Can anyone please tell me, does GW use sandboxing, hash values, or other such techniques to prevent tampering?
We have a few different self defense options that aren’t sandboxing or hash values.
-
If you go to our top left menu and choose “settings” you’ll see that by default the settings are locked down by your admin password, so nobody can change them if you keep them locked.
-
Our firewall rules should revert back if they are changed by another application. Users requested this many years ago and it should be implemented successfully on most Windows versions.
-
If our UI is killed our Windows Service should still run and have data, and our firewall rules should continue to block even if our UI/Service are BOTH killed, and even on startup before GlassWire starts.
Thanks for using GlassWire.
Thanks Ken,
Is Sandboxing or any other form of virtualization something the devs have or are considering? I’m no expert and I’m not even sure it is possible but it sure sounds like a good idea. (I use Qubes OS also so compartmentalization is kind of my thing.)
If not, is there a way I can periodically verify the integrity of GW independently? I really like what I have seen of it so far and will probably purchase a license either way but without some kind of assurance that things are on the up and up I will not be getting that warm-and-fuzzy feeling I look for in a defensive tool.
How about some kind of encryption, does GW prevent someone from just dropping their IP into the code to ignore? If that makes sense…
We aren’t an antivirus so I’m not sure if sandboxing is possible. Also I think it might use too many resources. I don’t think anyone has ever requested that so I don’t think it’s in our plans.
GlassWire does this to itself and to all the apps on your PC that connect to the network. If GlassWire’s hash changes, info changes, or certificate changes you’ll be alerted to this fact by GlassWire. When you do updates you’ll notice this type of alert with GlassWire. GlassWire also alerts you to changes with any other apps installed on your PC that connect to the network. Many of our fans like this feature because they can see when their apps update in the background.
GlassWire doesn’t just alert you to version changes, but it should alert you if the hash changes or if the app becomes unsigned, etc…
I don’t think it would be trivial to modify our database of hosts, but I’d guess if someone has that kind of access to your PC it wouldn’t matter much at that point anyway.
Gotcha. I like the UAC controls on the settings and the client file in App data seems to be at least somewhat obfuscated although the theme is stored in plain text and I’ll have to purchase to see how the rest are handled. I suppose I could generate a hash for the program files and App data file and schedule a task to check that or every now and then. I feel warm and fuzzy enough to buy it for a year at least.
-Cheers,
DK
“Analysis paralysis got you down? Don’t overthink it, Drag Knuckle.”
1 Like