Tech Un-penetrable

Un-penetrable

Often time when we explain, or demonstrate our security solution product to companys and organizations, we usually will give that customer a demo copy for them to try and break/hack to their little hearts desire. The Cheif Technical Strategist World Wide of our major clients who is also in partnership with us had tested our solution. And came to realize that the only was he was going to be successful at hacking into and destroying the box that our software was protecting was to break out a screw driver, and change some hardware configurations around....Now that's classic.

HAHA....never hurts to say that you can never beat the hammer! lol

Haaha...yeah, software to stop the machine from being destroyed by a sledge hammer...that, I got to see. We stop the hacker from the inside and outside of a buisness/company.

Can i have a demo copy to test?

Sure if you happen to be a CTO, CEO, High Clearance, or perhaps at the top of the food chain of some major corporation or government facility. If not, sorry. Just got word that I might be flying to Morocco in the near future to train the Moroccain Government on our software. How crazy does that sound? I have to get the paper work started on my passport.

A little humor to illustrate your future state of business:



X

Passports ahh the fun... Your gonna be spending $55 for the passport then $30 for something else i forget... Make sure to get a good head on picture.

I can pretend to be a higher up.
How about reppin for god?

I am actually Head IT for the University...

And it's Morracan.

That's funny. I probably would be like "Well...Screw you too buddy!" Anyway, it's looking more promising that I might not have to go. I think we might me going with Microsoft Live Meeting, which allows us to share our desktop with anyone who needs to view it from anywhere via the internet. We can use that to do training sessions...SWEET! No more flights for me, unless its official business.

<br />
ahhh...Morracan, Morracian still foreign to me...lol. I would rather do the training via internet.

Can I work where you work?

Lol...sometimes I ask myself how I managed to get this position. A lot of my friends ask how I got it, when I didn't have an inside connection....lol.

what is the name of your company?

We are small, we don't use our website for advertising. It's all word of mouth on how awsome our technology is. I would have to also say that probably 95% of our clients have never even seen the website. So, that's like the least of our concerns. Everyone else might have a prettier website, and in some cases they even have prettier software than us. But when it's all said and done, it's about the last man standing when you get attacked/hacked. That last man is us.

We just completed another Live Meeting demonstration to a large corporation in the banking industry. I can't name names, because I don't know if I would violate any NDA's, but it's truely amazing at the level of control we have over the Microsoft OS.

I do not see anything wrong with the website, it is simple, and you seem to have everything covered. So me people don't appreciate a nice simple website design now a days.

Good luck.

BBX Technologies, Inc.

bbxtechnologies.com if your interested in looking up info.

They need a better web presence...

It all seems very vague.

if you're talking about the immunengine technology that they talk about on the website i really don't understand how protective it could be. it seems to me that all the product does is replace cmd.exe with programs that you all wrote. honestly, not to be a dick, but i'd like to see what a true experienced hacker says about this. it's been my experience that there aren't many viruses, worms, etc using the command prompt. additionally, it doesn't say anything about how it stops people from getting into the computer, if it even does. i feel like any person wanting to attack a windows comptuer could easily package cmd.exe into their program and execute it. additionlly, there isn't any mention on how the program stops viruses and the like from targeting and disabling the program outright and then executing the attacks against the machine. maybe i'm being a dick by saying this, but as much as you rave about this software, i can't see how it's so good. maybe i'm wrong. if so, i'd like to find out more.

That actually works.

No doubt compaines would like to disect us. The software has been put through a decompiler from a certain government agency, but the way he coded it, it would be very difficult for you to get any useful information out of the decompiler. The secret is not going to be let out of the bag under no circumstances unless he(our cheif programmer) want's it to. I can actually demonstrate it to you via the internet "live". We have Live Meeting now. And we use it to give presentations. I will do it from my home computer when I have time. All I need is the e-mail address of everyone that would like to watch the live demo.

We control external devices. booting from a slave drive(external drive I would assume) what would you be able to accomplish?

Let's see...

1) You would need a different OS on the drive correct?
2) You get over to the drive ImmuneEngine is running on.
3) copy you payload into the drive and execute it. You would be executing the malicious code on the OS you are currently on, not just an individual drive. To which we wasn't running on your OS, so you just screwed up a non-protected drive.
4) Now boot back into the drive with ImmuneEngine on it, when it boots and the defense threads fire up, it will scan, find your payload that you deposited and eradicate it.

Now, lets go back to booting to a slave drive. A lot of motherboards have a password protected bios, or the ability to set a password on the bios options. Therefore, my question is how are you going to change the boot settings of the computer to point to that slave drive, if you don't know the password to the bios. The only answer would be what...."Screw Driver". Reset the jumper to the CMOS to clear the passwords. Again we are back to the "screw driver" approach.

Now if you are talking about an internal slave drive, then we are going back to the "screw driver" situation that I posted about originally. And that is not really hacking. Hackers or the "insider" threat don't sit there and take apart their machine so everyone and their boss can see them installing a new drive. No software solution can stop the physical screw driver.

We do not encrypt files. That would stop you from being able to use the computer to carry out your day to day task. ImmuneEngine is designed to run as if it wasn't even there. You encrypt a Word doc. everytime you made one, that would be a pain in the arse. No code is added to original executables or files. We know that they are their, and if you were to modify an executable or modify a file and turn it into an executable, then when you launch it, it will get scanned and no execution would take place. A check sum is just one of the methods used to authenticate the executable "BEFORE" it is passed to the kernal. I forgot to mention that to you previously. We analyze the executable before it's passed to the kernal. If you alter it, you change the check sum of it. And like I said, that's just one of the methods used to authenticate it. This authentication is started the moment after installation. This is not software restriction policies, where you have to set thousands of policies by hand and don't know what policies to set for what programs until they get into your system. No, this sets up the authentication policies automatically from the moment of installation. You don't have to push down any policies for new programs someone tries to download to the machine. The algorithms do not have to determine if it's malicious or not persay. Simply, if it's not suppose to be there, then get rid of it.

Then you didn't read the website very good, if all you think we do is protect cmd.exe. On the very first page, there is a link to the white pages. If you would like to read that you would understand that we go far beyond any other security product on the market. Just to break down you post a little:

We have had governemt trained hackers, governement "RED" teams, hackers from major corporations, attack our system to no success.

Read the white papers. You will come across our core technology, and that is the binary search engine. It dosen't matter if you called your virus "kill.all" or "kill.txt" We are going to know that it's a program and eradicate it.

Originally, the software was not designed to prevent the actual intrusion of a hacker. What it did originally was stop the hacker from being able to deposit any program on to the system once he got inside. Now, not only do we stop you from depositing a payload on to the system and running it, but a design change has been requested by government officials to actually stop the hacker before they get in. Which we do now. A major problem with corporations is the "inside threat". Because we are driven by our customers needs, we have morphed into a "insider threat" preventer. You would be committing suicide if you attempted to mess with the computer or the ImmuneEngine software. The adminstrators would know "Real Time" what you just tried to do, because it would send an Alert to the main console which sits at the Admin's desk. To top that off, if you are an Admin who has ill intentions, we stop Admin's from reaking havoc all over the computer. That's the reason for the shell over the cmd.exe. Admin's have been using cmd.exe to do malicious activity. So, we piped it, and force them to use the more secure BBXcmd.exe. Piping cmd.exe is only a 10th of the Admin tools that we shut down. You cannot get to the registry editor, services, computer management stuff if you are not suppose to be there.

1) They would never be able to run the program. We have what is called our Policy dispatch. It LITERALLY performs an analysis on EVERY(I mean EVERY) exectuable on the system. If you were to try and package your own version of cmd.exe and deposit it into the system, you would try to execute it, and the policy dispatch would realize that it is not apart of the original matrix of the computer. You would see it get analyzed, and no execution would take place.

2) After you deposited the executable and any executable for that matter virus, worm, trojan, programs desguised as .exe, etc... The binary search engine would do a full sweep of the computer, and eradicate the program. Notice I said eradicate, and not quarantine. Our software is designed to get rid of the program/malicious code, and not leave it on the drive at all. Because the binary search engine is constantly scanning the computer, this means that if you were to drop your version of cmd.exe onto the computer and not even execute it, and just allow it to sit there, the binary search engine would sweep around realize that this is a new program, that was not authorized to be there and clean it off the machine.

The virus would not be allowed to execute to begin with. Therefore, this would not work. And lets just say hypothetically speaking, you were to try and disable the main executable of our program. Because of the way that it is designed, you would try to kill the executable, and what would happen is, it would know and launch multiple instances of the program. So, 1 immuneEngine would be running, you try and kill it, then you got to deal with 2 immuneEngine's running. It will multiply and launch multiple binary search engines for added protection.

No worries man...I don't expect you to be able to grasp this from the first time reading it. A lot of world reknowned P.H.D's in computer science can not comprehend how this software can do what it can do 1)without relying on the Microsoft OS to tell it what is going on like current Anti-Virus software does(what this means is that ImmuneEngine is independent of the OS. 2)without changing the structure of the OS. we do not modify any of the OS's .dll's or executables. It is truley a phenomenon. I personally have never seen any program be able to control the OS and provide the flexibility like we do. That might sound like a bias statement, because I work here, but I have seen countless industry professionals say the same thing. They have never seen any program be able to do what we can do. The binary search engine technology has allowed us to be able to detect any known and unknown virus WITHOUT having a signature, or update of the software. We do not house any database of known viruses to defend against. We don't need signatures, and for this simple reason, we have the Anti-Virus industry a little shaken up. The only reason you are not aware of our technology is due to the focus stage that we are in right now. It's mostly corporate conglomerants and government officials that we are after. It's a strategic move, because all security roads lead to Washington. If you don't protect something of major importance in the government, then you will not get a second look when it comes to the public/corporate sector. We are only getting stronger. Once we take that over, then you will start to here about this new technology more and more in the public world. How this software works, can not be understood by the average person. Therefore, it has to be packaged in such a way that it can be "fool" proof. That's why the software is literally "push" button.

One more thing I would like to explain is this. Current technology relys on system drivers to do their job. The problem is this. The minute you boot the computer into "Safe" mode by pushing F8, system drivers are disabled. There is no need to go further, you have successfully by-passed the entire security software. Therefore, there needed to be a new approach. So, my Co-CEO, who is also the cheif programmer designed a new way of doing this. What this boils down to is this...Our software still works in safe mode! To top that off, you can run Scripts against current technology, and the machine would be at your mercy. Intall ImmuneEngine, and deposit a script into the machine and try to execute it, only to find out nothing happen, and to watch it disappear a moment later. Even if you were to edit an exsisting script on the machine to do something else, we would not allow it to run after you edited it.

Lastly...Read the available white papers on our website. And fire away at any question, or situation that you think of that might be able to by-pass the system, and I will explain how we stop it.

It's an interesting concept. And we've gone over and over this again and again.

It's all though very vague in how it actually works. Not that you couldn't be detailed just that there are companies that would probably love to disect this and probably have competing products.

I would love to see it in action and try my hand at it.

What about booting from a slave drive and then accessing the information via a different file system? Or does it encrypt every file? And every program how does it know if it's being attacked or tampered with besides constantly monitoring it or adding a piece of code to every piece of data that if changed will send an alert and then through advanced alogorithms determine if it's malicious or not? Some sort of hash?

Dragon what tech forums do you frequent?

okay kewl... what tech forums do you frequent?

Every so often I will make my way over to Slashdot, and Anadtech. But not very often. I'm more into the news of whats going on in the software/hardware world of computers. So, I'm doing a lot of reading over on theinquirer.net. What about you? Funny thing was, over on theinquirer, they had an article warning people not to go to a certain website. I'm not sure if you ever saw this scare or not, but it was an alert out about misspelling the google name wrong when trying to get to their website. If you were to spell I think it was googkle or something like that, it would take you to a Russian hosted site and deposit a few trojans and nasty worms onto your machine. Well, I decided to test it out against our software. Unfortaunately by the time I was done reading the article, the site had already been blocked. However, I found similar info. from I think it was Sopho's website warning people not to go to a couple of other sites. one of them was like "pillz.info" I think. Luckly, the site was still up. I saw my IE browser working trying to access the site, then I seen a pop up window form, next thing you know, I seen the policy dispatch of our software scan across the screen, and the popup window closed, and the browser said Page cannot be displayed!...Haaahaaa.... So, then I switched over to my Admin console to see the forensics of what the site tried to do to my machine. And I saw the alert that it tried to insert an executable into my temp. folder and run it. Machine is still alive and kicking thanks to ImmuneEngine.

wouldn't this completely restrict people from doing non-intrusive work wherever it is installed?

I go to the main sites...

virtual-hideout.net
msfn.org
bit-tech.net
vr-zone.com
tweaktown.com
the ms security site
neowin.org
warp2search.net

Cool, I will check those out.

So it's not meant really for information to not be stolen just for a virus or a person to get in and change anything.

my email is christopher 9AT0 outreach.umass.edu . Obviously without the 9at0 is @
I would love to see the demonstration.

I kinda figured it used some sort of hash alog authentication. That way it wouldn't have to use some sort of central server for a brain for continuous updates.

things that hit me:
you guys need a better Front webpage..one more professional. you can't just sit there and claim that none of your clients visit your website...
logo-wise... i read 8 X 8..haha...is the name of the company BBX? why does the logo read BXB...hmm..weird.
Only 2 testimonials?

on the other hand..sounds very good, from what you told us, not from what i read in the website..i would also like to see a demo of it...Price wise? range?
i am a web consultant as part time and i would be interested..
how many people work there?

Well, no that's not correct. If you are a hacker trying to break in to steal info., how are you going to get in to steal the info.? Or if you are a person walking up to the computer, how are you going to connect a device to copy any info. from the computer? So, actually we do block you from stealing info. <br />

Cool. I will first e-mail you with a time I can give you a demo. Then wait for your reply to see if that's a good time. If everything is cool on the time, then I will e-mail you with instructions on how to get into the live meeting session. It does not require you to download software to view the desktop of my computer. This is cool, cause I need practice with my presentations too. So expect an email from me in a couple of days, cause I need to get the laptop from my apartment to use as a demo computer.<br />

Naw...it's a complicated algorighthm, but it's not current hash technology.