HackerTrans
TopNewTrendsCommentsPastAskShowJobs

FoolishTech

no profile record

comments

FoolishTech
·5 anni fa·discuss
VBS and PY extensions are included in what is blocked...
FoolishTech
·5 anni fa·discuss
wow, I hadn't researched in a while, but that looks sketchy. I purchased one that cheap some time around 2011 and the company ended up having certs revoked and went out of business, and the next best thing I found was digicert at a fraction of the cost of the comodo and the like.

they do have EV for $350/annual or $750/3 year cert so I might try that it is certainly cheaper than digicert.

and yes EV is good for more than drivers, it allows EXEs to bypass smartscreen prompts that would otherwise trigger on standard certs that have to go through reputation checks in smartscreen.
FoolishTech
·5 anni fa·discuss
by default %programfiles% and %programfiles(x86)% are whitelisted, so for most users pretty much that's exactly what they will do with Lockdown, launch it click Enable and that is all that needs to be done. Granted you do need to worry about specifically whitelisting programs not installed to those locations, which are few if any for most people, and actually it wouldn't be a bad feature idea to add an automatic scan for them since some apps insist on running from nested %appdata% folders...
FoolishTech
·5 anni fa·discuss
I'm interested in where you can you get a code certificate for $99? My renewal is coming up and I'm paying $699/annual for a extended validation cert; I'm willing to consider a standard cert but even they are $499/annual. Buying a 3 year cert provides very little discount... that 3 year ev cert on Lockdown and my other apps is a $2000 deal.
FoolishTech
·5 anni fa·discuss
ahh, an oversight indeed. the installer is signed now.
FoolishTech
·5 anni fa·discuss
not quite "two billion" lol and the cheapest I know of is Digicert. You're looking at $499/year or$699/year for the extended validation cert (this is a higher quality cert that passes more security checks.) What is this validation you ask? All kinds of identity verification on the business and it's owner to ensure they are who they say they are and they are located where they say they are. The idea is that bad actors aren't willing to pay $$$ annually for any reason much less to expose their identity. Lockdown uses the EV cert.
FoolishTech
·5 anni fa·discuss
SRP isn't Applocker, and Lockdown IS in fact digitally signed... By your rationale it would be a bad idea to use most any software worth using. Also what if the tool were open source would you use it then, or would you not be able to "verify" that I wonder. Not everyone can verify PS scripts either, so what would be the recommendation for those who couldn't?