Get Firefox!

Sunday, November 20, 2005

Safe’n’Sec Personal Version 1.1 Review


Just like AntiHook Safe’n’Sec promises to be the next generation security software, mainly come to add some horsepower to our weak AV, however can even (carefully) installed without any other Security software (maybe only personal firewall), the main idea behind Safe’n’Sec is very similar to AntiHook and is that anything and everything can damage your OS, so the software basically catch every move in the system, from DLL loading, Global Hooking and even Driver installation.
Star Force tried to be smarter and add a nice feature that ingrate the Safe’n’Sec with a Anti Virus (OEM), indeed a great and very needed supplement.

Lets hope that Safe’n’Sec doesn’t have the Management issues like AntiHook and will not becomes a hassle to work with the computer that every time an annoying alert (popup or some kind of message) comes and ask you a question regarding some operation in the system, many times you don’t even understand what is going on.Installation
Nothing to it, a simple windows installation.

General operation

Just like the case of AntiHook This is the complex part, as seen before many HIDP like AntiHook and others Safe’n’Sec has the same problem.
Management and day to day work, I did hope that Safe’n’Sec will be able to overcome this issue, it does seems that they did a better job then AntiHook team.

There is no doubt that Star force dev team did try to change this status, first a better looking UI, with a nice summary regarding to what is protected and not, however it does seems that in my two testing computers the UI has crushed many times living you in a idiotic stage, you cant administer the product (you lose control over you computer)

Regarding the Management in general , Star force team again did a nice work, the look and feel give you a more comforting feeling (not like in AntiHook and BufferZone), the management is very easy you get much information about the Process running in what stage, like Trusted, partially trusted or restricted.

Alerts are more intuitive, however yet again they give much info that only computer savvy guys will understand, one thing I didn’t understand it’s what happen after I choose a way of action, like when I get an alert and I choose to allow the process to do something, I didn’t find a place where I can change this rule, meaning no Rule editor or am I mistaken, cant I change things I did … it’s like shooting your self in the kneecap.
Star force did had an ability to control the Activity control module, by default it is Strict and that cool m does give you a good security (at least that what I saw) , however when moving it to total, the computer get Crazy and you got like 100 alerts from any process that the computer can think about and then you cant go back to the management console till you answer all alerts, you cant change it back… it’s very annoying .

I can give a thumbs up for the idea to integrate it with a AV scanner, so you can scan from the product anything … it’s a great idea but nevertheless you still need to buy the Safe’n’Sec package with the AV

Security tests

I did many security tests, mostly using well known Trojan and Security test products, thus are the resultsNote: Pass = Safe’n’Sec blocked it, Fail = Safe’n’Sec didn’t was able to stop or catch it.

trojdemo - pass

procx = pass

leaktest1.2 = pass

Advance process termination = fail - kill 2,5,6,7

PcAudit = pass

PcAudit 2 = Fail

Ghost = pass

Copycat = Fail

AWFT = pass

tooleaky.exe = pass

regtest (ghost) = fail

zapass.exe = fail

WMI_Start_Notepad.vbs = Fail


I think that first thing Star Force should deal with the Security issues they have in the product, after all it’s a security product. The Safe’n’Sec suite is better then AntiHook regarding to UI and also much BufferZone, in the security section it’s a different story , first if you want total control over all aspects in the product and security in your PC go AntiHook, if you want a mix of it Go BufferZone, if you are an computer noob, go Safe’n’Sec

Grade = 7/10


Post a Comment

<< Home