Re: iWitness + process guard
[ QUOTE ]
Why do people think this is effective at stopping Party from detecting things? Have we seen them inject code into other processes? In the past, the way they've detected banned software is just by looking for the files on your hard drive. These SnoopFree/ Process Guard tools don't do anything to restrict that, right? They do prevent screenshots, and I can see how that is important. For the file reading isue, I suppose you could just run Party as a limited user account that didn't have read access to the directories with these tools. Has anyone tried that?
[/ QUOTE ]
Okay, this whole line of reasoning is OT for the thread, but it has been discussed in other threads, bobbyi:
1. Party did not find other apps by looking for files on the drive. They did look in the registry and look at the currently running applications (like in the processes list when you run Task Manager.)
2. Party does inject DLL's into other running processes. We have not confirmed what the DLL's do; they may simply help manage which windows are foregrounded, but they are more likely designed to identify restricted software, and are likely culprits in making your machine (and Party) less stable.
3. Party does set global keyboard/mouse hooks on your system.
Folks: given the size, maybe it's time to lock this iWitness thread and start a fresh one?
|