Another solution would be to place the domains entries in a XML file, for example. Rather than placing them at the Windows registry.
Of course, this XML file would need to be well protected by Spybot's self-defense.
Actually, looking at present scenario (Registry) and the other solution I provided earlier, this one sounds more doable.
A XML file? XML is a very slow thing actually, and I've never heard that IE supports XML files for these entries.
Please keep in mind, it's not us deciding on the data structure (we would've simply picked a pre-sorted binary file), but Microsoft, since the immunization uses their data structure.
Just remember, love is life, and hate is living death.
Treat your life for what it's worth, and live for every breath
(Black Sabbath: A National Acrobat)
I see. I don't know much about XML files, but, it was just an idea. But, it could be a text file or whatever.Originally Posted by PepiMK
The current solution places such entries at the registry, which bloats the registry. The more bloated the registry is, the slower system will become.
And, when I talked about XML, without knowing they're slow, I didn't say that IE supports it or that even Microsoft would have to do it.
In the way I see it, and correct me if I'm wrong, it has nothing to do with IE and Microsoft. It would be the way/the new way Spybot would block access the malicious domains, instead of placing such entries at the registry.
Spybot, instead of placing those entries at the registry - and I'm talking about the domains and not activex and cookies, of course - it would place them in a text file or any other faster solution.
m00nbl00d,
Unfortunately your responses are making the point that you don't really understand how any of this currently works. If you wish to understand what's really happening and how the existing Immunizations really work, you should start with the following 'Sticky' thread in the main Spybot S&D forum.
How Spybot-S&D protects against the installation of Spyware/Malware
http://forums.spybot.info/showthread.php?t=281
Patrick, if this doesn't make my point I don't know what will. Your product has drawn a much wider audience over the years than might have been expected for such a technical tool, but that has lead to exactly the paradox of needing to simplify its use. I know you are attempting to do this, but just like Microsoft attempting to better secure its OS this leads to much pain in the evolution.
I believe you are planning to make many of these changes in the 2.0 version, along with trying to resolve some of the resource issues that have plagued your more recent versions on older less capable hardware and OS. Keeping both types of users happy is quite difficult as OneCare proved to Microsoft. However, keeping the product lean and as simple as possible helps in either case, so at least you already have this going for you.
To me the key appears to be deciding the defaults for the non-technical users and then keeping the controls for the technical users available, but hidden from the non-technical so they don't become confused. You already appear to have begun this in recent 1.5 versions, though I'm not certain why you're placing the effort there, except maybe as a test bed for 2.0?
Resolving these interface issues while attempting to track the changing landscape of the Windows OS itself is quite enough. How much effort to place into the older OS versions simply confuses the matter more. If you wish to remain in business, my opinion would be to concentrate on the newer OS versions which are the future and only do what can be easily done in parallel to support the old.
Bitman
I do understand how Spybot works.
Perhaps, I didn't explain my self the best way I could, and I don't know if know I will also.
Spybot protects by two ways:
- Passively, by placing entries in the restricted sites zone, blocking tracking cookies and activex.
All this immunizations end up in the Windows registry, which, the more it's added, the more bloated it becomes. The slower system will get.
- Actively, by TeaTimer.
Now, my suggestion, considering that the in-the-cloud service would require a lot effort, would be to make use of a new way to block access to malicious domains.
One way, would be for example to place such entries in a .txt, .lst, or whatever file.
I'm not saying that this would done to block cookies and activex. That wouldn't work. But, it is possible to do this to block access to malicious domains.
What I am saying is that, instead of loading the malicious domains to the Restricted Sites Zone, to load them to a file, be it a .txt, .lst or any other.
And, before someone mentions the HOSTS file. That's not what I am talking about here.
The HOSTS file allows to add entries like this
www. baddomain. com
ismy. baddomain. com
But, it doesn't allow to add entries like
*. baddomain. com
Which would block access to any domains within the domain .baddomain .com
Or even, allow it to be blocked like *.baddomain.*
Hmm, now that I go back and read your last two posts again I can't see what made me think you didn't understand this. Maybe it was the 'passive' which I really never have agreed with or more likely the idea that registry 'bloat' is the core of the issue.
In reality Immunization has never been 'passive' it's just that the 'active' code required wasn't part of Spybot S&D itself, but rather code within Internet Explorer that handled the Restricted sites list. However, the Sticky I referenced does make that claim, so you come by this honestly.
As for registry 'bloat', it isn't the size of the registry itself that matters it's merely the number of entries being seached through. I know you probably see these as the same, but there is a difference. At its core however, the real problem was a design change by the Microsoft IE development team to handle a seperate issue that created this side effect as my earlier post detailed.
I also understand that you are just throwing out ideas for a way to replace this functionality within Spybot S&D itself, but that's not really necessary. If you'll look closely at the last sentance of PepiMK's last post you'll see that he's already indicated what he'd have done instead.
Text or other human readable format files are really unnecessary for use within Spybot S&D and are simply slower for the machine to parse, so this makes sense. However, this would require conversion as entries are added in the current Restricted sites list in Internet Explorer, so it's not surprising that a simple text format was used by Microsoft, especially since this feature was added in much earlier versions of the IE browser and designed for manual (human) entry.
The real issue isn't how the list is stored anyway, it's how to replace the functionality that existed within Internet Explorer to actually process this information. Since IE would actually check the list itsself, that made this an easy thing to do by simply providing the list. However, if that's not available then something similar to the exisiting SDHelper.dll would need to be created to take its place, if that's even possible.
I really just think that the Immunize feature should either be supressed or at least the list reduced to complement the protection that SmartFilter now provides when IE 8 is installed. If many of the sites that are now Immunized are already flagged by SmartFilter, it's really not necessary to duplicate them in the Immunization. However, this feature may still be useful for those with earlier versions of IE installed, whether that's due to an older operating system or simply not having upgraded to IE 8 yet.
Bitman
I'd like to thank the various contributors to this thread for doing such a nice job of explaining what's going on between IE8 and Spybot. Having read the 4 pages of posts I'm coming away with the impression that the new SmartScreen filter in IE8 essentially does away with the need to manually immunize via Spybot/SpywareBlaster as it accomplishes the same ultimate goal in a more efficient fashion
With this as a given, I'm assuming IE8 users should:
* Go to immunize and Undo
* Uncheck most of the boxes
* Which begs begs the question of which boxes should we leave checked?
Firefox
Opera
Chrome
Safari
IE 32 bit
IE 32/64 bit
Windows
I only use Firefox and IE personally, but thought I should mention the other popular browsers for the benefit of those whose read this later
For the moment I've undone all the immunizations in Spybot and SpywareBlaster. IE8 has gone from taking a good minute to open to opening in a few seconds
Stevo
Reply With Quote
