back

What would you want removed from WSA as it is? Outside of the "Complete" features like Backup & Sync/Password Management, everything else has been built in intentionally from a security perspective.

 

Removal of firewall, identity theft, password, backup, optimizer/cleaner. Simply have a web filter, and malware checker.

If you guys forked off WSA with something 'lite' like this, a MBAM type product you'd make a killing. A few bucks a year for something to 'enhance' other products, and half the world would run it. Toss on a slick new Metro style interface and roll with it.

Marketing genius right there. Call it Webroot Malware Master "WMM".. Hehe. This would satisfy people that miss PrevX. It would draw in people that want a MBAM alternative that's just a little stronger with cloud features, and it would provide a super slim, lite alternative to people that feel WSA has too many options. WIN!

 

Sorry DoctorPC, can't agree with any of this.
To me, what you propose is offering a 'butchered', ineffective 'shadow' of what is intended in WSA.

It is intended, if desired, to complement other security software, and has enormous, widespread compatibility.

The product was greatly simplified for the 2014 release, and under normal circumstances should require very little user-intervention, if that's what's required.
For vast majority of installations, and any I've seen, the resource usage is plainly wonderful in its lightness.
This is what users find, and it's a pity that you don't seem to have had a good introduction experience with WSA.

 

yes, makes little sense considering how WSA works. A sort of "limited" or "weak" WSA not really a "light" version... not useful unless you mean something free to use as a on-demand scanner. But using WSA as on-demand scanner will only have limited detection and very limited efficacy as WSA work on behaviour not simply on signature.

If you simply use the AV version, you will get rid of all non security related features (password, backup, cleaner/optimizer) while the rest is built-in as part of malware protection mechanisms (cut off of communication in case of malware detection = Firewall, jamming/locking leakage of data in case of infection= identity theft, restate clean files and configuration=journaling feature)

 

Nooooooo

 

WSA is already a lite av version in any sense. A 'slick new Metro style interface' would make most people avoid WSA as many people still can't accept Metro in Win 8 and like Win 7 better. They also try to skip Metro in Win 8 in any way possible. A MBAM type product would be a killing for sure. A killing for WSA and Webroot. It would never draw attention of people who miss PrevX let alone satisfy. Rather it would diminish and destroy any chance of continuing the legacy of PrevX in a better form.

Removal of firewall, identity theft, password, backup, optimizer/cleaner and simply have a web filter, and malware checker would not only ridicule Joe, his PrevX team and the Webroot team but also the whole Webroot user community and former PrevX users.

 

is there nowhere that webroot can be tested, even on malware tips website it does not score good!!

 

It would be nice to see even a minimal test so we can see how it works when a zero day isn't caught on the first pass. It would also give users and non users (potential customers) a better idea how it works.

 

I was talking to Grayson (Grayson Milbourne Director, Security Intelligence Webroot.)and something is in the works but he couldn't elaborate any other info but they are working on it.

TH

 

Webroot is very good, so light and yet effective, my only problem with it is browser speed.

I fell some lag, some strange delay in Chrome/Firefox with Webroot installed (new filter problems?).

 

Thanks!

 

Yes same problem here. I've disabled the add-on and now browsing is much faster in FF. The new web shield is particularly slowing down browsing in Win 8.1 as I find browsing to be normal in Win XP on my desktop. I've already reported it to the Support and they're aware of it but couldn't reproduce it whatsoever.

Maybe if you could also report your problem to the Support they would get more info on the problem.

 

I will contact the Support later and see what they can do, we are not alone with this problem ...

https://www.wilderssecurity.com/showpost.php?p=2320813&postcount=35

https://www.wilderssecurity.com/showthread.php?t=357544

 

If a file is not known by WSA in a scan, why cant it be uploaded and executed in the cloud to check it´s behavior immediately?
Why wait for the user to execute?
It seems you will collect information regarding unknowns that much faster this way?

/E

 

No files are uploaded into the system I guess for obvious reasons of impacts on the user, impacts on the remote servers, impact on the bandwith and privacy issues. Only hashes and behaviour end points. Also malware is often implementing evading mechanisms if executed in virtual environments (built in delay on execution, routines to detect vm, etc) with results not necessarily representative.

 

Oh I see. Good to know we are not alone. The Support said since they couldn't reproduce the problem they would need more info on it and in the meantime offered me the solution of disabling the add-on, even disabling the entire Web Shield if necessary. I hope they can reproduce and fix the problem soon. I tend to open several tabs and being stuck at a tab while the others are loaded is a no no.

 

Yes, running in a VM would not work 100%. But the impact of the servers and bandwith cant be that serious, you only upload the 1st unknown file. (See HitmanPro)
Privacy issues, yes, but this could be up to the user to enable this feature if it existed.

/E

 

If WSA would be HitmanPro that you would be correct. However, this is not how WSA works. So you are looking for a functionality in WSA (signature based + multiple AV engines + some extent of in-house heuristics) that is not the main focus of WSA

I know that most users here have been used to the same type of technology with variations over the years..so its not easy to think out of the box and move away from the temptation to pretend that a tool does the same job of another tool.

Therefore we keep having this discussion about why WSA is not tested, why in test its scoring differently, why it can't do what Y do... etc.

 

I was only referring to HitmanPro in the way they collect and upload new unknown samples, nothing else.

/E

 

So you want to upload the entire file and next? The approach simply clash with how WSA works... and back to my previous explanation...