I'm questioning this because if that's true, this is indeed a great idea. I know that some (maybe similar) technique is used by win7 activator and M$ can't do anything about that either. You can install any win7 version as OEM and it passes win genuine without any problems.D1G1T@L wrote: @ tonecool -
Yes I am sure about this statement, but since you are questioning it, I was wondering if you have an opinion or knowledge to the contrary. If thts the case then feel free to contribute them to this thread.
New 64-bit root-kit gave me an idea...
ms security certificates
@tzuk
why you did not receive security certificates from microsoft to bypass patchguard? with these certificates sandboxie can run with full ring0 access...
many vendor like agnitum ,kaspersky and so on has for their Programs Microsofts Certificates...
ask microsoft to receive your own certificate =)
why you did not receive security certificates from microsoft to bypass patchguard? with these certificates sandboxie can run with full ring0 access...
many vendor like agnitum ,kaspersky and so on has for their Programs Microsofts Certificates...
ask microsoft to receive your own certificate =)
I totally agree with you tzuk.tzuk wrote:Legitimate software can't afford to do something like that. How would it look like if Sandboxie did that and then some rootkit scanner started warning you that your system has been compromised most likely by a rootkit. Well, I can tell you, it wouldn't look good for Sandboxie.
Don't you other guys remember what happened when SONY tried using legitimate root kits? Then google it. I'm one of those who still has that in mind when reading about this idea.
Re: New 64-bit root-kit gave me an idea...
You could have a look at MBRguard for 32 bit installs?securityphreak wrote:There are now root-kits that hi-jack the Master Boot record in order to load their drivers into windows, and hide themselves.
http://www.blueridgenetworks.com/suppor ... bguard.php
Tested against Seftad Ransomware sample and MBRguard protects.
http://windows7forums.com/security-zone ... ecord.html
Hunting the Hunter!
Sandboxie protects against everything that I have thrown at it and yes I should of stated that the Seftad Ransomware sample is contained if run sandboxed.kNOLOGY wrote:Sandboxie already protects the MBR oneder...
MBRguard could be a usefull install where the user is too lazy to use a decent security app like Sandboxie.
Hunting the Hunter!
The only problem that happened when Sony tried to use their rootkits is that they didn't tell people that they were using them. Actually, know that I think about it, I can think of a few more problems. One, it was badly written. I trust tzuk to write code, considering I'm trusting him with my system! I would hope he could do better (as in, not hide any file that starts with $sys$, for instance). Second, they didn't offer an option for users not to install it. If you didn't install the rootkit, the average user wasn't able to play the music on the disk.
Sure, you could say, "But, they had to tell you what they were doing in the EULA, that they DID present to users, and the USERS did click "I Accept"." My idea of this is, hey, you are probably security minded. Do YOU read through those EULAs? Didn't think so. Do you think you could understand the roundabout, legalize way that they would put, quite simply, "We're going to put a rootkit on your system so that we can know if you are copying our music?" Didn't think so. I like this idea. It's a little old now, but, hey, I think it could work. Please, tzuk, we need it!
Sure, you could say, "But, they had to tell you what they were doing in the EULA, that they DID present to users, and the USERS did click "I Accept"." My idea of this is, hey, you are probably security minded. Do YOU read through those EULAs? Didn't think so. Do you think you could understand the roundabout, legalize way that they would put, quite simply, "We're going to put a rootkit on your system so that we can know if you are copying our music?" Didn't think so. I like this idea. It's a little old now, but, hey, I think it could work. Please, tzuk, we need it!
I totally under stand where the developer is coming from. If Sandboxie was being detected as malware / rootkit would create a bad reputation pretty fast. Although, if the feature was never on by default and more of an Opt in, that would be something different. Everyone who would turn the feature on, even if they knew would they were doing would be prompted with a box that looks like this. (yes I was bored)
You're a little late to the party warwagon. Version 3.55 already has improved protection for 64-bit.
http://www.sandboxie.com/phpbb/viewtopic.php?t=10201
http://www.sandboxie.com/phpbb/viewtopic.php?t=10201
tzuk
Who is online
Users browsing this forum: No registered users and 0 guests