Wow. I hate how so many Windows applications are considerably uglier compared to Mac counterparts. The Windows apps don't seem to push forward Windows design but rather get stuck in the Windows XP design days. This is beautifully designed and clear.
The graph visualization is prime, and I love that the peaks are "rounded" out instead of sharp declines (sharp declines would make it look more like a live stock ticker).
Extremely well done, and exactly something I have been looking for. I will keep an eye out for the Mac version.
I'm a Windows user (go on, press the down arrow) and I don't care about app design. Give me military ship grey windows, text menus and a way to hide all icons. Windows 2000 was for me the apogee of 2D design.
On the subject of Mac counterparts, I highly recommend Little Snitch for this particular functionality.
I have no affiliation with the developer, I've just found Little Snitch to be quite useful and thought I'd share (admittedly it's graphs aren't as nice as this app's).
There are windows design guidelines, most developers/ISV's adhere to them.
Another point: many companies don't want to spend any time or effort on design, as for most applications, it won't translate into additional revenue. I would argue that many customers don't even care what the app looks like so long as it works and they can figure out how to use it.
Also you don't want to have to re-learn how to computer for every single application you open because somebody got bored with the current state of design for a network traffic monitoring tool.
Thanks! It was actually very difficult to make rounded peaks due to the way network activity tends to suddenly spike. Sometimes the mini graph at the bottom of the UI doesn't match up exactly with the top graph due to our rounded graph but we're improving it all the time.
I also hate the way spiky graphs look.
It might look good on "standard" resolutions but unfortunately it doesn't handle Windows 8.1 scaling and a high resolution monitor that well. For example the "Usage" tab is unusable for me with fonts cut off in half and labels to the diagrams unreadable.
+1 for the nice design of this app! But personally, unless the curves represent actual data points, I think they're somewhat disingenuous. Granted they look prettier than spikes but they give a false representation of the resolution of the data.
All software related to security should be open source. This particular piece of software doesn't sit at a crucial point in a secure system, but a greater deal of transparency would be appreciated. I personally avoid using closed-source tools for security purposes, and especially closed-source tools that are hoping to monetize. I use Linux, though, so I guess it doesn't really matter to me in this case :)
I would also say that calling home is a huge no-no for this software. I would seriously consider revisiting that choice if I were you.
> All software related to security should be open source.
That's a very common and dangerous misbelief.
Security products should come from a trustworthy source. Open source doesn't imply trustworthiness. If I were to screw you, I can very well do it with an open source product and pre-compiled binaries. Some people will rebuild from source, but a vast majority will use binaries provided assuming that since I'm all "open source" then I must be trustworthy. Hell of an assumption to make if I am not.
As a (unworthy, since I happen to use proprietary software accidentally) believer in Free Software, I tend to agree, but since that's unlikely to happen, I'd say all security-related software should be at least fully auditable by end-user. That is, there must be either 1) some form of human-readable (i.e. unobfuscated) source code and means to validate the built binaries to match the provided sources or 2) means to easily decompile the binaries to a human-readable high-level language and study their behavior.
That is, one of the first things this GlassWire app did is connection to its home server. It openly admitted that itself, but nonetheless, why it did so and what kind of data (~200+ KiB, that's a fair amount that probably exceeds any analytic and update-checking needs) were transferred — I have no idea and I'm too lazy to figure out.
Thanks for your feedback. We'll try to add more transparency. The calling home is for software updates and it shows up on the graph, and GlassWire can even block itself.
I think you are conflating security advice with business advice. Obviously, you are not the target audience. I may agree with you on a technical level but on a business one I do not really agree.
The company that made this is: SecureMix LLC (est. 04/15/2014); aka Free Firewall Antivirus LLC (est. 10/17/2013); aka Blue Quail Capital, LLC (est. 06/21/2010).
Here is the corporate registration: https://mycpa.cpa.state.tx.us/coa/servlet/cpa.app.coa.CoaGet.... The person opted to use a CPA (EDWARD H. GOWETT) to register their LLC (looks like a nice guy: https://www.linkedin.com/profile/view?id=34375436). And finally, the man, the myth the legend: ANTON BONDAR.
I got hacked, felt paranoid, made an app... Yeah right!
This app is not a one man show! This app, with all it's license stuff, backdoors etc.. all ready to know a lot of all your network traffic going in and out, and you agree upon all this when you install it. Now YOU got hacked! Or do you think the app will also show in detail what data they store and share on their servers and third parties and more?
Can anyone explain why the Qt DLLs are offset in size? I compared them to Qt 5.3 and even replaced them and app works fine with original Digia compiled versions. Maybe it is the digital signature? I just recall a trojan people used before by re-compiling the Qt Libraries with malicious intent.
Beautiful app, I looked at the Privacy Policy on the site & breezed through the Install legalize and it doesn't seem to include specific network traffic information being relayed back to remote servers in anyway (I easily could have missed this), can you confirm that you guys are not collecting network usage statistics from the app?
We absolutely can't see your network data and we don't want to see it. GlassWire checks for software updates and that network activity appears on the GlassWire graph. If you block GlassWire via its own firewall then you won't know about future updates.
Holy hell, this was the app I was looking for for a long time! It does exactly what I want it to do and does it beautifully. Thank you! I'll be happy to pay you when you provide that option.
By the way, I'm surprised this isn't a default feature of OS'es. I always thought knowing exactly what apps are talking to the world and how much is something one would like to know about.
FYI, Task Manager on Windows now has an "App History" tab which includes both CPU and Network usage. OS X provides similar functionality in Activity Monitor.app.
This will probably stop some drive-by hacking - great. But my understanding from some well informed people, is that increasingly rootkits can hide their network traffic.
So, whilst this will add piece of mind, you'll still need to maintain security - because all this will really do is let you know you've been "hacked" again. Sure, it may prevent the dropper from connecting out - but often that would look like Flash or Java just connecting out to a random host.
As someone who got hacked, and installed NoScript, I'm amazed at the number of hosts that even mainstream websites connect out to. I struggle to stay on top of my whitelists. I just don't think you're going to see the dropper in time and stop it.
Bug report:
After few hours of installing the app. I got a blue screen KERNEL_SECURITY_CHECK_FAILUR which repeated 3 times.
I removed the app from the start up list and disabled the windows service. now everything is back to normal.
System: Win 8.1
I know some have mentioned white/black lists, but in addition to known malicious stuff, one feature that might be really helpful is a known list of what connections are used for, or processes/executables.
i.e., "spynetus.microsoft.akadns.net" could have some clearly Glasswire edited note that said something like "Used by Windows Defender". You could even add a +1232 Safe/-12 Unsafe that linked to a crowdsourced/forum sourced "what's this" registry. Sort of like reviews on processes or hosts.
Surprising really it has taken so long to get an app like this on Windows. I've been using My Data Manager[1] on Android for a the previous 2-3yrs.
The closest I've gotten on Windows up to this date is CFosSpeed[2] in traffic shapping = off mode + process explorer. There have been other apps that attempted to present the data, however none have done it like GlassWire.
Looking forward to the paid version, this is awesome :)
Beautiful. I can easily see using this regularly on my Windows machines.
Some items:
1) It'd be nice to be able to scroll around directly on the graph using mouse gestures (middle-click drag?).
2) Graphing of bandwidth seems to be off somehow. If I do a speedtest.net, my ~104Mbps transfer shows up on the graph as 38 Mbps and the graph scale shows a max of 20 Mbps. http://imgur.com/QkZMVvj
I use Speedtest quite a bit and I think they estimate your speed via a system that doesn't require you actually hit their transfer rate. I could be wrong though... we'll look closer and see what's going on there.
I agree dragging right/left on the graph would be cool. Thanks for the complements and feedback!
I actually just signed on to HN to comment on this news. Great job, first of all for a good solution to a real problem. Next, great design: finally an application that does not pale in comparison to its Mac counterparts.
> GlassWire keeps an up to date list of known suspicious hosts and alerts you if you contact one. Suspicious hosts are often related to botnets, malware, and other malicious behavior
How is this implemented exactly? Does the app phone home? Does it do some sort of RBL check (if so, against which servers)?
GlassWire checks for software updates and also does an RBL check. You can see it on the graph and block GlassWire if you want, but then you won't be alerted to new versions and your malicious hosts will become outdated. We don't list our malicious host list sources but I guess we could, I'll have to think about it more. We don't get the hosts from our users or access any user data at all. Your graph data is private on your machine, unless you set up our remote monitoring feature and that data also never goes through our servers at all.
Really great work! I installed it yesterday and I have to say that I like it. It's different from most AV/security products in that it is very low-profile -- probably because it is intended for a more technically-inclined audience. It doesn't bother you when you try to do stuff, it doesn't really spam notifications, and it doesn't nag you to buy useless shit.
Is there any way to opt-in to share network stats? I, personally, would not mind and I think it would lead to a stronger product.
Here is a small suggestion. I actually didn't know I could close the tray notifications. When I looked closer at the notification, I saw the X in the top right corner. The X looks just like the background; maybe you should make it a little darker or somehow add more contrast.
Also, I think I may have discovered a bug. GlassWire thinks that Microsoft Word has transferred 253.7 MB, when it was actually Microsoft Silverlight (I was watching Netflix and had MS word open for a while). http://i.imgur.com/84qFF42.png
Our firewall uses the Windows firewall system so it doesn't add instability to your computer. I was afraid it would sound kind of lame to talk about the awesome firewall when it's more of a firewall manager.
I think the monitoring feature is the most useful thing because you can go back in time and see your network activity for up to 30 days, or of course clear your history if you want.
For Mac there is Little Snitch but for Windows I haven't seen anything that has a "network time machine" like we have and also gives notifications like we do. The way GlassWire organizes the data is kind of unique.
I made this application for myself due to my own paranoia.
Would you or others care to share the story of how they got hacked?
The only time I've been aware of getting hacked, my friend handed me his computer and said, "You're a nerd, find me a live pirate stream of the Big Game. Quick, people are coming over!" Friend may be too strong a word, but I gave it a shot even though I thought it hopeless. I went to some sketchy pirate sites, and I clicked on a link. A popup launched, and immediately there was an error; "Shockwave has crashed."
"Do you install updates?"
"No, why?"
Another time, my brother was lamenting that he couldn't take pictures with his phone because his SD card broke. I never used mine, so I pulled it out and handed it to him. A few days later I had to get some information immediately and the only device available was my phone. I was on a website and an error popped up; it was to the effect of "Can't download someapp.apk because you don't have an SD card."
[+] [-] gregbarbosa|11 years ago|reply
The graph visualization is prime, and I love that the peaks are "rounded" out instead of sharp declines (sharp declines would make it look more like a live stock ticker).
Extremely well done, and exactly something I have been looking for. I will keep an eye out for the Mac version.
[+] [-] cledet|11 years ago|reply
https://github.com/blog/1151-designing-github-for-windows
[+] [-] rational-future|11 years ago|reply
[+] [-] eric_h|11 years ago|reply
I have no affiliation with the developer, I've just found Little Snitch to be quite useful and thought I'd share (admittedly it's graphs aren't as nice as this app's).
[+] [-] ManFromUranus|11 years ago|reply
Another point: many companies don't want to spend any time or effort on design, as for most applications, it won't translate into additional revenue. I would argue that many customers don't even care what the app looks like so long as it works and they can figure out how to use it.
Also you don't want to have to re-learn how to computer for every single application you open because somebody got bored with the current state of design for a network traffic monitoring tool.
[+] [-] greenwalls|11 years ago|reply
[+] [-] rullgrus|11 years ago|reply
[+] [-] Wintamute|11 years ago|reply
[+] [-] blueskin_|11 years ago|reply
I lost you after this sentence. I thought you were about to use this program as a shining example of ugly windows software.
[+] [-] tomc1985|11 years ago|reply
[deleted]
[+] [-] ddevault|11 years ago|reply
I would also say that calling home is a huge no-no for this software. I would seriously consider revisiting that choice if I were you.
[+] [-] huhtenberg|11 years ago|reply
That's a very common and dangerous misbelief.
Security products should come from a trustworthy source. Open source doesn't imply trustworthiness. If I were to screw you, I can very well do it with an open source product and pre-compiled binaries. Some people will rebuild from source, but a vast majority will use binaries provided assuming that since I'm all "open source" then I must be trustworthy. Hell of an assumption to make if I am not.
[+] [-] drdaeman|11 years ago|reply
That is, one of the first things this GlassWire app did is connection to its home server. It openly admitted that itself, but nonetheless, why it did so and what kind of data (~200+ KiB, that's a fair amount that probably exceeds any analytic and update-checking needs) were transferred — I have no idea and I'm too lazy to figure out.
[+] [-] greenwalls|11 years ago|reply
[+] [-] lucb1e|11 years ago|reply
Why just security-related software? It doesn't get special permissions or anything. All software can do equal damage on most operating systems.
> I personally avoid using closed-source tools for security purposes
I too prefer open source tools for security purposes, but that means that for security purposes I prefer all my software to be open source.
[+] [-] dinkumthinkum|11 years ago|reply
[+] [-] rational-future|11 years ago|reply
Fixed that for you, yours RMS ;-)
[+] [-] mbrownnyc|11 years ago|reply
The company that made this is: SecureMix LLC (est. 04/15/2014); aka Free Firewall Antivirus LLC (est. 10/17/2013); aka Blue Quail Capital, LLC (est. 06/21/2010). Here is the corporate registration: https://mycpa.cpa.state.tx.us/coa/servlet/cpa.app.coa.CoaGet.... The person opted to use a CPA (EDWARD H. GOWETT) to register their LLC (looks like a nice guy: https://www.linkedin.com/profile/view?id=34375436). And finally, the man, the myth the legend: ANTON BONDAR.
[+] [-] Kiro|11 years ago|reply
[+] [-] mbrownnyc|11 years ago|reply
[+] [-] highercenter|11 years ago|reply
This app is not a one man show! This app, with all it's license stuff, backdoors etc.. all ready to know a lot of all your network traffic going in and out, and you agree upon all this when you install it. Now YOU got hacked! Or do you think the app will also show in detail what data they store and share on their servers and third parties and more?
767 point and counting on HN, amazing...
Good luck!
[+] [-] superpano|11 years ago|reply
[+] [-] cyanbane|11 years ago|reply
[+] [-] greenwalls|11 years ago|reply
[+] [-] TeMPOraL|11 years ago|reply
By the way, I'm surprised this isn't a default feature of OS'es. I always thought knowing exactly what apps are talking to the world and how much is something one would like to know about.
[+] [-] lstamour|11 years ago|reply
See: http://blogs.windows.com/bloggingwindows/2013/06/06/windows-... and http://support.apple.com/kb/HT5890
[+] [-] greenwalls|11 years ago|reply
[+] [-] Swannie|11 years ago|reply
This will probably stop some drive-by hacking - great. But my understanding from some well informed people, is that increasingly rootkits can hide their network traffic.
So, whilst this will add piece of mind, you'll still need to maintain security - because all this will really do is let you know you've been "hacked" again. Sure, it may prevent the dropper from connecting out - but often that would look like Flash or Java just connecting out to a random host.
As someone who got hacked, and installed NoScript, I'm amazed at the number of hosts that even mainstream websites connect out to. I struggle to stay on top of my whitelists. I just don't think you're going to see the dropper in time and stop it.
[+] [-] greenwalls|11 years ago|reply
[+] [-] purpl3p3rs0n|11 years ago|reply
Any chance you will support hi-res screens (see http://imgur.com/ztN8cL3)?
[+] [-] greenwalls|11 years ago|reply
[+] [-] maouida|11 years ago|reply
[+] [-] greenwalls|11 years ago|reply
[+] [-] voltagex_|11 years ago|reply
[+] [-] codexon|11 years ago|reply
[+] [-] bbarn|11 years ago|reply
i.e., "spynetus.microsoft.akadns.net" could have some clearly Glasswire edited note that said something like "Used by Windows Defender". You could even add a +1232 Safe/-12 Unsafe that linked to a crowdsourced/forum sourced "what's this" registry. Sort of like reviews on processes or hosts.
[+] [-] ofir_geller|11 years ago|reply
it would be nice to have more info about how you monitor the connection and prevent any Trojans from going around the monitor point.
[+] [-] SoreGums|11 years ago|reply
Surprising really it has taken so long to get an app like this on Windows. I've been using My Data Manager[1] on Android for a the previous 2-3yrs.
The closest I've gotten on Windows up to this date is CFosSpeed[2] in traffic shapping = off mode + process explorer. There have been other apps that attempted to present the data, however none have done it like GlassWire.
Looking forward to the paid version, this is awesome :)
Got a few rendering issues on Windows 8.1[3]
Hopefully these issues get sorted out, quickly.
[1] https://play.google.com/store/apps/details?id=com.mobidia.an...
[2] http://www.cfos.de/en/cfosspeed/cfosspeed.htm
[3] http://i.imgur.com/0jOFvos.png
[+] [-] agildehaus|11 years ago|reply
Some items: 1) It'd be nice to be able to scroll around directly on the graph using mouse gestures (middle-click drag?). 2) Graphing of bandwidth seems to be off somehow. If I do a speedtest.net, my ~104Mbps transfer shows up on the graph as 38 Mbps and the graph scale shows a max of 20 Mbps. http://imgur.com/QkZMVvj
[+] [-] greenwalls|11 years ago|reply
[+] [-] acasetta|11 years ago|reply
[+] [-] greenwalls|11 years ago|reply
[+] [-] eps|11 years ago|reply
> GlassWire keeps an up to date list of known suspicious hosts and alerts you if you contact one. Suspicious hosts are often related to botnets, malware, and other malicious behavior
How is this implemented exactly? Does the app phone home? Does it do some sort of RBL check (if so, against which servers)?
Thanks
[+] [-] greenwalls|11 years ago|reply
[+] [-] cheeyoonlee|11 years ago|reply
[+] [-] shitlord|11 years ago|reply
Is there any way to opt-in to share network stats? I, personally, would not mind and I think it would lead to a stronger product.
Here is a small suggestion. I actually didn't know I could close the tray notifications. When I looked closer at the notification, I saw the X in the top right corner. The X looks just like the background; maybe you should make it a little darker or somehow add more contrast.
Also, I think I may have discovered a bug. GlassWire thinks that Microsoft Word has transferred 253.7 MB, when it was actually Microsoft Silverlight (I was watching Netflix and had MS word open for a while). http://i.imgur.com/84qFF42.png
[+] [-] walterbell|11 years ago|reply
Can it import existing whitelists or blacklists?
If there are competing products (paid or free), a comparison would be helpful.
[+] [-] greenwalls|11 years ago|reply
[+] [-] fabulist|11 years ago|reply
The only time I've been aware of getting hacked, my friend handed me his computer and said, "You're a nerd, find me a live pirate stream of the Big Game. Quick, people are coming over!" Friend may be too strong a word, but I gave it a shot even though I thought it hopeless. I went to some sketchy pirate sites, and I clicked on a link. A popup launched, and immediately there was an error; "Shockwave has crashed."
"Do you install updates?"
"No, why?"
Another time, my brother was lamenting that he couldn't take pictures with his phone because his SD card broke. I never used mine, so I pulled it out and handed it to him. A few days later I had to get some information immediately and the only device available was my phone. I was on a website and an error popped up; it was to the effect of "Can't download someapp.apk because you don't have an SD card."
Close call.
Edited to add:
https://incidents.org has good reads.
[+] [-] krrrh|11 years ago|reply
That's what I get in iOS. Teachable moment?