This piece of software protects your PC from Trojans, Viruses, worms, spyware, trojans and intrusions. It does not need updating because it does not use signature analysis. It removes the need for constantly patching your machine, running firewalls, updating virus/trojan/malware software. Best of all it is FREE for the home user...only in Beta form at the moment and for WINXP only.

I was with the vendors the other day and they showed me a demonstration of how it works in a corportate environment...fantastic stuff!

https://www.prevx.com/homeoffice/prevxhome.htm

I thought it was going to be an on/off switch!

Originally posted by balrog666
I thought it was going to be an on/off switch!

Or a copy of Linux ;)

Originally posted by Stumpy
I was with the vendors the other day and they showed me a demonstration of how it works in a corportate environment...fantastic stuff!So just how DOES it work? Holisticly?

It sounds too good to be true. So I suspect it is.

The web site claims that it automatically detects and prevents buffer overflows in existing code. It does not explain how. If that was possible they could make a fortune selling it as a debugging tool. I can think of no automatic way that buffer overflows can be distinguished from normal program activity. The code reads, the code writes. Some memory contains code, some memory contains data. Without analysis there's no way to tell one from the other. If the code writes over code - there's your exploit.

OK, two caveats: there are two ways I can think of to do this.

One is to stop using the x86 architecture and return to a more civilized age of computing (I'm thinking VAX, but my memory may be faulty) when every memory page was marked with attributes such as executable or read-only, and this was enforced in hardware. Code could not be run out of non-executable pages. That doesn't entirely fix the problem of buffer overflows - errm - the long explanation can wait for another day. No software package can change the underlying X86 processor architecture, so that's out.

The second is to run the code in a sandbox, basically emulating a PC within a PC. That could probably be made to work (for small values of "work") but it would make the whole shebang run very, very slowly.

Oh well - maybe they've really invented something spectacular. Like that compression algorithm that can compress any file to half its size.

Originally posted by Thumbo
Oh well - maybe they've really invented something spectacular. Like that compression algorithm that can compress any file to half its size. [/B]And do it again. And again. Pretty soon the file is only one byte. No, wait -- the world's ultimate compactor -- reduce all your files to a single bit!

Who needs PKZIP with it's wimpy compression scheme? :D

The web site claims that it automatically detects and prevents buffer overflows in existing code. It does not explain how. If that was possible they could make a fortune selling it as a debugging tool. I can think of no automatic way that buffer overflows can be distinguished from normal program activity. The code reads, the code writes. Some memory contains code, some memory contains data. Without analysis there's no way to tell one from the other. If the code writes over code - there's your exploit.

Hmm... brings back memories of being taught about the Halting Problem in Computer History.

David

Originally posted by Stumpy
This piece of software protects your PC from Trojans, Viruses, worms, spyware, trojans and intrusions. It does not need updating because it does not use signature analysis. It removes the need for constantly patching your machine, running firewalls, updating virus/trojan/malware software. Best of all it is FREE for the home user...only in Beta form at the moment and for WINXP only.

I was with the vendors the other day and they showed me a demonstration of how it works in a corportate environment...fantastic stuff!

https://www.prevx.com/homeoffice/prevxhome.htm

Can it change lead into gold too?

The web site claims that it automatically detects and prevents buffer overflows in existing code. It does not explain how.

I would very much doubt that they would. Perhaps the appropriate test would be to set up a test bed and run a buffer overflow and see if the software does what it claims, then contact them when/if it fails.

WinNT/XP does infact have memory permission attributes such as read, write, and execute.

Not sure if they actualy do much as far as the execute permission is concerned but I know I was unable to write self-modifying code without setting my code pages to writable using VirtualProtect() in kernel32.dll with the permission PAGE_EXECUTE_READWRITE

I presume the x86 protected mode architecture is what actualy handle it all - perhaps the execute permission is wishful thinking based on some optimistic hope that intel will impliment it?

I wonder if this is a phishing scheme to get email addresses. I mean, if it's a free download, why the "we'll email you the link" scheme?

Spidey sense is timgling here.

Regards;
Beanbag

I'm with Thumbo. Z/os architecture allows this but needs both hardware and software to do it - similar marking of storage, execution keys of programs, microcode checking of PSW flags etc etc. Even if they're patching XP storage management routines it still sounds as iffy as a very iffy thing.

Originally posted by Stumpy
This piece of software protects your PC from Trojans, Viruses, worms, spyware, trojans and intrusions. It does not need updating because it does not use signature analysis. It removes the need for constantly patching your machine, running firewalls, updating virus/trojan/malware software.

Sounds similar to Deepfreeze (http://www.faronics.com/) , a product in use here at our Learning Centre. I've been working with it for the past 2 years, and have no complaints so far.

RayG

Originally posted by RayG
Sounds similar to Deepfreeze (http://www.faronics.com/) , a product in use here at our Learning Centre. I've been working with it for the past 2 years, and have no complaints so far. By "no complaints," do you mean that it does what it claims to do?

If it's that fantastic, how come the world isn't using it in droves? Conspiracy by Symantec and McAfee? The gummint?

Originally posted by Sherman Bay
By "no complaints," do you mean that it does what it claims to do?

If it's that fantastic, how come the world isn't using it in droves? Conspiracy by Symantec and McAfee? The gummint?

I had never heard of it prior to coming to this Learning Centre, but I was the one that installed it on the new WinXP systems when they came in. We only have a very small network, 5 Win98 systems, and 7 XPs. All have Deepfreeze running on them and all are VERY efficient at keeping Trojans, Viruses, unwanted software, etc. etc. off the systems.

Unless turned off, it 'cleans' the 'puters of ANY nasties that were downloaded or installed whenever you reboot they system. In the two years I've been here, we've only had one virus, and that was my fault. (I connected to the net before installing and implementing Deepfreeze).

Bad Raymond, bad!!!

I did have one problem that was quickly resolved by their support staff, and it was caused by me screwing around with the system. I'd hazard a guess to say one reason it ain't being used by EVERYONE is 'cause it ain't free and it ain't cheap.

However, it DOES seem to do what they claim it can do (or not do as the case may be).

I believe an evaluation version can be downloaded for a 30-day trial period if you're interested in a test drive.

RayG

re deepfreeze.

The docs on the web site are a bit cagey, I guess because the concept is so simple they don't really want to be explicit about it.

This app just backs up the HDD then restores it on each reboot. Users could install software, save files, delete files, install trojans viruses etc and it will all be wiped on next reboot back to where it was when the system was "frozen".
Any organisation using it could quite easily get infrected with viruses but simply turning off all the PCs then restarting them will restore them to the unvirused state (must be ALL off or any one left can still infect the rest - perfect for libraries etc but no good for home use)

Originally posted by heath
re deepfreeze.

The docs on the web site are a bit cagey, I guess because the concept is so simple they don't really want to be explicit about it.

This app just backs up the HDD then restores it on each reboot. Users could install software, save files, delete files, install trojans viruses etc and it will all be wiped on next reboot back to where it was when the system was "frozen".
Any organisation using it could quite easily get infrected with viruses but simply turning off all the PCs then restarting them will restore them to the unvirused state (must be ALL off or any one left can still infect the rest - perfect for libraries etc but no good for home use)
Sounds a lot like XP's "restore" function. That's saved my bacon a time or two.

Originally posted by heath
re deepfreeze.

The docs on the web site are a bit cagey, I guess because the concept is so simple they don't really want to be explicit about it.

Kinda like KFC and its 'secret recipe'? The simplicity is one of the aspects I like about the program. I install it and forget about it. It runs quite nicely in the background, preventing unwanted changes to the school's systems.

This app just backs up the HDD then restores it on each reboot. Users could install software, save files, delete files, install trojans viruses etc and it will all be wiped on next reboot back to where it was when the system was "frozen".

Exactly. I don't have to worry about kids coming in and hacking into our computers, nor do I have to worry about trojans or viruses. We have the corporate edition of Norton AV sitting on the shelf unused.

Any organisation using it could quite easily get infrected with viruses but simply turning off all the PCs then restarting them will restore them to the unvirused state (must be ALL off or any one left can still infect the rest - perfect for libraries etc but no good for home use)

Well, if you never turn off your computer there's little sense in installing the program. Here at the school, all the computers are turned off each night, ensuring we have a 'clean' slate each morning.

Is the program perfect? No. Which one is? Is it effective for our use here at school? You betcha.

RayG