Hi,
is there any selfprotection mechanism for MBAM???
So far:
1. I can manualy delete ANY registry key of MBAM to make it unoperational.
2. Anyone using my computer can uninstall or modify any setings for MBAM (no password protection)
3. IoBit , according to a previous post , can copy and use the whole MBAM database.
4. " Do Not Steal Our Software" can gerate infinite working keys for MBAM
I think you should do something about it......
Paula
Full Version: How MBAM protects itself
paula, most of what you mentioned is impossible to prevent, and self-protection mechanisms can not only cause slowdown issues on users computers but also add the potential for conflicts with other security apps. We're here to fight malware, not to be super-controlling Nazis that try to take over your computer under the guise of keeping you protected.
As far as the password protection, that feature has been discussed in the past, but I am not aware of what the priority is on that feature. I do know that it is not in the roadmap for the next couple of versions, but things can always change in between then and now.
As for the database, if it was impossible to decrypt, then how would our own software be able to read it?
As far as the password protection, that feature has been discussed in the past, but I am not aware of what the priority is on that feature. I do know that it is not in the roadmap for the next couple of versions, but things can always change in between then and now.
As for the database, if it was impossible to decrypt, then how would our own software be able to read it?
QUOTE
4. " Do Not Steal Our Software" can gerate infinite working keys for MBAM
But these keys are blacklisted after a few updates.
You do not understand:
Hello Paula,
Please take this as a gentle reminder. This is not a forum for you to rant and rave about what you want. In most of your posts you seem to have some axe to grind or something and it's not welcome here. Please tone down your posting demeanor or your posting privileges will be removed.
Thank you.
Please take this as a gentle reminder. This is not a forum for you to rant and rave about what you want. In most of your posts you seem to have some axe to grind or something and it's not welcome here. Please tone down your posting demeanor or your posting privileges will be removed.
Thank you.
QUOTE (AdvancedSetup @ Nov 5 2009, 07:09 AM) 
Hello Paula,
Please take this as a gentle reminder. This is not a forum for you to rant and rave about what you want. In most of your posts you seem to have some axe to grind or something and it's not welcome here. Please tone down your posting demeanor or your posting privileges will be removed.
Thank you.
Please take this as a gentle reminder. This is not a forum for you to rant and rave about what you want. In most of your posts you seem to have some axe to grind or something and it's not welcome here. Please tone down your posting demeanor or your posting privileges will be removed.
Thank you.
Dear Sir,
You are absolutely right , and I appologize for that!
Is not anger, is only frustration to see how a pottentially good product- MBAM- is being killed by its developers!!!
I would be more interested in an answer regarding my initial post!
Thanks!
Paula
We deal with reality and the bulk of attacks are on preventing us from installing and we have several projects in the works to address this . I do the bulk of the live sample testing for our company all on a real system (no VM) and all with MBAM installed so I can honestly say at this point attacking our software once installed makes up about 1% of all attacks and thus is not the priority . The other 99% are based on blocking install .
As far as the database goes , any vendor can get the database of any other vendor in one day flat . We take apart code for a living , getting at a DB is trivial . It is illegal in most countries and THAT is the reason it is not usually done , it has NOTHING to do with self protection . The other reason it is not worth it usually is that each vendor has their own ways of doing things so other DBs will 1. not be compatible and 2. be tough to look at and completely understand . What IOBit did was very different . For reason yet to be explained by them , our DB was unusually compatible with their software .
As far as the database goes , any vendor can get the database of any other vendor in one day flat . We take apart code for a living , getting at a DB is trivial . It is illegal in most countries and THAT is the reason it is not usually done , it has NOTHING to do with self protection . The other reason it is not worth it usually is that each vendor has their own ways of doing things so other DBs will 1. not be compatible and 2. be tough to look at and completely understand . What IOBit did was very different . For reason yet to be explained by them , our DB was unusually compatible with their software .
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.