
Show HN: I got hacked, felt paranoid, made an app – GlassWire - greenwalls
https://www.glasswire.com/
======
gregbarbosa
Wow. I hate how so many Windows applications are considerably uglier compared
to Mac counterparts. The Windows apps don't seem to push forward Windows
design but rather get stuck in the Windows XP design days. This is beautifully
designed and clear.

The graph visualization is prime, and I love that the peaks are "rounded" out
instead of sharp declines (sharp declines would make it look more like a live
stock ticker).

Extremely well done, and exactly something I have been looking for. I will
keep an eye out for the Mac version.

~~~
cledet
GitHub for Windows is another beautifully designed Windows app. They even
published a blog post about it:

[https://github.com/blog/1151-designing-github-for-
windows](https://github.com/blog/1151-designing-github-for-windows)

~~~
gcb0
that app has less features than a rock.

~~~
rjbwork
While true, it does what i need to do, sync my branches with my github for
doing PRs.

~~~
Brajeshwar
I use Github for Mac, just for that feature - selectively write 'meaningful'
comments while pushing files.

------
Sir_Cmpwn
All software related to security should be open source. This particular piece
of software doesn't sit at a crucial point in a secure system, but a greater
deal of transparency would be appreciated. I personally avoid using closed-
source tools for security purposes, and especially closed-source tools that
are hoping to monetize. I use Linux, though, so I guess it doesn't really
matter to me in this case :)

I would also say that calling home is a huge no-no for this software. I would
seriously consider revisiting that choice if I were you.

~~~
huhtenberg
> _All software related to security should be open source._

That's a very common and dangerous misbelief.

Security products should come from a _trustworthy source_. Open source doesn't
imply trustworthiness. If I were to screw you, I can very well do it with an
open source product and pre-compiled binaries. Some people will rebuild from
source, but a vast majority will use binaries provided _assuming_ that since
I'm all "open source" then I must be trustworthy. Hell of an assumption to
make if I am not.

~~~
arihant
It's not just about screwing intentionally. Open source also helps with
getting more eyes on the code. You need to be able to catch vulnerabilities
before the bad guys or no amount of good reputation would survive. That is the
primary reason for security software to be open source - reducing security by
obfuscation and easy vulnerability check.

That said, all software is written and audited by a group of individuals.
Ultimately it all comes down to trusting them. Even audits on open source
software is done by a few individuals, so when using any open source security
software, you are only really trusting them. Any sense of security more than
that is a smokescreen. In that regard, I agree with you. Open source does not
help with reducing risk of bad intention. That is a myth.

~~~
PinguTS
That argument is often repeated and also that often falsified, that Open
Source is better because there are more people who have an eye on it.

I just want to mention: — The famous Debian-Bug, which lead to easily
guessable "random" numbers. Nobody reviewed that code change for years. — SSL
Heartbleed. Nobody reviewed the code change by that guy. Not even the
maintainer reviewed it.

So the problem with Open Source is, as I see it, that everybody - from those
who are experienced - thinks, that someone else has done the review. Which
leads to the situation, that at the end of the day nobody does a review.

~~~
arihant
So if it wasn't open source, how would you go about discovering Heartbleed? It
was discovered independently by multiple people beacause it was open source -
so contrary to your naive assumption, people are looking at these things.

Here is a story how it happened and how it was patched -
[http://en.wikipedia.org/wiki/Heartbleed#Discovery](http://en.wikipedia.org/wiki/Heartbleed#Discovery)

Are you really arguing that discovering and fixing Heartbleed would be simpler
and faster in a closed source form?

~~~
bsamuels
heartbleed wasn't discovered by browsing the source code, it was found using a
fuzzer. it wouldnt have mattered if it was open or closed source.

------
mbrownnyc
Hello all,

The company that made this is: SecureMix LLC (est. 04/15/2014); aka Free
Firewall Antivirus LLC (est. 10/17/2013); aka Blue Quail Capital, LLC (est.
06/21/2010). Here is the corporate registration:
[https://mycpa.cpa.state.tx.us/coa/servlet/cpa.app.coa.CoaGet...](https://mycpa.cpa.state.tx.us/coa/servlet/cpa.app.coa.CoaGetTp?Pg=tpid&Search_Nm=SecureMix%20&Button=search&Search_ID=32042084726).
The person opted to use a CPA (EDWARD H. GOWETT) to register their LLC (looks
like a nice guy:
[https://www.linkedin.com/profile/view?id=34375436](https://www.linkedin.com/profile/view?id=34375436)).
And finally, the man, the myth the legend: ANTON BONDAR.

~~~
Kiro
What's up with the doxxing? Has GlassWire done anything wrong?

~~~
unknownBits
It is a made up title from a big $$$ company to promote their new app, that's
what's wrong in the first place. How can you trust a company that uses a title
like this to ultimately get you sign their licence and fetch your private data
to make money out of it? This leads to being hacked with your own consent and
that's why it is wrong and misleading. Try install the app and read the
license to see what they want from you and it all becomes clear...

~~~
greenwalls
There is no big company here and we don't even have an office. I currently
have no ownership in any other businesses or products. Your graph data is
never sent to our servers. We plan to make money via a paid software version
with more features, for example the ability to monitor multiple remote
servers. I agree that it wouldn't make sense to have a product like ours that
collects user data.

------
highercenter
I got hacked, felt paranoid, made an app... Yeah right!

This app is not a one man show! This app, with all it's license stuff,
backdoors etc.. all ready to know a lot of all your network traffic going in
and out, and you agree upon all this when you install it. Now YOU got hacked!
Or do you think the app will also show in detail what data they store and
share on their servers and third parties and more?

767 point and counting on HN, amazing...

Good luck!

~~~
diminish
I feel paranoid, too:

Surprise HN; I'm trying to grasp why this is upvoted so high (1) This
submission has a reddit style storified title but doesn't link to the story
(2) Uses the word "app" , to catch the mobile crowd, which for Windows wasn't
used traditionally (That also explain the top comment, which is about
aesthetics) (3) seems to suggest the problem is solved the first time, despite
the fact that there are dozens of similar apps, commercial, free or open
source.

~~~
Kudos
It is the best looking and best presented Windows app I can remember seeing.
Can you show me a single app with similar functionality that is presented as
well as this?

~~~
Nilzor
Why is that relevant? _diminish_ points out misleading marketing in the HN
post title. It aggrevates me as well, even though the presentation on their
web site is nice and all that.

_edit_: I can see that your post is relevant with regards to (3) - "problem
solved for the first time". They may have some features that no others have,
such as alerts. There are many _similar_ apps though. One example: Netlimiter
[http://www.netlimiter.com/](http://www.netlimiter.com/)

~~~
Kudos
You're ignoring the aesthetics of the app and the marketing. It stands apart
because of it.

To give you an anecdotal idea of how compelling that can be, I booted my
gaming Windows machine just to take a closer look at it.

------
superpano
Can anyone explain why the Qt DLLs are offset in size? I compared them to Qt
5.3 and even replaced them and app works fine with original Digia compiled
versions. Maybe it is the digital signature? I just recall a trojan people
used before by re-compiling the Qt Libraries with malicious intent.

------
cyanbane
Beautiful app, I looked at the Privacy Policy on the site & breezed through
the Install legalize and it doesn't seem to include specific network traffic
information being relayed back to remote servers in anyway (I easily could
have missed this), can you confirm that you guys are not collecting network
usage statistics from the app?

~~~
greenwalls
We absolutely can't see your network data and we don't want to see it.
GlassWire checks for software updates and that network activity appears on the
GlassWire graph. If you block GlassWire via its own firewall then you won't
know about future updates.

~~~
cyanbane
Thanks for the quick answer. I would pay for this in a heartbeat, great
experience. Good luck to you guys.

------
TeMPOraL
Holy hell, this was the app I was looking for for a long time! It does exactly
what I want it to do and does it beautifully. Thank you! I'll be happy to pay
you when you provide that option.

By the way, I'm surprised this isn't a default feature of OS'es. I always
thought knowing exactly what apps are talking to the world and how much is
something one would like to know about.

~~~
greenwalls
Thanks! I also felt like I couldn't easily see what was happening in the
background and it made me feel nervous.

~~~
TeMPOraL
I developed the need to know what's talking to the world when I used a mobile
Internet connection with a limited plan (16GB/month) (long story). In such
situation, one wants to account for every single megabyte being used.

------
Swannie
Holy crap, this got popular fast.

This will probably stop some drive-by hacking - great. But my understanding
from some well informed people, is that increasingly rootkits can hide their
network traffic.

So, whilst this will add piece of mind, you'll still need to maintain security
- because all this will really do is let you know you've been "hacked" again.
Sure, it may prevent the dropper from connecting out - but often that would
look like Flash or Java just connecting out to a random host.

As someone who got hacked, and installed NoScript, I'm amazed at the number of
hosts that even mainstream websites connect out to. I struggle to stay on top
of my whitelists. I just don't think you're going to see the dropper in time
and stop it.

~~~
greenwalls
Thanks for the feedback. Yes you're right about rootkits and there are other
ways to bypass the network that GlassWire can't see.

------
purpl3p3rs0n
This is immensely helpful (and beautiful). I really like how you can monitor
remote boxes. Customization of alerts is great too!

Any chance you will support hi-res screens (see
[http://imgur.com/ztN8cL3](http://imgur.com/ztN8cL3))?

~~~
greenwalls
Wow, that looks awful. What kind of screen are you using? I don't have one.
Any details would be appreciated so we can fix this.

~~~
purpl3p3rs0n
Running Windows 8.1 on Macbook Pro Retina (via bootcamp). I found this on
MSDN...not sure if it's applicable: [http://msdn.microsoft.com/en-
us/library/windows/desktop/dn46...](http://msdn.microsoft.com/en-
us/library/windows/desktop/dn469266\(v=vs.85\).aspx)

~~~
greenwalls
Thanks! We will try to recreate this.

------
maouida
Bug report: After few hours of installing the app. I got a blue screen
KERNEL_SECURITY_CHECK_FAILUR which repeated 3 times. I removed the app from
the start up list and disabled the windows service. now everything is back to
normal. System: Win 8.1

~~~
greenwalls
I haven't seen this yet. If you have time to post a report to our contact page
we'd really appreciate it
[https://www.glasswire.com/contact/](https://www.glasswire.com/contact/)

~~~
rplnt
I don't see it anywhere on your site, but have you passed (or at least tried)
Windows Logo test? That coupled with driver certification kit can show some
warnings. It's costly to get signed driver and certified product, but you can
just run the tests for free and see if everything is OK.

------
bbarn
I know some have mentioned white/black lists, but in addition to known
malicious stuff, one feature that might be really helpful is a known list of
what connections are used for, or processes/executables.

i.e., "spynetus.microsoft.akadns.net" could have some clearly Glasswire edited
note that said something like "Used by Windows Defender". You could even add a
+1232 Safe/-12 Unsafe that linked to a crowdsourced/forum sourced "what's
this" registry. Sort of like reviews on processes or hosts.

~~~
kijin
This is brilliant! Windows users are seriously in need of an authoritative
source for information like that. Especially since the URL you mentioned looks
just like a phishing site that pretends to be Microsoft and distributes
spyware.

Search for any common Windows service or .dll filename, and you'll get dozens
of forum threads where people who have no idea what they're talking about try
to figure out whether it's a normal part of the OS or the worst virus ever.
These are the same people who open Task Manager every day and blindly kill
everything that they don't recognize. (Doing so does tend to make Windows run
faster, which reinforces the impression that svchost.exe was indeed a virus.)

------
ofir_geller
Please send my compliments to the designer of both your app and website. both
designs are clean, beautiful and work with the UI. bravo.

it would be nice to have more info about how you monitor the connection and
prevent any Trojans from going around the monitor point.

~~~
greenwalls
I will let them know, thank you! GlassWire is kind of like "Little Snitch" in
the way that it shows you everything and lets you make your own decision on
what you want to do, but we also add in some extra protections like malicious
host alerts, ARP spoofing detection, DNS server changes, Host changes, and we
let you know about changes to your applications that are accessing the
network. For example if Chrome's certificate is changed or it's updated you
should be alerted. Unfortunately nothing can stop trojans/viruses but we hope
GlassWire helps some.

~~~
scoot
Beautiful indeed! Only tiny stray semi-colon: "Our Windows network security
monitor also looks for; domains or IP addresses..." I wouldn't mention it but
for that fact that attention to detail is clearly important to you judging by
the design of both the site and the app!

~~~
greenwalls
Thanks, I'll fix it.

------
SoreGums
This is great.

Surprising really it has taken so long to get an app like this on Windows.
I've been using My Data Manager[1] on Android for a the previous 2-3yrs.

The closest I've gotten on Windows up to this date is CFosSpeed[2] in traffic
shapping = off mode + process explorer. There have been other apps that
attempted to present the data, however none have done it like GlassWire.

Looking forward to the paid version, this is awesome :)

Got a few rendering issues on Windows 8.1[3]

Hopefully these issues get sorted out, quickly.

[1]
[https://play.google.com/store/apps/details?id=com.mobidia.an...](https://play.google.com/store/apps/details?id=com.mobidia.android.mdm)

[2]
[http://www.cfos.de/en/cfosspeed/cfosspeed.htm](http://www.cfos.de/en/cfosspeed/cfosspeed.htm)

[3] [http://i.imgur.com/0jOFvos.png](http://i.imgur.com/0jOFvos.png)

------
agildehaus
Beautiful. I can easily see using this regularly on my Windows machines.

Some items: 1) It'd be nice to be able to scroll around directly on the graph
using mouse gestures (middle-click drag?). 2) Graphing of bandwidth seems to
be off somehow. If I do a speedtest.net, my ~104Mbps transfer shows up on the
graph as 38 Mbps and the graph scale shows a max of 20 Mbps.
[http://imgur.com/QkZMVvj](http://imgur.com/QkZMVvj)

~~~
greenwalls
I use Speedtest quite a bit and I think they estimate your speed via a system
that doesn't require you actually hit their transfer rate. I could be wrong
though... we'll look closer and see what's going on there. I agree dragging
right/left on the graph would be cool. Thanks for the complements and
feedback!

~~~
SoreGums
Be great if there could be the data rates / current speed on the graph >
traffic view. That's one thing I am missing - takes too long to figure out
which app is doing something.

[https://www.dropbox.com/s/qdzovwg9eif5ebp/glasswire_datarate...](https://www.dropbox.com/s/qdzovwg9eif5ebp/glasswire_datarate.png?dl=0)

------
acasetta
I actually just signed on to HN to comment on this news. Great job, first of
all for a good solution to a real problem. Next, great design: finally an
application that does not pale in comparison to its Mac counterparts.

~~~
greenwalls
Thanks for the kind words!

------
eps
From FAQ page:

> GlassWire keeps an up to date list of known suspicious hosts and alerts you
> if you contact one. Suspicious hosts are often related to botnets, malware,
> and other malicious behavior

How is this implemented exactly? Does the app phone home? Does it do some sort
of RBL check (if so, against which servers)?

Thanks

~~~
greenwalls
GlassWire checks for software updates and also does an RBL check. You can see
it on the graph and block GlassWire if you want, but then you won't be alerted
to new versions and your malicious hosts will become outdated. We don't list
our malicious host list sources but I guess we could, I'll have to think about
it more. We don't get the hosts from our users or access any user data at all.
Your graph data is private on your machine, unless you set up our remote
monitoring feature and that data also never goes through our servers at all.

~~~
eps
Sorry, I should've been more specific - does your app talk to your servers
when it's up for reasons other than checking for updates? If yes, is there a
way to switch it all off?

I'm sure you can understand why I'm asking. In fact, it'd be ideal if the
update checks would have the "remind" option like Bvckup2 has it -
[https://bvckup2.com/img/r8/screenshot-4-preferences.png](https://bvckup2.com/img/r8/screenshot-4-preferences.png)

------
cheeyoonlee
Clearly one of the most beautiful app on Windows. Just installed on my
desktop, looking forward to the mac version ;)

------
shitlord
Really great work! I installed it yesterday and I have to say that I like it.
It's different from most AV/security products in that it is very low-profile
-- probably because it is intended for a more technically-inclined audience.
It doesn't bother you when you try to do stuff, it doesn't really spam
notifications, and it doesn't nag you to buy useless shit.

Is there any way to opt-in to share network stats? I, personally, would not
mind and I think it would lead to a stronger product.

Here is a small suggestion. I actually didn't know I could close the tray
notifications. When I looked closer at the notification, I saw the X in the
top right corner. The X looks just like the background; maybe you should make
it a little darker or somehow add more contrast.

Also, I think I may have discovered a bug. GlassWire thinks that Microsoft
Word has transferred 253.7 MB, when it was actually Microsoft Silverlight (I
was watching Netflix and had MS word open for a while).
[http://i.imgur.com/84qFF42.png](http://i.imgur.com/84qFF42.png)

------
walterbell
Nice graphs. On the site, why did you choose to promote the monitoring
features over the outbound firewall features?

Can it import existing whitelists or blacklists?

If there are competing products (paid or free), a comparison would be helpful.

~~~
greenwalls
Our firewall uses the Windows firewall system so it doesn't add instability to
your computer. I was afraid it would sound kind of lame to talk about the
awesome firewall when it's more of a firewall manager. I think the monitoring
feature is the most useful thing because you can go back in time and see your
network activity for up to 30 days, or of course clear your history if you
want. For Mac there is Little Snitch but for Windows I haven't seen anything
that has a "network time machine" like we have and also gives notifications
like we do. The way GlassWire organizes the data is kind of unique. I made
this application for myself due to my own paranoia.

~~~
classicsnoot
Your motivation and follow through is equivalent to your product's quality. I
hope this is a trend that grows. Thanks for the work.

------
fabulist
Would you or others care to share the story of how they got hacked?

The only time I've been aware of getting hacked, my friend handed me his
computer and said, "You're a nerd, find me a live pirate stream of the Big
Game. Quick, people are coming over!" Friend may be too strong a word, but I
gave it a shot even though I thought it hopeless. I went to some sketchy
pirate sites, and I clicked on a link. A popup launched, and immediately there
was an error; "Shockwave has crashed."

"Do you install updates?"

"No, why?"

Another time, my brother was lamenting that he couldn't take pictures with his
phone because his SD card broke. I never used mine, so I pulled it out and
handed it to him. A few days later I had to get some information immediately
and the only device available was my phone. I was on a website and an error
popped up; it was to the effect of "Can't download someapp.apk because you
don't have an SD card."

Close call.

Edited to add:

[https://incidents.org](https://incidents.org) has good reads.

~~~
krrrh
> Safari can not verify the identity of "incidents.org". Would you like to
> continue anyway?

That's what I get in iOS. Teachable moment?

~~~
thaumaturgy
It's using an isc.sans.org certificate. Connecting to
[https://isc.sans.org/](https://isc.sans.org/) gives the exact same site, with
no warnings.

------
nanexcool
I know saying just 'Wow, what a beautiful, useful app' doesn't really add much
to the discussion, but it's all I can muster.

Beautiful app. Amazingly designed. Insanely useful with zero configuration.
Would love to pay money for this, especially if you can bring this sort of
zero click usability to a LAN environment.

Congratulations!

------
ki11a11hippies
ITT: people care way more about the superficial qualities of security software
than, ya know, security.

This looks way easier and prettier than open sourced NIDS and HIDS like snort
and OSSEC, and I think that's why I'm supremely skeptical they hired enough
security people versus frontent people.

~~~
greenwalls
GlassWire isn't a replacement for an antivirus. I think the only way to see
all network activity is by tapping into the wire itself. I made GlassWire to
give myself an easy way to see what my computer was doing in the background
but I do understand there are always going to be ways to bypass it along with
any other application.

~~~
ki11a11hippies
I'm not sure you are clear on what distinguishes a host based intrusion
detection system, network based intrusion detection system, and antivirus. The
feature list you are advertising sounds like a NIDS and HIDS, well known
security software used in any secured network. I realize your software isn't
antivirus like Norton or ClamAV. I am suggesting you might not be familiar
with popular open source software that seems to accomplish your same feature
set that large companies often use.

~~~
fulafel
Intrusion detection systems are in a different business. They use stats or
fingerprints to flag bad traffic/behaviour, then log alerts. Glasswire is an
inspection tool to see what apps are doing net traffic wise on your computer.

------
stronglikedan
Beautiful! And just a future feature request for the paid version: Would it be
possible to limit the bandwidth allotted to an individual application? I know
it's a monitoring tool, and that would be more of an administration tool
feature, but I think it could fit in with the concept.

------
miles
Beautiful UI! Just curious: why not block connection attempts from new
programs automatically? By the time a user has noticed and blocked future
connections, it may well be too late.

On a related note, I recently tested a number of firewalls for Windows using
Comodo's HIPS and Firewall Leak Test Suite[1]; the only one I found that
passed all tests with virtually no setup or changes was SpyShelter
Firewall[2]. Not an endorsement by any means, just an observation.

[1]
[http://personalfirewall.comodo.com/cltinfo.html](http://personalfirewall.comodo.com/cltinfo.html)
[2] [http://www.spyshelter.com/spyshelter-
firewall/](http://www.spyshelter.com/spyshelter-firewall/)

~~~
greenwalls
I use Little Snitch on my Mac. I found myself just "allow"ing everything all
the time anyway. I think most users just get used to pressing "OK" and stop
even paying attention to what they are agreeing to. I know I get lazy and do
that myself. Instead I wanted to briefly alert the user and let them make
their own decision, then we also added in some malicious host monitoring and
other features to help. Users can use our "network time machine" feature to go
back and time and see exactly what happened in the past. I haven't seen
another product that does that.

~~~
snitchprivoxy
Have you tried using Little Snitch along with Privoxy?

I find the combination works very well. You get two ways to block things
(Little Snitch rules and Privoxy rules) and because Privoxy is so easy to
restart you can make "Deny" your default behavior since if the site doesn't
show properly, just restart privoxy and hit refresh.

Great looking app btw. Haven't had to work on a windows box in a long time but
if I do I'm definitely going to try this out.

------
DogeDogeDoge
You felt paranoid and made an app which a random binary from internets we
should download and run.

Feels like a trap.

------
wnevets
Looks pretty but I dont know how well this will help with detecting a
compromised system. Once a system has been compromised cant it lie about its
network usage?

~~~
greenwalls
Yes a system can lie about its network usage. I answered a similar question
below, check this link
[https://news.ycombinator.com/item?id=8223296](https://news.ycombinator.com/item?id=8223296)
GlassWire shouldn't be your only security tool.

------
morepyplease
Looks beautiful, What's it written in?

~~~
dom96
I would also like to know this, and also what GUI toolkit does it use (if
any)?

Edit: It seems it's using QT, impressive.

------
jelias
It's Little Snitch for Windows? Love it.

~~~
miles
Unlike Little Snitch, GlassWire does not block new connection attempts - see
the author's comment here:
[https://news.ycombinator.com/item?id=8223036](https://news.ycombinator.com/item?id=8223036)

~~~
snitchprivoxy
Darn. I hope that's just a default that can be configured otherwise this is
useless to me.

------
biot
I've wanted a replacement for CoreForce for quite some time:

[http://corelabs.coresecurity.com/index.php?module=Wiki&actio...](http://corelabs.coresecurity.com/index.php?module=Wiki&action=view&type=project&name=Core_Force)

It was a piece of security software modeled after OpenBSD's pf firewall which
let you define policies around network, file, and registry access for
applications. You were able to setup really fine-grained policies as well, for
example to only allow access to the C:\temp directory for list and read
access, but to deny delete access, and to ask the user to accept/reject if it
tries to open a file for writing.

So instead of monitoring access after the fact, CoreForce let you actively
grant permissions and would either silently deny or interactively prompt you
when an application went outside the resources you granted.

------
JimmaDaRustla
Wow. Presentation is everything. You nailed it.

Downloaded it just to see if those screenshots were real. Keeping it because
its awesome!

~~~
greenwalls
Thank you!

------
EGreg
How do I know this isn't a trojan? :P

~~~
greenwalls
Feel free to check it out in a virtual machine if you're worried, or upload to
VirusTotal.com.

~~~
schoen
How does VirusTotal.com know this isn't a trojan?

~~~
MichaelGG
I don't think that's even possible. The best you could do is analyze a program
and see if it does things that are "suspicious". Otherwise it's just going to
match known binaries/strings.

It'd take an amazingly complicated scanner to detect if GlassWire was, for
instance, capturing your DNS requests and sending them somewhere. Or allowing
updates to get loaded into its process space. I'd guess you'd need a nearly
general AI to determine if any program is malicious.

~~~
schoen
That was actually the point I was hoping to make, but it can be hard to convey
whether a question is meant seriously or not.

------
cmdrfred
I work in IT and I just installed this on one of our servers. This is just the
kind of thing I needed.

~~~
greenwalls
Thanks. Remote monitoring setup instructions are here
[https://www.glasswire.com/userguide/#Remote_Monitoring](https://www.glasswire.com/userguide/#Remote_Monitoring).

------
codexon
Not to be a downer, but I don't see how this is any better than a real
firewall like Comodo.

If you cannot block new connections, it is likely the valuable information on
your computer has been siphoned off, or glasswire bypassed before you noticed
it on those fancy but useless graphs.

~~~
wglb
It is also about unexpected outgoing connections. This is mostly what I use
little snitch for.

And yes, I check each one that pops up and don't put an approved one in
permanently unless I know what it is.

------
danielweber
Beautiful!

Could you make it so when the graph rescales, it just doesn't snap into place,
but gradually (say, animate over a half second) resizes?

 _EDIT_ : If I have GlassWire on my second monitor, and click "\+ 2 more" to
see what else is going on, the pop-up opens on my first monitor.

------
px1999
Impressive software. Simple (looking, and to use) and beautiful; but with
plenty of technical depth/value. I've been running it on my machine all day,
and plan to roll it out to others in my local network.

I'm definitely curious to see what the paid features will be...

~~~
greenwalls
Thanks! If you find any problems please contact us or post in our forum.

------
geoelectric
Shamelessly bikeshedding, since I can't use the app until you have an OS X
version, but would be nice if it could query my router via SNMP to get whole-
network usage.

That's what I currently do via NetUse, but this looks quite a bit better.

~~~
winslow
Sounds like that could be a good feature for the Pro version of his/her
software.

------
serve_yay
I don't have Windows so can't evaluate, but this looks quite nice. Good job!

------
service
Looks awesome. Little Snitch is one of the things I miss most from my Mac days
and this looks like it will feel that hole nicely.

e: After trying it, yep, this is excellent. And far too good to be free. I
almost feel guilty using it.

~~~
greenwalls
Thanks!

------
itisbiz
Great app! Serious question: why hasn't something like this become a standard
app if not OS feature? It is something I have always wanted. Want something
similar for Android phone too.

------
ejp
This is excellent - I was looking for similar functionality just recently in
the Windows networking system. I look forward to seeing what the paid features
are!

Here's my minor feature request (I'm sure you'll get a hundred or so today) -
how about a config setting to turn on an automatic virus scan of the
executable on first network activity? I imagine this would not be enabled by
default for performance reasons, but I'd like to run it this way for a few
days before reverting to default settings.

~~~
greenwalls
ejp, you can manually do a virus scan of an exe on first network activity.
Click the desktop alert then mouse over the file name and click "virus scan".
This uses your own antiviruse software, not ours. Therefore if your antivirus
is not up to date your scan won't be. We also thought about adding a
virustotal.com upload there. Maybe we will add this as an option that's turned
off by default. I worried that some users may complain about too much CPU
usage. Thanks for the feedback/compliment!

------
Siliticxx
I gotta ask, why not open source? i feel slightly paranoid - too.

------
The_Double
Does anyone else remember sygate?

That used to do almost exactly the same as glasswire is advertising, 10 years
ago. It died in 2005 when symantec acquired the company and killed the
product.

------
voltagex_
I wonder if the OP should set up UserVoice or similar for feature
requests/voting.

My wishes:

* A pay-once Pro version

* A plugin API so I can add my ISPs usage monitor

* Per-app bandwidth limiting (difficult on Windows I think)

~~~
greenwalls
Good idea! How could we plugin with your ISP exactly? Any ideas that would
work for a majority of people? We're still investigating that idea.

~~~
voltagex_
Doing this generically is a hard thing. I'd say pull apart
[http://netusage.iau5.com/](http://netusage.iau5.com/) and see how that works.
I feel like ISP usage APIs are mainly an Australian thing (and some of those
will work via screen scraping).

Supporting Telstra, TPG, Internode and iiNet would get you a large number of
Australians, but I have no idea how you'd do the same for Comcast or Time
Warner Cable.

Contact details are in my profile and I'm happy to be a guinea pig for this
kind of thing.

Edit: This looks pretty good, actually -
[http://netusage.iau5.com/ispjs.html](http://netusage.iau5.com/ispjs.html)

------
mback2k
Great application, please create one that can be run on Linux and Windows
machines as a service and monitoried using such a beautiful client software.

~~~
greenwalls
Check this out
[https://www.glasswire.com/userguide/#Remote_Monitoring](https://www.glasswire.com/userguide/#Remote_Monitoring).
We're considering Linux monitoring also.

~~~
mback2k
Thanks! I am looking forward to the Linux monitoring.

------
kingcan
This looks really nice. One thing I'd like is that it would show the current
download and upload speed when hovering over the tray icon.

~~~
greenwalls
We're working on something like that.

------
justkos
Another request from me for a Linux version!

\--- maybe related... I remember when switched to linux some years ago, the
software I really missed was ZoneAlarm and still haven't find a nice
alternative (for fast and easy control of the outbount(!)/inbound net trafic).
I liked that I could block and unblock the internet access of each application
from the systray icon. Any suggestions?

~~~
jmolinaso
try ufw
[https://help.ubuntu.com/community/UFW](https://help.ubuntu.com/community/UFW)
pretty straight forward

~~~
justkos
What I would like to have: 1\. a notification in real time: "Application
FooApp tries to access internet (ip, port, etc)" and options like "Allow Now |
Allow Today | Allow Always | Never Allow" (in the gui...) So I will get
informed that an application is starting to send data.. and I could block it.

I think it's much easier to set the filters and k control list for the
applications while you are using the pc rather than setting them up all at
once.

2\. "Internet & Bandwidth Usage Monitoring" similar to the Glasswire
screenshots. (Stats, Application List that access the internet, hosts, etc)
and feature to block with a click some of these (apps,ports,hosts) or all

do I ask a lot? :)

------
leemac
Looks beautiful. I love its simplicity as well. Can you give a quick breakdown
of what was used to develop this? Looks like Qt was used.

~~~
MrUnknown
It could very well be WPF using XAML

------
bobbles
Does anyone know how to remove the red notification numbers from the icon? I
hate these things drawing attention in my taskbar

~~~
greenwalls
I thought people would want to remove the desktop notifications, but not the
numbers on the icon. We may need to rethink the settings.

------
ToastyMallows
Site is getting hammered right now, but everything looks awesome. Are there
any settings for VPNs? Does it work with VPNs?

~~~
greenwalls
You can use your VPN with GlassWire and it works OK but we haven't tested in
detail. I used GlassWire with my own VPN and I didn't see any obvious problems
so far.

~~~
ToastyMallows
Awesome thanks, I'll have to check this out tonight! Just a feature that I'm
thinking of right now that would be nice is if it alerted you that your VPN
dropped or was disconnected.

~~~
mback2k
Yep, I second that feature request. My OpenVPN connection with redirect-
gateway enabled sometimes looses its route definitions and suddenly all my
traffic goes directly to the internet instead.

------
superasn
I wish there was something like this for my wifi router (or in the Tomato
Firmware) because that way if there is a malware in the phone, or my laptop I
can immediately know about it without installing this on each device.

Also I hope it has list of known malware hosts for which it should give a huge
red alert dialog if a connection is made to it.

~~~
greenwalls
I agree. I wonder what the best way would be for GlassWire to tap into the
majority of routers? If you have some ideas please let me know. We're still
investigating.

~~~
sathyabhat
I use Networx(
[http://www.softperfect.com/products/networx/manual/?lang=Eng...](http://www.softperfect.com/products/networx/manual/?lang=English))
, they have SNMP & UPnP for monitoring routers. No idea how they actually do
it, I'm afraid.

------
breadrab
Really good looking software. Very rare. But...

Isn't the best "trojan" horse that one, that comes as a security programm?

I'm always afraid, that software programs that aren't open-source steal
sensitive data from my computer and upload it to the web. I experienced, how
easy that is and no user ever knows, especially on MS Windows.

------
lechevalierd3on
Stunning landing page! You get the message instantly and it got me curious
enough to want to boot my windows box to try it out.

Great job.

~~~
greenwalls
Thank you! The team spent a lot of time on the graph and we wanted to show
that to the user before they downloaded.

------
elwell
This is really pretty, but I don't use anything in this vein except for Spybot
Search and Destroy. I wonder what other HNers are think about that: am I
asking for trouble? I haven't had any problems in years. I'm a Windows user,
and I run SS&D every month or so (I don't run the resident process).

~~~
danielweber
YMMV, but not downloading every fool thing that comes my way has been a very
reliable way to keep my Windows machines free from infection.

------
blub
This looks brilliant and is badly needed on Windows. However the fact that
it's free gives me pause, especially since we're talking about privacy
software that is not open source.

What usually happens with freeware like this is that it becomes adware or
dies. I think you have enough features to charge for it now.

~~~
greenwalls
Thank you! The bottom of our index page explains that we plan to make a paid
version with more features in the future. We're working on a list of paid
features. I don't think it would be appropriate for a privacy type application
to include adware so please don't worry about that.

~~~
higherpurpose
As long as you keep the _main_ functionality free - because more people need
to be using this sort of app, and I feel having to pay would be a pretty
significant obstacle.

------
luckysahaf
This is great app. However, I am facing an issue.

I am not able to connect to a remote server. I don't know why! This is what I
am doing: 1- Allowing server access in Server tab in Settings on one computer.
2- Trying to connect from another machine using the credentials.

I am not able to connect. Does anyone else face the same issue?

~~~
greenwalls
We plan to add more detailed instructions on the user guide this week. Sorry
for the problem.

------
g3orge
something like this for linux?

------
tokenizerrr
Looks very nice, though as with any security software it would be lots better
if it was open source.

------
geographomics
I haven't installed the app, so I don't know if this is part of some alert
functionality, but why are there Twitter and Facebook API links in the code?
[https://i.imgur.com/QPIYUfQ.png](https://i.imgur.com/QPIYUfQ.png)

~~~
greenwalls
You can post your graph to Facebook or Twitter if you want to (completely
optional). Check out the hashtag #GlassWire on Twitter. Some people have
already posted some graphs. We have no relationship with Facebook or Twitter.

------
sahaskatta
I just installed this on a Surface Pro 3. First off great app, but just wanted
to give you a heads up: The icons in the taskbar and notification area are
blurry due to a HDPI screen. A good portion of the interface is cut off or
broken likely due to scaling issues.

~~~
greenwalls
Thanks for the heads up. We'll pick up a Surface and fix this.

~~~
wvenable
No need to pick up a surface; just adjusting the display settings in Windows
8.1 should be enough to simulate the problems. Increase the DPI, etc.

------
Semaphor
It doesn't seem to do what it says. According to it, Outlook initiated it's
first Network connectivity just now. A point in time where I had already sent
and received mails for some hours.

At least it so much better looking than other windows apps…

~~~
greenwalls
If you check the final installation window it warns you that you should reboot
to catch all ongoing connections, but we plan to improve this in the future so
a reboot isn't necessary. We didn't want to force users to reboot because I
think that would suck.

~~~
Semaphor
My mistake, but you should at least make that information more visible. Unless
there is a yellow or red sign, or some box to check the readme I do not assume
installers will tell me about important things in the post-install window.

------
hrjet
While this is great for certain types of attacks, I wouldn't be surprised if
the really smart attacks try to fly under the radar, by distributing traffic
and activity. Does this app somehow help detect that?

------
paranoid123
See my problem is that I am already paranoid... How do I know glasswire does
not provide access to my machine to its developers?

My point being it's a closed source project by using it you implicitly trust
its developers.

------
nkohari
Looks like a nice implementation of a good solution to a real problem. Kudos.

~~~
greenwalls
Thank you!

------
ferongr
Minor nit, not everyone has their notification area at the bottom right of the
display (I use a vertical taskbar on the left). It'd be neat if the
notifications showed up near the notification area.

~~~
greenwalls
I never thought of that. We'll see how we can move the notifications so they
are near the GlassWire icon.

------
BorisMelnik
really love the color scheme and design on your website. sorry I don't have
any more relevant feedback to add. I deal with colors, UX and UI all day long
and this was refreshingly lovely.

------
jonalmeida
This has been an application idea I've been wanting to build for a long time,
but not having much networking know-how when it comes to these things, I put
it on a to-do list.

------
fra
Really nice looking page. I'd love to get an OSX version...

~~~
lumpypua
[http://www.obdev.at/products/littlesnitch/index.html](http://www.obdev.at/products/littlesnitch/index.html)

~~~
greenwalls
We're working on a Mac version. Also I agree Little Snitch is cool. We
concentrate more on visualizing network activity and we have a "network time
machine" feature our UI allows you to go back and forth in time. Also I don't
like how Little Snitch always pops up those alerts. I wanted the user to see
the alerts but not have to always "OK" every little network activity. I felt
like users tend to just press "OK" all the time anyway...

~~~
lumpypua
I like your graphing a lot definitely!

LS has a similar network activity visualization. You can of course drill down
by process and such:
[http://i.imgur.com/ZQX0XEa.png](http://i.imgur.com/ZQX0XEa.png)

As a power user, I like alerts for all unclassified network activity on my
machine. No affiliation with obdev, just a fan of LS.

------
woohoo7676
Downloaded it, love the idea and UI. My only niggle about the app now is that
it could use better support for hidpi (the text is a bit jumbled). Other than
that, great work!

~~~
greenwalls
Please post a screenshot to our forum with details or email us and we'll fix
it.

------
gravedave
I'll definitely try this app out. Also, love the title!

Getting hacked? Make an app! Feeling paranoid? Make an app! House getting
repossessed? Make an app! Hangover? Make an app!

------
andrea_s
This is awesome. I would be happy to pay for your upcoming "pro" version. Do
you already have an in-app mechanism that will warn me when this is available?

~~~
greenwalls
Unless you make GlassWire block itself via its own firewall manager then you
will be alerted to software updates.

------
huhtenberg
Any reason why WhoIs data on glasswire.com is concealed?

~~~
frik
linked on the top of the start page:
[https://trustsealinfo.websecurity.norton.com/splash?form_fil...](https://trustsealinfo.websecurity.norton.com/splash?form_file=fdf/splash.fdf&dn=www.glasswire.com&lang=en)

------
Fundlab
Why does it only pop up internet explorer icon in the alert? Is it possible to
show an icon of what application is initiating the connection instead?

~~~
greenwalls
It should show the app that connected, not just IE. Is it only showing IE for
you over and over? If so it must be a bug. Please report it to our contact
page.

~~~
nkg
Is there a way to enable e-mail notifications ?

------
marcamillion
Love this. The installed app looks just as good as the screenshots.

One question, what does "powered by Symantec" mean?

Is this just a sexy UI on top of a Symantec engine?

~~~
db42
I think its just for domain ssl certificate - [http://www.symantec.com/ssl-
certificates](http://www.symantec.com/ssl-certificates)

~~~
marcamillion
Ahhh....ok.

Thanks!

------
AriinPHD
greenwalls, thank you for a lovely looking product. It is definitely a keeper
even this early in development. I'm looking forward to seeing it grow.

I've encountered an issue with the Anti-Virus scan function. I'm using
Symantec Endpoint Protection (SEP) and the SEP logs indicate that GlassWire
does not perform any scans what so ever. A response to this would be greatly
appreciated!

------
aen0
I believe that the hosts history should not be visible by default. It also
shows hosts while browsing in private mode.

Maybe only visible with an UAC auth.

~~~
greenwalls
Thanks for the feedback. You can go into the settings and clear your history
also.

------
listic
What are the good tools to monitor network traffic that run on Linux?
Probably, there are better open-source alternatives to this?

------
farmdve
A person who failed to keep his computer safe wrote software to protect
others? Sorry if I don't feel incredibly safe.

------
servowire
Reminds me of BlackIce back in the day... awesome tool this Glasswire. This is
what I wanted for everyday network paranoia.

------
jagermo
Installed it under Windows 8.1, got several BSOD and restarts. Looks awesome,
but it made my system highly unstable.

------
hammer_of_thor
beautiful design!

other than that am gonna say what everyone ELSE is thinking, Security +
Microsoft, give me( _us_ ) a break, last time i checked the word security does
NOT _exist_ in Windows

am surprised how _THIS_ made it to the top of HN, probably has something to do
with those users who were defending IE's developer tools ;)

------
kruxor
This is such a nicely made app, Thank you!!

------
RubyPinch
considering you are also monitoring physical changes to the box (network
interface changes for example), would it be within scope to monitor
workstation locking/unlocking and hibernation? same question with
removal/addition of plug-and-play devices (HDDs for example)

~~~
greenwalls
Instead of monitoring locking/unlocking we monitored idle time instead. You'll
notice the graph turns shaded when your computer is idle so if you see some
strange spikes you can go back in time on the graph and investigate.

~~~
RubyPinch
on the alerts page, it tells me that 2 alerts occurred, but it doesn't allow
me to view those alerts?

that should probably be fixed, not much point in a idle mode if it just makes
things more difficult to investigate

edit: also currently using 1.3GB of memory. what.

------
vini
Beautiful, would be nice if it had an option to open the folder where the
listed apps are located.

~~~
vini
Never mind, it already shows the apps folder, just click on the apps icon.

------
skrskr
@developers: I wonder what your business model behind this product looks like.
Please elaborate!

------
whyleyc
This is really well done - congrats.

How are you planning to monetize - Will there be a "Pro" version ?

------
jnazario
very great stuff, nicely packaged and presented. jealous it's only for
windows.

~~~
greenwalls
Thank you. We wanted to see what the reaction would be before considering a
Mac version.

------
voltagex_
Any plans for a plugin API? I'd love to add my ISPs usage monitor to this.

~~~
greenwalls
How would the plugin work?

~~~
voltagex_
Sorry for double posting, I've gone into more detail in another reply to you.

------
Xorlev
Beautiful app. Almost (but not quite) regret jettisoning the Windows
ecosystem.

------
Brosper
What about AUTO-UPDATE ?

------
guest123
what is the charting library that is used for time-series data?.

------
patatino
little bug: ireland flag is wrong, you used the flag of italy.

------
nehz
Does it use a kernel driver? and how does handle rootkits ?

------
duiker101
Ok, I need to know. how you made such a beautiful app?

------
wyck
oh wow it's so shiny. Seriously people are downloading this and it's not open
source, maybe they should blog about it on medium.

------
shreshthmohan
You sound a lot like Linus Torvalds. :-)

------
sinofer
The software and graphs look amazing. I started Windows after a long time just
to try it out. I hope you will launch the linux equivalent soon.

------
Zakuzaa
What are you using for forum software?

~~~
greenwalls
Discourse. [http://www.discourse.org/](http://www.discourse.org/)

------
Joyfield
What graphing components do you use?

------
api
All OSes should have this built in.

------
GimbalLock
This is so gorgeous.

------
haukurk
Thumbs up! Really.

------
Brosper
Wow, this app is the most beautiful app for Windows ever made.

------
fgvb
"GlassWire is not compatible with this Operating System."

XP x64

~~~
mertd
It is a 13 year old OS.

~~~
idbehold
The best one since Win2k.

------
nmb
Thank you.

------
frik
Nice app. Please test it with the Windows classic theme (Windows 7/2008 R2),
the "Glasswire" button is a bit glitchy.

What's the overhead of Glasswire? For me it's 2-6% CPU (of my many core
systems).

What does the gwdrv.sys kernel driver do exactly? Hook into the TCPIP.sys
kernel driver?

Is the "Glasswire control service" an app update service? Blocking it in the
"Firewall" tab has no negative side effect so far.

~~~
greenwalls
Thank you. We will test with that theme, thanks for the details. My CPU is
nowhere close to 2% when GlassWire is minimized and I have an older PC with
8.1. Please send details if you have time via email or our forum. GlassWire
checks for software updates. If you block GlassWire from accessing the network
then you won't hear about new versions.

------
ps4fanboy
Any chance of a write up of the design process and UI frameworks used?

------
wfjackson
What about rootkits that can falsify the data that the app sees? It would be
good to have something similar that plugs directly into the router logs.

~~~
greenwalls
The only true network data is via some kind of tap on the actual wire. We're
considering adding a plug-in so you can do that but there are so many awesome
tools out there for that already I'm not sure if we should. GlassWire is for
everyday users to understand what's going on with their computer. There will
always be ways to bypass the OS but I think GlassWire will still help in many
situations.

------
nilved
Cool app, but if you're the kind of person who gets hacked, why should we
trust your sec?

~~~
judk
What kind of person doesn't get hacked?

~~~
boyaka
One that doesn't use x86, iOS, or Android?

------
gcb0
well done. but useless for the intended purpose.

most malwares will rip thru this like butter.

i would only trust something like this running out of the box believed to be
compromised. in the router for example.

~~~
greenwalls
The only true way to fully monitor the network is by tapping the actual wire.
We started off wanting to make a malware tool but we found it was not
reasonable so we tried to add more network monitoring and privacy features.
The GlassWire software does look for malicious hosts and other changes to the
system that could indicate malware but of course without directly monitoring
the wire there is no way to see everything your machine is doing on the
network. GlassWire works with your antivirus and is not meant to be an
antivirus.

------
Todoed
impressive!

------
kolev
Oh, wow! Amazing! Puts "Little Snitch" on Mac to shame!

------
ninjakeyboard
This is cool - looks more appealing than little snitch - needs a mac version
:P

