galaxykiss 2 Posted July 31, 2013 Share Posted July 31, 2013 The Live Grid is very effective and usefull for existing version of ESET products. But I believe it can be more usefull. The people, who is using HIPS and Firewall with both interactive mode, have some skill in dealing with threat when ESET shows a warning pop-up. But it will be better to have some "Suggestion" or "Recommendation", based on the Live Grid. Showing signature of the file only is not enough for judgement. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,693 Posted July 31, 2013 Administrators Share Posted July 31, 2013 Information from LiveGrid might be misleading in case of malware as they would show for the process malware is injected in, ie. not for the malware itself. That said, a user would see ESET recommending them to allow the action based on the data from LiveGrid but in fact they'd allow malware to perform its action. Link to comment Share on other sites More sharing options...
galaxykiss 2 Posted July 31, 2013 Author Share Posted July 31, 2013 Information from LiveGrid might be misleading in case of malware as they would show for the process malware is injected in, ie. not for the malware itself. That said, a user would see ESET recommending them to allow the action based on the data from LiveGrid but in fact they'd allow malware to perform its action. I believe this is also a good way to push you guys to improve the Livegrid. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,693 Posted July 31, 2013 Administrators Share Posted July 31, 2013 I believe this is also a good way to push you guys to improve the Livegrid. How? Malware running in memory may not exist on the disk. Link to comment Share on other sites More sharing options...
Patch 16 Posted August 4, 2013 Share Posted August 4, 2013 I had assumed the OP was suggesting ESET show live grid information, if available when a user prompted to create a rule in manual firewall or HIPS mode. Sounds to be a reasonable suggestion to me. Performance issues may dictate the user be required to click to request the livegrid status. Information from LiveGrid might be misleading in case of malware as they would show for the process malware is injected in, ie. not for the malware itself. That said, a user would see ESET recommending them to allow the action based on the data from LiveGrid but in fact they'd allow malware to perform its action. If a normally safe program had malware injected into it, would it not have a different signature, so have a different live grid recomendation? Link to comment Share on other sites More sharing options...
Recommended Posts