parties to plug their own antispyware in just the way
antivirus works in XP.
--
P
plun
Bill Sanderson MVP skrev:
Well...
Not with RC1 build 5600 and 5728.
And of course MS must change this so customers running
other vendors protection easily can "switch over".
It might be a good idea to have WD installed directly so
customers
without knowledge can concentrate on antivirus protection.
But the majority now knows about security and also have a
working
licensed security package that they directly wants to
install with
no hassle. This will probably be a mess in January-February
with
older non working security packages.
regards
plun
Well...
Not with RC1 build 5600 and 5728.
And of course MS must change this so customers running
other vendors protection easily can "switch over".
It might be a good idea to have WD installed directly so
customers
without knowledge can concentrate on antivirus protection.
But the majority now knows about security and also have a
working
licensed security package that they directly wants to
install with
no hassle. This will probably be a mess in January-February
with
older non working security packages.
regards
plun
B
Bill Sanderson MVP
I'm not sure how you are judging this. When I get access to RC2, I'll take
a look.
The user can turn Windows Defender off in Vista, I believe, but the hooks to
replace it with an alternative are in an API which is not easily available
except to antivirus vendors.
--
a look.
The user can turn Windows Defender off in Vista, I believe, but the hooks to
replace it with an alternative are in an API which is not easily available
except to antivirus vendors.
--
G
Guest
The hooks to replace Defender are the same ones available to be used by any
AntiVirus or FireWall product and have existed since before the release of
Windows XP SP2. The Windows Filtering Platform is used by the Windows XP SP2,
Vista and Windows Live OneCare AV and firewalls, none of which use any other
direct access to the OS. A firewall is really nothing but a GUI interface
into this WFP API set.
The reason this was done is that many of the AV/Firewall vendors were
writing their own wedges into the TCP/IP packet stream, causing problems with
the stability and integrity of the network stack and interfering with
critical services like BITS which resulted in failures in the Windows
Automatic Update and other systems. Microsoft is finally done fooling around
with these idiots and is providing a clear interface to the OS for anyone
with the skills to write to them. If they don't wish to use these API sets,
good riddance.
Here's a description of the Windows Filtering Platform and a link to its
complete description on WHDC, dated May 13, 2004.
http://www.microsoft.com/whdc/device/network/WFP.mspx
"The Windows Filtering Platform is a new architecture in Windows Vista and
Windows Server "Longhorn" that allows third-party software developers access
to the TCP/IP packet processing path, wherein outgoing and incoming packets
can be examined or changed before allowing them to be processed further. By
tapping into the TCP/IP processing path, ISVs can create firewalls, antivirus
software, diagnostic software, and other types of applications and services.
The Windows Filtering Platform is designed for both IPv4 and IPv6 traffic.
Third-party host-based firewall products that use the Windows Filtering
Platform will typically support both IPv4 and IPv6 traffic.
I'm tired of listening to the general European 'MS Bashing' and it would be
fine with me if they simply decided to stop doing business there. The
European Commision is obviously nothing but a protectionist front for
European Union products.
Funny how now that Microsoft is developing products, including a new OS,
that will really protect Windows' users, the rest of the security ISVs cry
foul. Interesting, since they're the same ones who were always saying that MS
needed to improve security in the OS! Can't have it both ways and it really
shows their true colors.
By the way, anyone else noticed that every single significant security
product vendor has a new suite product either in development or already
available? Think that's coincidence or maybe they all knew this was coming,
it just took some longer to realize or re-develop their products for it?
Anyone in the security community claiming they didn't know about this is
either blind and deaf, or an idiot. This is nothing but product positioning
done the wrong way. Those buying this excrement need to get a clue!
Bitman
AntiVirus or FireWall product and have existed since before the release of
Windows XP SP2. The Windows Filtering Platform is used by the Windows XP SP2,
Vista and Windows Live OneCare AV and firewalls, none of which use any other
direct access to the OS. A firewall is really nothing but a GUI interface
into this WFP API set.
The reason this was done is that many of the AV/Firewall vendors were
writing their own wedges into the TCP/IP packet stream, causing problems with
the stability and integrity of the network stack and interfering with
critical services like BITS which resulted in failures in the Windows
Automatic Update and other systems. Microsoft is finally done fooling around
with these idiots and is providing a clear interface to the OS for anyone
with the skills to write to them. If they don't wish to use these API sets,
good riddance.
Here's a description of the Windows Filtering Platform and a link to its
complete description on WHDC, dated May 13, 2004.
http://www.microsoft.com/whdc/device/network/WFP.mspx
"The Windows Filtering Platform is a new architecture in Windows Vista and
Windows Server "Longhorn" that allows third-party software developers access
to the TCP/IP packet processing path, wherein outgoing and incoming packets
can be examined or changed before allowing them to be processed further. By
tapping into the TCP/IP processing path, ISVs can create firewalls, antivirus
software, diagnostic software, and other types of applications and services.
The Windows Filtering Platform is designed for both IPv4 and IPv6 traffic.
Third-party host-based firewall products that use the Windows Filtering
Platform will typically support both IPv4 and IPv6 traffic.
I'm tired of listening to the general European 'MS Bashing' and it would be
fine with me if they simply decided to stop doing business there. The
European Commision is obviously nothing but a protectionist front for
European Union products.
Funny how now that Microsoft is developing products, including a new OS,
that will really protect Windows' users, the rest of the security ISVs cry
foul. Interesting, since they're the same ones who were always saying that MS
needed to improve security in the OS! Can't have it both ways and it really
shows their true colors.
By the way, anyone else noticed that every single significant security
product vendor has a new suite product either in development or already
available? Think that's coincidence or maybe they all knew this was coming,
it just took some longer to realize or re-develop their products for it?
Anyone in the security community claiming they didn't know about this is
either blind and deaf, or an idiot. This is nothing but product positioning
done the wrong way. Those buying this excrement need to get a clue!
Bitman
G
Guest
Couldn't say it better than he did; the developers either need to get their
code signed or simply die off, as some probably will. Even small software
vendors have realized they'kll need to be signed for Vista or die when
they're listed as 'Not yet Classified'.
I've never seen a better or simpler method to get software vendors to do
what they should have been for years. Spybot Search & Destroy has been
digitally signed for over a year now and is automatically allowed access for
their update module via the Windows OneCare firewall. If a donation supported
vendor like Safer-Networking (Team Spybot) can do this, I don't see any
excuse for a commecial product of any size.
Bitman
code signed or simply die off, as some probably will. Even small software
vendors have realized they'kll need to be signed for Vista or die when
they're listed as 'Not yet Classified'.
I've never seen a better or simpler method to get software vendors to do
what they should have been for years. Spybot Search & Destroy has been
digitally signed for over a year now and is automatically allowed access for
their update module via the Windows OneCare firewall. If a donation supported
vendor like Safer-Networking (Team Spybot) can do this, I don't see any
excuse for a commecial product of any size.
Bitman
P
plun
Bitman skrev:
Well, it´s "US junk" companys which stands in Bryssel in a
que to the regulator.
I am really tired of US junk... and making human
beings to stupid robots.
European companys just except that "the dominant player"
realize important
facts about Windows Vista and competition.
http://news.com.com/European+rivals+turn+wary+eye+on+Microsoft/2100-7350_3-6120476.html
But of course we can throw out MS Windows and instead
running Suse Linux and
Open Office, no problem. Look at Munich, Germany.
http://news.com.com/2100-1016-1010740.html
But now we have great engineers in Redmond and also great
software but
maybe stupid leadership so it is maybe impossible to
overcome these small
steps I believe it is to change.
- Remove all stupid offers from MS, users must think themselves.
- Clear all API questions.
- Make it possible to switch off WD
- Discuss the patchguard openly
- Bitlocker
It´s a real shame that your DOJ is sleeping beacuse of Mr Bush.
Well, it´s "US junk" companys which stands in Bryssel in a
que to the regulator.
I am really tired of US junk...
and making humanbeings to stupid robots.
European companys just except that "the dominant player"
realize important
facts about Windows Vista and competition.
http://news.com.com/European+rivals+turn+wary+eye+on+Microsoft/2100-7350_3-6120476.html
But of course we can throw out MS Windows and instead
running Suse Linux and
Open Office, no problem. Look at Munich, Germany.
http://news.com.com/2100-1016-1010740.html
But now we have great engineers in Redmond and also great
software but
maybe stupid leadership so it is maybe impossible to
overcome these small
steps I believe it is to change.
- Remove all stupid offers from MS, users must think themselves.
- Clear all API questions.
- Make it possible to switch off WD
- Discuss the patchguard openly
- Bitlocker
It´s a real shame that your DOJ is sleeping beacuse of Mr Bush.
P
plun
Bitman skrev:
Well.... sound really scary...
Every major protection vendor works with large databases with
classified executables....I have send tons of them to my vendor.
Let MS decide whats OK > really stupid.
I don´t remember which James Bond movie it was when a
media mogul wanted to rule the world ?
Maybe to go directly to Intels La Grande or IBMs Blue
Secure...
Well.... sound really scary...
Every major protection vendor works with large databases with
classified executables....I have send tons of them to my vendor.
Let MS decide whats OK > really stupid.
I don´t remember which James Bond movie it was when a
media mogul wanted to rule the world ?
Maybe to go directly to Intels La Grande or IBMs Blue
Secure...