51
ReHIPS / Re: ReHIPS Questions
« Last post by fixer on December 29, 2019, 12:26:48 pm »Hello, LimeKey.
Welcome to our forum and thank you for your interest in our product.
1. I guess you're referring to this blogpost https://forum.rehips.com/index.php?topic=11868.0 ? Even when ReHIPS is Disabled, it gets notified about processes starting and exiting and other things. You can notice it by logs, they keep coming. Slowing a process startup in 10 times is not entirely correct. You see, for these tests a special program for used that does nothing on startup to minimize the time it takes to start. For this program, yes, startup with ReHIPS takes 10 times more. But even in this case a single start takes for about 10ms, I don't think you'll notice this time interval or that you start hundreds of processes in a second to start noticing it. Let's return to the real world. In real world programs take some time to start, some bulky programs take more time. For example a program takes 1 second to start. With ReHIPS it'll take 1 second+~8ms=1.008 seconds to start, difference is 0.8%. So I don't think it's noticeable.
2. The most simple (and insecure) way to do this is to simply allow READ+WRITE access to the desired folder. And voila. More secure alternatives usually take more steps. For example if a program supports it, it can read from one folder, but save to some other. Or you can copy files to a ReHIPS folder and process them there. As usual, the more secure you want to have it, the less convenient it'll be. On the other hand, I doubt a steganography program will insert some scary exploit into the images and security should be tightened to the max in this case.
Welcome to our forum and thank you for your interest in our product.
1. I guess you're referring to this blogpost https://forum.rehips.com/index.php?topic=11868.0 ? Even when ReHIPS is Disabled, it gets notified about processes starting and exiting and other things. You can notice it by logs, they keep coming. Slowing a process startup in 10 times is not entirely correct. You see, for these tests a special program for used that does nothing on startup to minimize the time it takes to start. For this program, yes, startup with ReHIPS takes 10 times more. But even in this case a single start takes for about 10ms, I don't think you'll notice this time interval or that you start hundreds of processes in a second to start noticing it. Let's return to the real world. In real world programs take some time to start, some bulky programs take more time. For example a program takes 1 second to start. With ReHIPS it'll take 1 second+~8ms=1.008 seconds to start, difference is 0.8%. So I don't think it's noticeable.
2. The most simple (and insecure) way to do this is to simply allow READ+WRITE access to the desired folder. And voila. More secure alternatives usually take more steps. For example if a program supports it, it can read from one folder, but save to some other. Or you can copy files to a ReHIPS folder and process them there. As usual, the more secure you want to have it, the less convenient it'll be. On the other hand, I doubt a steganography program will insert some scary exploit into the images and security should be tightened to the max in this case.