We have complied a new build (1212.614.228) of Oupost Security Suite with some significant fixes. It's now downloadable from the same page as before: http://www.agnitum.com/products/security-suite/rc.php.
You may also see the history of changes here.
Thanks to all beta testers and enthusiastic contributors!
Alexey Belkin
Chief Software Architect
Agnitum Ltd.
Wednesday, April 25, 2007
Wednesday, April 18, 2007
Outpost Security Suite Pro – release candidate nominated
We are on the final stretch of the race for the official release of Outpost Security Suite Pro. Here’s the penultimate step - the downloadable release candidate - which is as close to the final product as we will get before the actual ship date. It’s available for download at Agnitum's web-site.
First and foremost, thanks to our dedicated developers and volunteer beta-testers, we’ve fixed a number of bugs and made some further improvements to the software. Thanks, everyone!
What’s new in this build?
In addition to the bug fixes and small improvements, we’ve added more flexibility to the Suite controls. A couple of these caused some controversy amongst our testers:
1) ‘Are you guys planting rootkits on my PC?’ That’s what we heard from concerned users who scanned their hard drives for malware and found two strange-looking files: OP_CACHE.ATR and OP_CACHE.IDX. Anti-rootkit programs alerted on these files, which were hidden from directory listings but could be seen in a manual search. If someone really wanted to read the code, they wouldn’t find anything malicious – OP_CACHE.ATR and OP_CACHE.IDX are index files that help Outpost Security Suite store data about previous scans for every folder. This technique is used to cache antivirus and antispyware scan statuses for all files, increasing the overall scanning speed dramatically as unchanged files don’t need to be scanned again. If a file changes, or the malware signature database is updated, the cache is reset and the files will be rescanned next time.
If you don’t want to use this function, you can disable it; while we recommend leaving it active for performance reasons, it’s not required by the program and disabling it will not affect your protection.
2) In the beta version of Outpost Security Suite Pro, files were scanned “on execution” – i.e., when the execution procedure is started. The release candidate provides a second option: “on access attempt” scanning - in this case, any attempt to open a file will initiate a malware scan of that file as an additional layer of protection for really sneaky malware. The on-access attempt scanning adds a little performance overhead, so try it out and see whether the trade-off is worth it for you.
Of course, this version also underwent other minor changes, none of which affect the core functionality. We encourage you to try this latest pre-release build and let us know your opinions. There’s always room for more comments - positive and negative - we can always learn something from our users!
Alexey Belkin
Chief Software Architect
Agnitum Ltd.
First and foremost, thanks to our dedicated developers and volunteer beta-testers, we’ve fixed a number of bugs and made some further improvements to the software. Thanks, everyone!
What’s new in this build?
In addition to the bug fixes and small improvements, we’ve added more flexibility to the Suite controls. A couple of these caused some controversy amongst our testers:
1) ‘Are you guys planting rootkits on my PC?’ That’s what we heard from concerned users who scanned their hard drives for malware and found two strange-looking files: OP_CACHE.ATR and OP_CACHE.IDX. Anti-rootkit programs alerted on these files, which were hidden from directory listings but could be seen in a manual search. If someone really wanted to read the code, they wouldn’t find anything malicious – OP_CACHE.ATR and OP_CACHE.IDX are index files that help Outpost Security Suite store data about previous scans for every folder. This technique is used to cache antivirus and antispyware scan statuses for all files, increasing the overall scanning speed dramatically as unchanged files don’t need to be scanned again. If a file changes, or the malware signature database is updated, the cache is reset and the files will be rescanned next time.
If you don’t want to use this function, you can disable it; while we recommend leaving it active for performance reasons, it’s not required by the program and disabling it will not affect your protection.
2) In the beta version of Outpost Security Suite Pro, files were scanned “on execution” – i.e., when the execution procedure is started. The release candidate provides a second option: “on access attempt” scanning - in this case, any attempt to open a file will initiate a malware scan of that file as an additional layer of protection for really sneaky malware. The on-access attempt scanning adds a little performance overhead, so try it out and see whether the trade-off is worth it for you.
Of course, this version also underwent other minor changes, none of which affect the core functionality. We encourage you to try this latest pre-release build and let us know your opinions. There’s always room for more comments - positive and negative - we can always learn something from our users!
Alexey Belkin
Chief Software Architect
Agnitum Ltd.
Wednesday, April 11, 2007
Interview with an anonymous hacker
Agnitum has been doing a little research into the activities of the web's so-called "black hats" (hackers and the like), and have spoken with a few of them here in St Petersburg, Russia, on condition of anonymity. This article and interview is a composite based on input from several individuals.
Read more at Agnitum's Security insight page.
Igor Pankov
Product Marketing Manager
Agnitum Ltd.
Read more at Agnitum's Security insight page.
Igor Pankov
Product Marketing Manager
Agnitum Ltd.
Tuesday, April 10, 2007
Windows Vista – friend or foe?
It seems you can’t open a newspaper or magazine without reading something about Microsoft Vista - in fact, it seems like the name itself was prescient - we are seeing a veritable vista of articles about Vista. As a security solutions vendor focused on Microsoft technologies, we have publicly expressed our opinion about the firewall and kernel patch protection issues associated with Vista in previous postings. This time, we thought we would take a look at Microsoft’s and Agnitum’s business interests - where they differ, and where they converge.
In a nod to Microsoft’s undeniable marketing prowess, we’ve decided to address these as the below “five Ps” (anyone who has ever studied marketing knows that the core of marketing theory is built around a concept called the “four Ps” - but ours are a little different from the originals).
1. Price
A complete personal user license for Vista is priced at $199. If you’re upgrading from a previous version, that price comes down to $99.95. But of course the price of the operating system is just the beginning. Most people will also need to upgrade their hardware (or buy a whole new PC). For a short period (which ended last month) some users were able to get an “Express Upgrade” from their hardware vendor, but that is no longer an option. Of course, like Microsoft, Outpost wants to keep its customers (and keep its customers happy), that’s why we provide ongoing upgrade subscriptions. Unlike Microsoft, we don’t ask our customers to spend more than the advertised price of the subscription.
2. Pitch
How do you decide it’s time to abandon the tried and true XP and move to Vista? At this time, with relatively few Vista-compatible products on the market - at least Vista-compatible products that have been thoroughly tested - you’re unlikely to be tempted by exciting new applications available only for that platform. However, as noted earlier, the media is writing about Vista constantly, so the feeling is bound to grow in the user community that this is a technology one must have, rather than one that would be nice to have. And there are other messages coming through other channels that are designed to influence your buying timetable. No doubt about it, the Microsoft marketing machine is a force to be reckoned with. Very few software companies (and Agnitum is not one of them) have the luxury of spending this much marketing money to maintain or increase market share.
3. PRESSure
Of course, as soon as Vista shipped, every software vendor was being asked when their products would be Vista-compatible. This PRESSure (and yes, much of it comes from the press) is particularly felt by us security vendors, since Vista purports to be the most secure version of Windows yet. Which in turn means it is harder than ever for third party security vendors to ensure that their products are fully compatible with Vista over the long term. That’s why we are spending so much time testing and debugging our Vista-compatible products - we don’t want to deliver something that works now, but will break when Vista security is patched (as we know it will be - and long before the first service pack comes out).
4. Protection
Many third-party vulnerability monitoring sites and services such as Secunia’s reports are already reporting multiple unpatched vulnerabilities in Vista and problems with the included firewall and other “security” measures. Although Vista is significantly less vulnerable than XP, it’s important to remember that operating systems are designed to do many different things, whereas a company like Agnitum produces products designed to do one thing - protect Windows PCs. We admit to being on the side of the “best of breed” advocates, rather than the “good enough” crowd when it comes to system security.
5. Porting
We cheated a bit with this heading, as porting is usually used to describe moving code between operating systems and we want to talk about people moving between operating systems. But we couldn’t think of a synonym for migration that started with ‘p’ …
As Steve Ballmer, Microsoft CEO, put it: “I'm really excited about how enthusiastic everybody is about Vista. But people have to understand that some of the revenue forecasts I've seen out there for Windows Vista in fiscal year 2008 are overly aggressive." Third-party opinion seems to support that view. Here are a couple of excerpts from related surveys:
“According to a survey by Boca Raton, Fla.-based Amplitude Research conducted on behalf of Albuquerque, N.M.-based security firm VanDyke Software, more than half of respondents said they have no plans to deploy Vista when it comes out, despite all of the security improvements that Microsoft says will be baked into the operating system”. (SearchCIO.com)
Gartner research indicates “that Vista will be running on less than 10 percent of PCs in the installed base by the end of 2007, rising to 29.3 percent in 2008, 50 percent in 2009 and 67.7 percent by the end of 2010”.
We also conducted our own survey on migration intentions among our user base and will post the results here shortly - we don’t expect the results to differ much from other results.
And what does all of this tell us? It tells us that
Mikhail Penkovsky
Global Vice President of Sales and Marketing
Agnitum Ltd.
In a nod to Microsoft’s undeniable marketing prowess, we’ve decided to address these as the below “five Ps” (anyone who has ever studied marketing knows that the core of marketing theory is built around a concept called the “four Ps” - but ours are a little different from the originals).
1. Price
A complete personal user license for Vista is priced at $199. If you’re upgrading from a previous version, that price comes down to $99.95. But of course the price of the operating system is just the beginning. Most people will also need to upgrade their hardware (or buy a whole new PC). For a short period (which ended last month) some users were able to get an “Express Upgrade” from their hardware vendor, but that is no longer an option. Of course, like Microsoft, Outpost wants to keep its customers (and keep its customers happy), that’s why we provide ongoing upgrade subscriptions. Unlike Microsoft, we don’t ask our customers to spend more than the advertised price of the subscription.
2. Pitch
How do you decide it’s time to abandon the tried and true XP and move to Vista? At this time, with relatively few Vista-compatible products on the market - at least Vista-compatible products that have been thoroughly tested - you’re unlikely to be tempted by exciting new applications available only for that platform. However, as noted earlier, the media is writing about Vista constantly, so the feeling is bound to grow in the user community that this is a technology one must have, rather than one that would be nice to have. And there are other messages coming through other channels that are designed to influence your buying timetable. No doubt about it, the Microsoft marketing machine is a force to be reckoned with. Very few software companies (and Agnitum is not one of them) have the luxury of spending this much marketing money to maintain or increase market share.
3. PRESSure
Of course, as soon as Vista shipped, every software vendor was being asked when their products would be Vista-compatible. This PRESSure (and yes, much of it comes from the press) is particularly felt by us security vendors, since Vista purports to be the most secure version of Windows yet. Which in turn means it is harder than ever for third party security vendors to ensure that their products are fully compatible with Vista over the long term. That’s why we are spending so much time testing and debugging our Vista-compatible products - we don’t want to deliver something that works now, but will break when Vista security is patched (as we know it will be - and long before the first service pack comes out).
4. Protection
Many third-party vulnerability monitoring sites and services such as Secunia’s reports are already reporting multiple unpatched vulnerabilities in Vista and problems with the included firewall and other “security” measures. Although Vista is significantly less vulnerable than XP, it’s important to remember that operating systems are designed to do many different things, whereas a company like Agnitum produces products designed to do one thing - protect Windows PCs. We admit to being on the side of the “best of breed” advocates, rather than the “good enough” crowd when it comes to system security.
5. Porting
We cheated a bit with this heading, as porting is usually used to describe moving code between operating systems and we want to talk about people moving between operating systems. But we couldn’t think of a synonym for migration that started with ‘p’ …
As Steve Ballmer, Microsoft CEO, put it: “I'm really excited about how enthusiastic everybody is about Vista. But people have to understand that some of the revenue forecasts I've seen out there for Windows Vista in fiscal year 2008 are overly aggressive." Third-party opinion seems to support that view. Here are a couple of excerpts from related surveys:
“According to a survey by Boca Raton, Fla.-based Amplitude Research conducted on behalf of Albuquerque, N.M.-based security firm VanDyke Software, more than half of respondents said they have no plans to deploy Vista when it comes out, despite all of the security improvements that Microsoft says will be baked into the operating system”. (SearchCIO.com)
Gartner research indicates “that Vista will be running on less than 10 percent of PCs in the installed base by the end of 2007, rising to 29.3 percent in 2008, 50 percent in 2009 and 67.7 percent by the end of 2010”.
We also conducted our own survey on migration intentions among our user base and will post the results here shortly - we don’t expect the results to differ much from other results.
And what does all of this tell us? It tells us that
- Microsoft is a very effective marketer
- Users welcome the concept of a more secure operating system, but many are waiting for proof before they spend money on the necessary new or upgraded hardware
- There is no rush to create Vista-compatible versions of software, because customers choose the applications they want to run before they choose the platforms they want to run those applications on.
Mikhail Penkovsky
Global Vice President of Sales and Marketing
Agnitum Ltd.
Monday, April 02, 2007
Just how bad is the spam problem?
We got an ironic first-hand look at how conventional anti-spam products fail when we announced Spam Terrier (see the previous post).
Agnitum distributed the news release via newswire and via personal email messages to editorial contacts. A large number of the email messages were either not delivered or blocked as junk mail, apparently because the message contained the word "spam" in the subject line - and the body of the message referred to "Nigeria," "replica watches," "sex drugs" and other keywords that triggered system blocks.
Clearly, conventional spam filters were not addressing the message intelligently, given that a trust relationship already existed between the sender - our PR agent - and the recipients - his media contacts. And, in some cases even when the emails were successfully delivered, they caused some unexpected reactions, such as this one from Kelly Jackson Higgins, Senior Editor at Dark Reading:
“At first I thought the announcement of Agnitum's free Spam Terrier anti-spam tool for Outlook and Outlook Express was some kind of joke (or spam).”
Which illustrates just how much of the email we receive each day is presumed to be dangerous, or a waste of time, or an invasion of your life, your privacy, your work. That's an important lesson for Agnitum as we continue to develop security products.
Mikhail Penkovsky
Global Vice President of Sales and Marketing
Agnitum Ltd.
Agnitum distributed the news release via newswire and via personal email messages to editorial contacts. A large number of the email messages were either not delivered or blocked as junk mail, apparently because the message contained the word "spam" in the subject line - and the body of the message referred to "Nigeria," "replica watches," "sex drugs" and other keywords that triggered system blocks.
Clearly, conventional spam filters were not addressing the message intelligently, given that a trust relationship already existed between the sender - our PR agent - and the recipients - his media contacts. And, in some cases even when the emails were successfully delivered, they caused some unexpected reactions, such as this one from Kelly Jackson Higgins, Senior Editor at Dark Reading:
“At first I thought the announcement of Agnitum's free Spam Terrier anti-spam tool for Outlook and Outlook Express was some kind of joke (or spam).”
Which illustrates just how much of the email we receive each day is presumed to be dangerous, or a waste of time, or an invasion of your life, your privacy, your work. That's an important lesson for Agnitum as we continue to develop security products.
Mikhail Penkovsky
Global Vice President of Sales and Marketing
Agnitum Ltd.
Subscribe to:
Posts (Atom)