XFence 1.8.88 Update

I saw 1.8.88 came out and rushed to update.  The installer failed with an error about tampering.  I expected the updater to be smart enough to handle how XFence works, but maybe not?

 

I was able to get the update installed by downloading the installer myself, disabling XFence, and installing.

 

I'm a little confused on what's changed here, though.  It's jumped from version 1.6.6 to 1.8.88 but the release notes only seem to mention a unicode handling fix?  Two minor revisions and a boatload of patch revisions and that's the only change?

Comments

  • pajp
    pajp Posts: 107 F-Secure Employee

    Hi,

     

    yes, the XFENCE tampering protection protects XFENCE even from itself. Smiley Happy Hence XFENCE needs to be disabled before starting the update process. It is certainly possible that we in the future improve it so that XFENCE can be trusted to securely disable itself when needed but of course we need to strike a balance between security and usability there.

     

    You're right that there are only minimal user-visible changes in this release. Most changes that have gone into XFENCE last year are under-the-hood changes to prepare for future features and to support features that are available only in the version of XFENCE that is integrated into our commercial offerings. Currently XFENCE is integrated into our corporate Computer Protection for Mac product.

     

    As for the "extra" minor revision increment we changed to a new versioning scheme as we started working on integrated XFENCE into our products. XFENCE as integrated into other F-Secure products now have an odd minor version number (currently 1.7) while the standalone beta XFENCE minor version number is even (hence 1.8). This is because we build them from a common code base but in different configurations and want to be able to tell them apart on the field.

    Rasmus Sten

    F-Secure Technology, Mac Team

  • anonymouz4
    anonymouz4 Posts: 16 Explorer

    As I've done previously,

     

    I can only appeal to you and your team: Please also work on new features for the standalone version of XFence. Please dont make this an kind of discontinued product. Many people are interested in this Program itself and not some complete (and expensive) F-Secure security system.

     

    Thank you

  • XenoPhage
    XenoPhage Posts: 31 Contributor

    I'll second this.  I find that the combination of XFence and Little Snitch are sufficient to protect my system quite well.  I'd like to keep it simple.  Neither of these apps result in crazy CPU usage or a massive reduction in the ability to use my machine.

  • Cluttered
    Cluttered Posts: 4 New Member

    I own little flocker, it prompted me yesterday to install xfence, I did, it gave an error, when the mac rebooted it loaded but refused to let me enable it.

     

    Removed it and put LF back on.

     

    Hopefully they will get it fixed eventually.

     

    There is also no mention of the free license for LF users, some details on that would be good.

  • Lostgravity
    Lostgravity Posts: 2 New Member

    Should I uninstall the X-Fence beta for upgrading to Mojave? Is it compatible? Is there a product yet that I can buy as a non-enterprise that includes it?

     

    Thanks!!

  • XenoPhage
    XenoPhage Posts: 31 Contributor

    There was another post that mentioned moving the xfence module out of the way before upgrading, and moving it back afterwards was all you needed to do.  I can't verify that works, but I do know that reinstalling xfence after upgrading to mojave doesn't seem to work for me as the system exhibits frequent crashes.

  • Lostgravity
    Lostgravity Posts: 2 New Member

    @pajp -- can you comment on status of X-Fence, Mojave, and whether there is a way for me as a consumer to buy a license of your commercial product that has X-Fence already built in? Thanks!!

  • anonymouz4
    anonymouz4 Posts: 16 Explorer

    It‘s not officially supported. If you do everything right while upgrading it works, but there are some issues with some apps and processes. For example some system processes have as a result of this a high CPU Usage and the whole screen lags really badly. If you would manually whitelist the directorys that those processes are using (which took me some time to figure out) then you would fix the high cpu and the massive lag.

     

    All in all I can say, the easiest solution is to stay at High Sierra for the moment or if you don‘t need XFence right now uninstall and upgrade. 

    But you could just try it out and see for yourself bc uninstalling is pretty easy.

  • Cluttered
    Cluttered Posts: 4 New Member

    I did eventually get xfence working, it is suffering from a problem that LF had too.

     

    Namely, there is always one application that it seems to ignore rules for. What I mean is, before on LF it was printopia, I let it add a rule 'forever' and one of them I tried with 'any' for the files but everytime printopia ran or I tried to use it for a print then LF would jump up.

     

    Now with Xfence it is even worse, the program it has decided to have an issue with is ChronoSync, so every night when my jobs run they all generate a time out unless I leave it in learning mode (in which case what is the point of it!).

     

    I have tried adding them with 'forever' it justs ignores that and re-asks every time. I tried removing the developer ID on one, adding another with 'any' instead of the specific file etc etc.

     

    It absolutely refuses to listen, the entries show up in the ruleset but it prompts me repeatedly each night, and so it then just times out.

     

    Very annoying.

  • anonymouz4
    anonymouz4 Posts: 16 Explorer

    That seem to me like an issue with the rules file.

    Check out the thread that was on here talking about fixing a broken rules file.

     

    This can happen often, mostly when there is a rule with certain special characters.

     

    Those characters make xfense ignore any rule after that. There was a simple command that whould check for these errors show them.

  • Cluttered
    Cluttered Posts: 4 New Member

    I tried the command from 'XFENCE forgets/deletes existing rules', namely:

     

    grep --color '.allow\|.deny' /Users/Shared/F-Secure\ XFENCE/*.rc

     

    But it finds nothing.

     

    Also, v1.8.88 seems to have been out a long time with no updates, is the product still being developed or is it time to cut my loses and switch to HandsOff?

  • Cluttered
    Cluttered Posts: 4 New Member

    For instance in the rules I have:

    Screen Shot 2018-10-17 at 17.05.39.png

    But after a day in learning mode when I turn that off I get an import for:Screen Shot 2018-10-17 at 17.05.18.png

     

    i.e. a repeat of the last entry, but that should be irrelevant anyway as the 'any' 4 lines above should be invoked (which is why the last three entries are orange)!

     

    I have 'imported' this particular offering dozens of times and it makes no difference whatsoever. I re-loaded the rules, no help, deleted them and re-imported them, no help. I could just delete them all and start again but I have about 1322 rules and don't want to have to go through all that again.

     

    If I have to start from scratch then given the lack of interest there seems to be in this product, not to mention no idea on cost/subscription model or my LF license upgrade options, then I might as well switch to Hands Off which does much the same job, is actively supported and I already have a license for.

This discussion has been closed.