I saw 1.8.88 came out and rushed to update. The installer failed with an error about tampering. I expected the updater to be smart enough to handle how XFence works, but maybe not?
I was able to get the update installed by downloading the installer myself, disabling XFence, and installing.
I'm a little confused on what's changed here, though. It's jumped from version 1.6.6 to 1.8.88 but the release notes only seem to mention a unicode handling fix? Two minor revisions and a boatload of patch revisions and that's the only change?
yes, the XFENCE tampering protection protects XFENCE even from itself. Hence XFENCE needs to be disabled before starting the update process. It is certainly possible that we in the future improve it so that XFENCE can be trusted to securely disable itself when needed but of course we need to strike a balance between security and usability there.
You're right that there are only minimal user-visible changes in this release. Most changes that have gone into XFENCE last year are under-the-hood changes to prepare for future features and to support features that are available only in the version of XFENCE that is integrated into our commercial offerings. Currently XFENCE is integrated into our corporate Computer Protection for Mac product.
As for the "extra" minor revision increment we changed to a new versioning scheme as we started working on integrated XFENCE into our products. XFENCE as integrated into other F-Secure products now have an odd minor version number (currently 1.7) while the standalone beta XFENCE minor version number is even (hence 1.8). This is because we build them from a common code base but in different configurations and want to be able to tell them apart on the field.
As I've done previously,
I can only appeal to you and your team: Please also work on new features for the standalone version of XFence. Please dont make this an kind of discontinued product. Many people are interested in this Program itself and not some complete (and expensive) F-Secure security system.
I'll second this. I find that the combination of XFence and Little Snitch are sufficient to protect my system quite well. I'd like to keep it simple. Neither of these apps result in crazy CPU usage or a massive reduction in the ability to use my machine.
I own little flocker, it prompted me yesterday to install xfence, I did, it gave an error, when the mac rebooted it loaded but refused to let me enable it.
Removed it and put LF back on.
Hopefully they will get it fixed eventually.
There is also no mention of the free license for LF users, some details on that would be good.
Should I uninstall the X-Fence beta for upgrading to Mojave? Is it compatible? Is there a product yet that I can buy as a non-enterprise that includes it?
There was another post that mentioned moving the xfence module out of the way before upgrading, and moving it back afterwards was all you needed to do. I can't verify that works, but I do know that reinstalling xfence after upgrading to mojave doesn't seem to work for me as the system exhibits frequent crashes.
@pajp -- can you comment on status of X-Fence, Mojave, and whether there is a way for me as a consumer to buy a license of your commercial product that has X-Fence already built in? Thanks!!
It‘s not officially supported. If you do everything right while upgrading it works, but there are some issues with some apps and processes. For example some system processes have as a result of this a high CPU Usage and the whole screen lags really badly. If you would manually whitelist the directorys that those processes are using (which took me some time to figure out) then you would fix the high cpu and the massive lag.
All in all I can say, the easiest solution is to stay at High Sierra for the moment or if you don‘t need XFence right now uninstall and upgrade.
But you could just try it out and see for yourself bc uninstalling is pretty easy.
I did eventually get xfence working, it is suffering from a problem that LF had too.
Namely, there is always one application that it seems to ignore rules for. What I mean is, before on LF it was printopia, I let it add a rule 'forever' and one of them I tried with 'any' for the files but everytime printopia ran or I tried to use it for a print then LF would jump up.
Now with Xfence it is even worse, the program it has decided to have an issue with is ChronoSync, so every night when my jobs run they all generate a time out unless I leave it in learning mode (in which case what is the point of it!).
I have tried adding them with 'forever' it justs ignores that and re-asks every time. I tried removing the developer ID on one, adding another with 'any' instead of the specific file etc etc.
It absolutely refuses to listen, the entries show up in the ruleset but it prompts me repeatedly each night, and so it then just times out.