The founder of Spybot-S&D blogging about a few things too techy for the news section of Spybot-S&D website. And maybe also about things too unrelated, who knows.
Spybot 2.0: modularity concepts
Posted 2008-10-27 at 21:40 by PepiMK
Tags spybot2
In the next weeks, I'll try to use the blog to announce a few things of Spybot - Search & Destroy 2.0, on topics where we would love feedback.
One important change in Spybot-S&D 2.0 will be that the functionality will be much more modularized. Not just one big .exe, but various smaller ones.
A few arguments:
Resources: you do not need everything Spybot offers all at the same time. By loading only those parts you need when you need them, Spybot can run faster, use less system memory, and on older 9x/ME systems, can use less of the precious GDI/user handles.
Speed: the app will simply show much faster.
Interaction: a challenge is to present it to the user in a way that is not affecting his ease of use; on the contrary, it should help him getting things done by presenting only that which he currently needs, at the same time allowing him to easily go to another part.
Updates & Maintenance: by having functionality separated, new functions or bug fixs mean that testing can concentrate on one module, and possibly those depending on it, but not on the full package, leading to faster and more stable updates.
Scripting/Scheduling: if you want to automate things, you can restrict that to the modules that offer the functionality you want to script, without the need to load the full, slow loading old app all the time.
The Modules:
Do you have any comments on other good or bad sides of htis approach? Let us know!
Finally, a few screenshots not really saying that much since the user interface question will be part of another blog post and will still receive more attention before becoming final: Settings, Quarantine, Immunization.
One important change in Spybot-S&D 2.0 will be that the functionality will be much more modularized. Not just one big .exe, but various smaller ones.
A few arguments:
Resources: you do not need everything Spybot offers all at the same time. By loading only those parts you need when you need them, Spybot can run faster, use less system memory, and on older 9x/ME systems, can use less of the precious GDI/user handles.
Speed: the app will simply show much faster.
Interaction: a challenge is to present it to the user in a way that is not affecting his ease of use; on the contrary, it should help him getting things done by presenting only that which he currently needs, at the same time allowing him to easily go to another part.
Updates & Maintenance: by having functionality separated, new functions or bug fixs mean that testing can concentrate on one module, and possibly those depending on it, but not on the full package, leading to faster and more stable updates.
Scripting/Scheduling: if you want to automate things, you can restrict that to the modules that offer the functionality you want to script, without the need to load the full, slow loading old app all the time.
The Modules:
- Main Scanner (actually two new modules, a new scanner librabry and its user interface)
- File Scanner (already known, improved by removal offer and some more features)
- Cleaner (actually various parts to improve the cleaning capability, but visible to the user in only one instance)
- Immunization (some may already know this from demonstration versions)
- Settings (with a lot of legacy options removed)
- Tools (the full capability as known from RunAlyzer, but sped up to have no waiting delay when opening it)
- Quarantine (formerly known as Recovery)
- Update (different from the 1.x one)
- Shredder (similar to how its already moved out now)
Do you have any comments on other good or bad sides of htis approach? Let us know!
Finally, a few screenshots not really saying that much since the user interface question will be part of another blog post and will still receive more attention before becoming final: Settings, Quarantine, Immunization.
Total Comments 18
Comments
-
Hello,
It would be great if Spybot scans the PC, "track wise" and not "signature wise". I mean to say that instead of using the detection signatures as the reference point (a particular files gets repeatedly scanned for different malware signatures). Rather scan a file and compare it with the list of detection signature.
It's the technique that most AV/AS software uses.Posted 2008-10-30 at 09:54 by xpsunny 
-
How about fixing the checksum errors that everyone is getting on your 11-4-08 updates.
Posted 2008-11-05 at 01:21 by Alfred R. Ender
-
Sorry Alfed R. Ender, won't do that!
At least not in the context you've reported it - this blog reports about Spybot-S&D 2.0, and I highly doubt you'll want to wait some further weeks.Posted 2008-11-05 at 09:52 by PepiMK
-
Immunization
When any web browser is installed after spy-bot has already been installed, it doesn't get immunized. I need to install all my browsers before installing spy bot. also after removing a browser its entry remains in the spy bot.Posted 2008-11-05 at 11:59 by me_last
-
@me_last: as I said to the person above, this is the discussion area forthe Spybot 2.0 modularity concept, not for general problems. Please post your problems in the regular forum area, not the blog.
As for your second "problem", Spybot detects all profiles. If you remove a browser, you probably do not remove the profiles it created.Posted 2008-11-05 at 13:49 by PepiMK
-
@xpsunny: thanks for posting something on topic
The scan method becomes more and more of a mix of both. Scanning specific files is already possible with the file scanner, and the next big increase in increasing the number of detected threats will go a huge step towards a more homogenous mix. There are a lot of technical reasons (like this one) for needing some kind of pattern-based progress.Posted 2008-11-05 at 13:54 by PepiMK
-
Looks good, minimalist apps are always great for our computers. Looking forward to test it!
Posted 2008-11-05 at 19:35 by Warrax
-
Ideas for 2.0 version is great, and I like them.
First I hope that in instalation of spybot 2.0 I can choose for example not to install Teatimer at all, and then expect no teatimer.exe in spybot instalation directory.This is not the case now.
And maybe you can call Main Scanner, Cleaner, Settings, Update and Quarantine something like Core components, and the other modules should be optional and then spybot directory will be smaller if user wants to install only core components/modules.
And it would be nice if speed of scanning is fast as in 1.6 beta1.Posted 2008-11-05 at 22:50 by Ivan1981
-
Much would depend on the user being in 'tune' with this approach, but breaking it down only seems more complex if the interface is less than clear in how objectives are achieved and what those objectives are. Indeed separating the workload among a crew of specialized skills, each working at an optimized level is highly advantageous. Lol, profiling for optimization according to needs and habits comes to mind - my SSD2 "personal assistant" helper to aid me in a threat assessment for gaming (can be risky), surfing (it all depends) and offline (almost nil). Looking forward to more news of advanced yet useable features
Posted 2008-11-06 at 01:29 by ME_2&
-
personally i would love it if s&d inc a restart function after scanning where the user could choose to let s&d automaticly restart after a scan
as i let s&d and other security software run at night due to the time scans take (not humming about time) if it finds nothing bar tracks off my comp ussage then a restart function to me would be usefull as the tracks arnt fully removed until i restart.
if i am way off here sorry.Posted 2008-11-17 at 00:17 by kinos
Updated 2008-11-17 at 00:19 by kinos (tyops) -
When will we get the first beta version of spybot 2.0?Posted 2008-11-18 at 07:22 by control
-
Hört sich doch alles schon mal ganz gut an.
Ich habe da mal eine Frage:
Ist ein Tool geplant, welches die aktiven Prozesse und Änderungen an der registry in Echtzeit überwacht und gefährliche Prozesse anhand einer Verhaltensanalyse stoppt, bevor sie ausgeführt werden??Posted 2008-11-27 at 21:25 by Matt
-
Take a look here, the scanning mechanism should be changed:
http://img242.imageshack.us/img242/2659/scan0001ic0.pngPosted 2008-12-07 at 12:03 by xpsunny
-
Yes Matt, seems I missed listing that. Indeed TeaTimer will be obsolete and replaced with something new that's real-time instead of near-time
Ja, der TeaTimer wird tatsächlich rausgeworfen und gegen etwas ganz neues ersetzt, das in Echtzeit arbeitet.Posted 2008-12-10 at 21:04 by PepiMK
-
About TeaTimer "replacement":
I've saw somewhere that you want change TeaTimer resident name into Coffee Lounge.
Is this true?Posted 2008-12-12 at 21:04 by Tom.K
-
Well, it's an internal working name, where we needed something different since the on-access part is completely now; but I think it won't show anywhere in the interface but will receive a more serious name
Posted 2008-12-14 at 13:05 by PepiMK
-
Are there any plans to transform the immunization feature as a browser plugin? Of course the plugin should be made "read-only" to prevent deletion...
Posted 2009-01-31 at 07:17 by xpsunny
-
Hmmm... which advantages should a plugin have? It would mean that the system cannot be immunized in whole, but just by browser, possibly by browser profile only, meaning more work for the user. And it would mean maintaining second plugins for all browsers instead of just one application for us.
And then, to immunize a browser, you would have to open and use it first.
The whole thing about immunization is that is does not need to run in the browserü but uses a passive approach.
More browser plugins are planed and a 2.0 concept will make them easier - but these will be for active blocking, not for immunization.Posted 2009-02-03 at 08:47 by PepiMK
