|
This review is about Silent Sword, a software that helps eliminate the damage caused by viruses and spyware. It is owned and maintained by Delta Insights, LLC, whom generously provided us with a licensed copy to test out. Their approach is very innovative - instead of scanning an entire hard drive and matching the checksums or strings of each and every file with the signature in a database, they just focus on files that startup when the computer is rebooted. The files are identified with a server hosted on their network. By default, if the file has not been previously proven to be harmless, then it isn't allowed to start.
The Install
Let's get started. Here are the specs of the test machine:
- Dell Latitude CPx (laptop)
- Mobile Pentium III 650mhz
- 256MB RAM
- 20GB hard drive
- Windows XP SP1a
- 3com 10/100 network pccard
- 5mb cable modem connection
- Linksys broadband router
After a fresh reformat and setup on a workgroup, I installed the file "SwordSetup.exe". For your notes, it was 7.07mb in size and the file version was 3.54.164.0. Here was the routine I went through:
Next, I accept, Next, Next, Finish.
(The install took about 15 seconds.)
MUST activate online (or by telephone)
press Activate Online Now
Register, yes
"We are now going to secure your computer from spyware and most worms & viruses"
Continue
"Do you want me to make automatic decisions about how to handle problems?"
Automatic
"How would you prefer your computer to start?"
All Programs / Clean start!
"Is your Internet access working properly?"
Fix It / It's working fine?
"Do you want me to run all the time?"
No, I'll do it / Keep Watch
"Do you want to set a password?"
Yes, Set a Password / No Password
"Lock down Internet Explorer security levels?"
Tighten security / Leave it off
Finish
"Newer program signatures may be available online"
Yes
Cataloging system startup items...
(this may take a few moments)
"I need to identify some potentially unsafe files in your computer over the Internet. May I do so now?"
Yes
"3 file(s) are unrecognized. We would like samples of these files. May we upload them now?"
Yes, OK, OK
"You must reboot to apply your profile."
Yes
Okay we're all set. The program is installed and ready to go, I just accepted all the defaults. It takes up 3.42MB on the hard drive, and 4MB while resident in memory. Before we get into any testing, let's check out all of the options available in the menu:
File
- Profile Manager
- Lookup STartup Programs
- Automatically Lookup as Needed
- View Log
- Manage Backups
- Shutdown Program
Options
- Password Protection
- Change Password
- Show Splash Screen on Startup (checked)
- Keep Me Informed
- Just Do It - DOn't Bother Me (default)
- Flash Tray Icon on New Items
- Show Startup Changes at Boot
- Malware Protection
- Quarantine When Found (default)
- Delete When Found
Apply Profile
- Windows Startup only (safe start)
- Windows and essential items (fastest start)
- All identified non-harmful software (most functional)(default)
- Everything except malware (risky - not recommended)
Help
Testing System Stability
Now that we have our malware prevention software in place, let's do what any good administrator would do after a fresh reformat and OS install - update all of the necessary patches. This part of the test will ensure that Silent Sword will not interfere with the normal operations of the operating system when changes are made to system files. When you first run Windows Update, you are prompted to update some of the Windows Update components. So I do that and reboot. After logging back in, Silent Sword loaded a splash screen stating "verifying user profile, please be patient", and then prompted me with:
"You have unknown programs in your computer, you should try to identify them as soon as possible. Click "OK" to identify them now."
So I click OK, and everything checks out okay. I proceed to install Service Pack 2 which requires another reboot. I do that, and after login, I'm prompted again that there are unknown programs that need identified - and I click OK. At this time the newly installed SP2 Windows Firewall blocks Silent Sword from communicating via the Internet, and I have to Unblock it. It then checked with it's server, and everything seemed fine. I also disabled the Firewall for the remainder of this review.
I then install the rest of the available patches. Here is a list of all hotfixes installed, after SP2:
KB835732, KB893066, KB828741, KB888302, KB891781, KB888113, KB873333, KB890175, KB890830, KB893086, KB892944, KB890923, KB890859, KB887472, KB885835, KB873339, KB885836, MS Win Installer 3.1
The Real Test
Now time for the Stress Test. You know, install all of the programs that stress out the IS Department.
I decided to install what any self-respecting manager of a company would install:
- Kazaa
- Bearshare
- Webshots
- Weatherbug
- Yahoo! Toolbar
- Comet Cursor
Now my desktop is a waterfall calendar - that should improve my productivity by at least 10%! Basking in the greatness of free Internet programs (and free music, free pictures, free weather...), I reboot. After I login, Silent Sword comes to the rescue and doesn't let any of the new software and third party addons startup since they are not yet identifed. I am then prompted to have them identified and upload samples. After I do this, I reboot. And I am prompted to identify unknown files and submit samples. I do this and reboot again. And I'm prompted again. And I reboot again. After this last prompt, I checked the option "Do this automatically in the future" before submitting samples again. I reboot to test it out - and it does skip the initial prompt to identify files, but when it finds files it can't identify yet, it still asks me to resubmit the samples.
I decide it's time to lock this down some more. I change the profile to "Windows and essential items (fastest start)" and reboot. What this does is block even identified startup items - and just lets enough files run to make Windows work. And it works... both Weatherbug and Bearshare cease to start on reboot (as well as any other nasties that came with them).
Time for the final test - the Uninstall. I simply go to Add and Remove Programs and select it to remove it. But I got the error "The Windows Installer Service could not be accessed". Looks like Silent Sword really does have this locked down! So I have to change back to the default profile and reboot before Silent Sword could be uninstalled without errors.
Now it's time to pick apart the pros and cons of this product.
Pros
The concept is great, it's basically a file-based version of Challenge/Response Whitelisting. All of the other spyware scanners "Allow All but Blacklist known malware", whereas this product only Whitelists known good files.
On the machine end, it's actually very simple. It prevents programs from starting up - and doesn't worry about the realtime processes, because after a reboot, they never get loaded. The complicated part (confirming files into a database) is done on the vendor's end.
The machine I used is an older Dell Latitude CPx, running a fresh format of Windows XP SP1a. After installing Silent-Sword, I ran Windows update and installed all hotfixes and driver updates, then SP2. I had absolutely no conflicts, which is great.
The reason I use older hardware to perform reviews, is to test the performance of the product. Laptops are inherently slower than desktops, which makes it easier for me to observe the speed of the software. And Silent Sword was very quick.
Cons
When I reboot, and it checks the files and finds one that isn't identified yet, it asks to submit samples. So I do that. One problem is that until it has identified the file, it asks me every time to submit the same samples. The program needs to be able track what it has already checked and submitted. Also, there is a checkmark to automatically check - I tried that out - and it does, but then I still get prompted to submit the samples (at this point should be automated).
When I reboot or shutdown, the program pops up a splash screen about checking its profile, which then quickly generates an End Task prompt. An impatient click-happy end-user is going to break something that way.
When I first installed it, I had to choose a lot of options. I lost count. I suggested to the vendor that they consolidate them into a single questionnaire form. Also for the typical user, a single "Just use all default settings" option would be useful.
I waited about a week before uninstalling. Before that, I rebooted once more to see if Silent Sword could identify any of the 7 files it previously couldn't identify - but no change. I don't know what kind of response time to expect as new files are uploaded to Delta Insight's server for review.
The asking price for the software is $20. You can expect to pay much more than that for many of the leading Antivirus packages, but as a newly introduced product sold by a fairly young company, it maybe be enough to turn off most customers. People will equate antispyware software with the already free Spybot Search & Destroy, and Lavasoft's Ad-Aware, and may not give Silent Sword a chance.
Final Impression
I will have to say, for just starting out Silent Sword is an impressive product. The company is attempting to deal with the virus/spyware/trojan problem from a fresh angle. Antivirus software scans and detects infected files. Antispyware software searches for unwanted files. Some personal firewalls block communication from rogue files. What makes Silent Sword different is that it targets the startup of the machine, and takes the assumption that if a file doesn't already have the thumbs up, then it shouldn't be started. And for that, I give Silent Sword a thumbs up. Any issues I had with the software were superficial, and did not change the fact that it works. It is not meant to replace your current Internet security products, but instead work with them to fill in the gaps. This software is still new so expect additional features and enhancements in a short time.
You can find it located at Silent-Sword.com. The company is located at DeltaInsights.com.
|
