In another thread I raised this question due to a paragraph in the judge statement from the Zango vs PC Tools case:

Moreover, though Spyware Doctor also apparently blocks “Cyberhawk” applications that
Defendant recently purchased from a third party, the exact nature of this software has not been
substantially briefed by either party and thus the amount of injury is speculative at this time.

Interesting and out of curiosity I put a question for a comment by PC Tools, with no reply (so far).

I have tried to figure out why would SD block Cyberhawk? Cyberhawk's way of operation is rather unik. No database needed, it operates by 'mathematics' and internal cumputer bahavior.:

Proactive Defense against Both Known and Unknown Threats
Traditional antivirus software offers strictly reactive protection. It can only protect you from a new threat after the threat has been discovered and new signatures to protect against it are developed, tested, and then released for download. Cyberhawk does not rely on signatures to protect you; instead, it uses intelligent behavioral analysis to proactively hunt down and paralyze any activity or behavior that might compromise the security of a PC. Cyberhawk keeps you safe between antivirus updates so you are always protected, no matter how new the threat.

This look perfect, a programme that does not need any up-dates of databases - install and it should 'run forever'.

However there is allways something going on that is not obvious at the front page. Infections need to be cleaned, and for that the signatures must be known. No programme 'runs forever', there will allways be something that needs to be modified. So one still needs a signaturebase somewhere to get it cleaned out and stil uppdates.

Here comes what might be the questionable item. Far down in the 'user manual' (I wish SD had something similar) You might find it:

General Options
The items in the General Options tab are:
Cyberhawk Protection:
• Ensures that Cyberhawk can actively monitor your computer for signs of
suspicious behavior and potential attacks.
Check for Updates:
• Automatically checks for program updates available for download on the
Novatix servers.
Community Protection:
• Automatically reports to Novatix information about the event when a suspect
rule is triggered by Cyberhawk. Participating in the Secure Community is winwin:
you help identify new threats and provide better protection to all other
Cyberhawk users, and in turn, other members do the same for you. If
Community Protection is ever set to Off, the Check for Updates option is
automatically set to Off as well and cannot be turned back on until Community
Protection is turned back on.

In the 'win-win' comunity protection system.
You seems not to be able to up-date without it enabled - and with it enabled it:

Reports any reaction made by Cyberhawk on Your computer to Novatrix/PC Tools.

Is it possible to get closer to a 'leagal' key-logger or trojan on Your computer?

You install security programms to keep Your activity safe on the net, keep Your personals a secret and perhaps anonymus depending on Your activity - and one of theese programs automatically 'reports' You to the Novatrix server whenever You hit a 'red' cookie or other places that might not be in the 'green' sector. They do not block You like site guard, they ask what You want to do - and even that seems to be reported. I may not even help hiding behind a proxy or firewall -the info is sent by Your concent from Your id-ed computer- by downloading and enabling which makes it 'leagal'. You do not get a log of what info have been sent, You have no option of stopping it to be sent unless You turn it 'off' and then even loose the up-dates! You have to 'trust' the 'privacy statement' of how this info is treated.(See bottom of homepage).

A summary of what is happening around the world You get in the GUI. Looks impressive - to me scarey when thinking about all the private info collected by one company - that all of a sudden is bougt by another company - and then all of a sudden perhaps sold to a 'Nigerian' company with morals well known!

I would not mind sharing info about threats - but I would most certainly not give a 'carte blanche' to a programme like Cybehawk to send it off quietly!

That is why I have programms like SD installed - to protect my privacy and security!

Perhaps I'm all totally wrong and paranoid. Perhaps I'm taking it all to far. But as long as PC Tools refuse to answer - I might only speculate and do my own conclusions. The best would of course be if I was all wrong!

In another thread I raised this question due to a paragraph in the judge statement from the Zango vs PC Tools case:

Moreover, though Spyware Doctor also apparently blocks “Cyberhawk” applications that
Defendant recently purchased from a third party, the exact nature of this software has not been
substantially briefed by either party and thus the amount of injury is speculative at this time.

Interesting and out of curiosity I put a question for a comment by PC Tools, with no reply (so far).

I have tried to figure out why would SD block Cyberhawk? Cyberhawk's way of operation is rather unik. No database needed, it operates by 'mathematics' and internal cumputer bahavior.:

Proactive Defense against Both Known and Unknown Threats
Traditional antivirus software offers strictly reactive protection. It can only protect you from a new threat after the threat has been discovered and new signatures to protect against it are developed, tested, and then released for download. Cyberhawk does not rely on signatures to protect you; instead, it uses intelligent behavioral analysis to proactively hunt down and paralyze any activity or behavior that might compromise the security of a PC. Cyberhawk keeps you safe between antivirus updates so you are always protected, no matter how new the threat.

This look perfect, a programme that does not need any up-dates of databases - install and it should 'run forever'.

However there is allways something going on that is not obvious at the front page. Infections need to be cleaned, and for that the signatures must be known. No programme 'runs forever', there will allways be something that needs to be modified. So one still needs a signaturebase somewhere to get it cleaned out and stil uppdates.

Here comes what might be the questionable item. Far down in the 'user manual' (I wish SD had something similar) You might find it:

General Options
The items in the General Options tab are:
Cyberhawk Protection:
• Ensures that Cyberhawk can actively monitor your computer for signs of
suspicious behavior and potential attacks.
Check for Updates:
• Automatically checks for program updates available for download on the
Novatix servers.
Community Protection:
• Automatically reports to Novatix information about the event when a suspect
rule is triggered by Cyberhawk. Participating in the Secure Community is winwin:
you help identify new threats and provide better protection to all other
Cyberhawk users, and in turn, other members do the same for you. If
Community Protection is ever set to Off, the Check for Updates option is
automatically set to Off as well and cannot be turned back on until Community
Protection is turned back on.

In the 'win-win' comunity protection system.
You seems not to be able to up-date without it enabled - and with it enabled it:

Reports any reaction made by Cyberhawk on Your computer to Novatrix/PC Tools.

Is it possible to get closer to a 'leagal' key-logger or trojan on Your computer?

You install security programms to keep Your activity safe on the net, keep Your personals a secret and perhaps anonymus depending on Your activity - and one of theese programs automatically 'reports' You to the Novatrix server whenever You hit a 'red' cookie or other places that might not be in the 'green' sector. They do not block You like site guard, they ask what You want to do - and even that seems to be reported. I may not even help hiding behind a proxy or firewall -the info is sent by Your concent from Your id-ed computer- by downloading and enabling which makes it 'leagal'. You do not get a log of what info have been sent, You have no option of stopping it to be sent unless You turn it 'off' and then even loose the up-dates! You have to 'trust' the 'privacy statement' of how this info is treated.(See bottom of homepage).

A summary of what is happening around the world You get in the GUI. Looks impressive - to me scarey when thinking about all the private info collected by one company - that all of a sudden is bougt by another company - and then all of a sudden perhaps sold to a 'Nigerian' company with morals well known!

I would not mind sharing info about threats - but I would most certainly not give a 'carte blanche' to a programme like Cybehawk to send it off quietly!

That is why I have programms like SD installed - to protect my privacy and security!

Perhaps I'm all totally wrong and paranoid. Perhaps I'm taking it all to far. But as long as PC Tools refuse to answer - I might only speculate and do my own conclusions. The best would of course be if I was all wrong!windows does the same thing, so does windows defender even spyware doctor has SD network, google and google toolbar track almost every page you visit (if you have noscript you will see the name googleanalitics on almost every page you visit). +the police/govenment can track everything because apparently they don't need search warrent if the data isn't all stored within your own house

that's what i hate about GULA's, do they really expect people to read a 10 legal document just because they put very important at the top

so in the end unless you want to spend your life under endless layers of SOCKS proxies with multiple aliases and doing everything by remote connections to annonimous linux servers you just have to accept that all big companys want your details for the mistirious perpose that is 'market research' and there is little you can do to stop them

if you want to go down the iron firewall rout i recommend enigma, tor, euralizer, privacy guardian, firefox with noscript and scroogle

Microsoft (windows) does it to a certain extend when You are on auto-update, turn it off and the system still has full functionality - they do not pull out Your 'surf' log. Google's begavior is well known and highly critisized, but still You go there.They only store what is in the package sent from Your computer to every page You visit, they do not have access to internal info. For those security programs with 'comunity network' You may turn it off, but still have the full functionality. Cyberhawk blocks/disables updates or send a 'full' surf log of 'what is in my house'. Most probably the biggest 'spy' is Your ISP provider logging everything that comes and goes.

But the original 'question' was what in Cyberhawk could be the reason for the comment of being blocked by SD: I find nothing else than the 'comunity' report system.

Cyberhawk is working active inside Your system sending out info similar to a key-logger/Trojan. ISP, Google etc are collecting the info YOU send out.

And still they question put forward to PC Tools have not been answered: Why did SD block Cyberhawk?

Without the answer I/we may only speculate, that is what I do.

Hi Reodor and tom, don't want to take up space by requoting lengthy posts.

Many security programs do operate this way, by joining their 'community' so to speak, especially ones that use heuristic and behavioural pattern
techniques, (like HIPS programs), to protect against unknown and zero day threats. Windows Defender, ZoneAlarm, LinkScannerPro, are only a few to name that I have used that give you the option to join the 'community' in the name of helping protect todays PC's.

This is usually optional to a user, personally I always uncheck the box which offers this service, (call me selfish for not wanting to contribute to the 'community' :p ).

Even if a program, like a HIPS program, is not working with a defined signature database, against known threats, it will still require updates for the 'rules', so to speak, that it uses to identify potentially unwanted and dangerous behaviour on a PC.

I think the main point that Reodor is making in the post is that Cyberhawk is 'blackmailing' the user into joining and sharing information with their 'community' by not allowing updates to the program if they don't.

From Reodors original post:

If Community Protection is ever set to Off, the Check for Updates option is
automatically set to Off as well and cannot be turned back on until Community
Protection is turned back on.

This to me is wrong. Updates for the program shouldn't be a trade off for not wanting to join the 'community'.

This may not even be the reason why SD once blocked Cyberhawk, only PCTools can provide the answer to that and give user's who have concerns over it a bit of 'peace of mind'. It is a bit ironic to me though that PCTools took over a product that it once blocked perhaps there are plans in the pipeline to make changes to the way Cyberhawk operates in the future.

And this quote from the judge statement of Zango V's PCTools, fascinating stuff for the curious minds out there.

Moreover, though Spyware Doctor also apparently blocks “Cyberhawk” applications that
Defendant recently purchased from a third party, the exact nature of this software has not been
substantially briefed by either party and thus the amount of injury is speculative at this time.

Microsoft (windows) does it to a certain extend when You are on auto-update, turn it off and the system still has full functionality - they do not pull out Your 'surf' log. Google's begavior is well known and highly critisized, but still You go there.They only store what is in the package sent from Your computer to every page You visit, they do not have access to internal info. For those security programs with 'comunity network' You may turn it off, but still have the full functionality. Cyberhawk blocks/disables updates or send a 'full' surf log of 'what is in my house'. Most probably the biggest 'spy' is Your ISP provider logging everything that comes and goes.

But the original 'question' was what in Cyberhawk could be the reason for the comment of being blocked by SD: I find nothing else than the 'comunity' report system.

Cyberhawk is working active inside Your system sending out info similar to a key-logger/Trojan. ISP, Google etc are collecting the info YOU send out.

And still they question put forward to PC Tools have not been answered: Why did SD block Cyberhawk?

Without the answer I/we may only speculate, that is what I do.

Sorry I didn't see that post go up, I was in the 'background' at the time. I think I just more or less was saying the same thing that you have just posted
here. :o

Microsoft (windows) does it to a certain extend when You are on auto-update, turn it off and the system still has full functionality - they do not pull out Your 'surf' log. Google's begavior is well known and highly critisized, but still You go there.They only store what is in the package sent from Your computer to every page You visit, they do not have access to internal info. For those security programs with 'comunity network' You may turn it off, but still have the full functionality. Cyberhawk blocks/disables updates or send a 'full' surf log of 'what is in my house'. Most probably the biggest 'spy' is Your ISP provider logging everything that comes and goes.

But the original 'question' was what in Cyberhawk could be the reason for the comment of being blocked by SD: I find nothing else than the 'comunity' report system.

Cyberhawk is working active inside Your system sending out info similar to a key-logger/Trojan. ISP, Google etc are collecting the info YOU send out.

And still they question put forward to PC Tools have not been answered: Why did SD block Cyberhawk?

Without the answer I/we may only speculate, that is what I do.

There appears to be an error in the court document regarding SD blocking Cyberhawk. There are no issues with SD blocking Cyberhawk. If you come across any issues with the 2 applications, please send more info and we'll investigate this further.

There appears to be an error in the court document regarding SD blocking Cyberhawk. There are no issues with SD blocking Cyberhawk. If you come across any issues with the 2 applications, please send more info and we'll investigate this further.

Thank You for that information.
However I still find the tie between update and comunity participation a bit 'odd'.

How did the comment get into the 'document'? Was there before an issue like stated? (Appart from compatibility or other technical reason)

Hi everyone--

Just to clarify, it is only in the free version of Cyberhawk, Cyberhawk Basic, that Community Participation is tied to Automatic Updates. However, you can always still access program updates at any time by manually clicking on the Check for Updates link in Options.

In Cyberhawk Pro (the paid version), you can turn off Community Participation and still receive Automatic Updates. If Community Participation is a particular concern, then you may wish to consider purchasing the Pro version.

It is definitely true that those users who are participating in the Cyberhawk Community do help us out more by providing valuable feedback on new threats. This feedback in turn helps us make Cyberhawk a better program for all other users, Community participants or not.

Since we're providing incredibly powerful protection for free with Cyberhawk Basic, we do give those users who help us in return by partipating in the Community a slight edge by giving them access to automatic updates. But again, you can certainly check for updates manually at any time OR you can elect to purchase the Pro version to have automatic updates without Community Participation. We did try to ensure that all users have access to updates in one way or another, while also ensuring that we receive the valuable feedback that helps keep Cyberhawk ahead of other products.

Hope this helps.

DBurow:
Thanks for the info.
I would like to have the programme 'behaving' more like when Windows encounter a problem: You have the opportunity to send and see what is sent!
Haveing a programme that without further 'notice' sends off info which the user have no idea of what it contains is normally what we try to avoid.
Why not store it in a 'log' during the browsing session and when session is finished a notice might occur: Do You want to send report to Cyberhawk or not! 'Click here to see what will be sent sent'. This might even reduce some of the reported slow-downs created by Cyberhawk accessing the net when perhaps connection is a bit slow.

Thanks, Reodor!

We're always looking for ways to improve the program, especially in regards to any potential performance issues, so we'll definitely take your suggestion into consideration.