In current updating implementation old Glasswire is being uninstalled first, then new version is installed.
Such implementation have serious vulnerability as it allows any blocked application to access Internet during this “short” Firewall downtime. Even if we are talking about some seconds of Firewall downtime, it should not be applicable for paid security software.
Please implement seamless update procedure so blocked applications will not access internet during Glasswire update.
well, GlassWire used Windows’ own firewall - the firewall doesn’t really goes down
@ZMe_UI, good point.
Can anyone confirm that there are no problems with leaks during the upgrade process. I’ve never bothered to test it because I don’t use the firewall feature of GlassWire.
In order to prevent this, I often turn down my internet connection after I’ve downloaded the setup and before the installation of it.
@ZMe_Ul, yes, I am aware of what you say. But as you know Windows Firewall defaults are set to allow any application to do outbound connections:
It means that once you initiate Glasswire update, applications will have access to Internet and this exactly what happened in my case. I personally don’t want any telemetry data to be sent to Microsoft so I blocked this in Glasswire. The problem is telemetyr data is continuously being collected and is waiting for being sent out once there is possibility for that. So during Glasswire update all such data was sent out. As I have 100Mbit internet connection speed, you may imagine how much data can be sent out in 10 seconds.
@Remah there is leaks during updating, and for me this is serious security issue.
@Manuzuel now I am doing same way because I am now aware about possible leaks during update. But there might be hundreds of Glasswire users that don’t aware about this issue and believe updating will not affect their privacy.
The minimum what should be done here is at least add some information window that tells user during update to turn off Internet connection during update.
Thank you for your report. Our dev team just tested this scenario and here is what we found:
We blocked Chrome in GlassWire, then stopped the GlassWire service as it would happen with a software update and it stayed blocked.
The reason you show allowed outgoing connections is because we block per app if the user is in “click to block” mode, otherwise you will get a pop-up from Windows that Windows Firewall is off.
@Ken_GlassWire thank you and DEV team for spending time on this.
I think the issue I faced is caused by Glasswire asks for permission every time Internet source is changed
I will try to reproduce on separate virtual machine.