Hacker News new | past | comments | ask | show | jobs | submit login
Show HN: I got hacked, felt paranoid, made an app – GlassWire (glasswire.com)
1013 points by greenwalls on Aug 25, 2014 | hide | past | favorite | 331 comments



Wow. I hate how so many Windows applications are considerably uglier compared to Mac counterparts. The Windows apps don't seem to push forward Windows design but rather get stuck in the Windows XP design days. This is beautifully designed and clear.

The graph visualization is prime, and I love that the peaks are "rounded" out instead of sharp declines (sharp declines would make it look more like a live stock ticker).

Extremely well done, and exactly something I have been looking for. I will keep an eye out for the Mac version.


GitHub for Windows is another beautifully designed Windows app. They even published a blog post about it:

https://github.com/blog/1151-designing-github-for-windows


It's a little over-simplified, I think. In migrating some technical writers to git, I thought it might be a good tool to introduce people to git.

I ran into 5 problems:

1. It spit out vague error messages, requiring repeating the action in the CLI to see git's actual, specific problem.

2. There's no option to do the initial clone via ssh, which was a problem because http was failing to download the full repository.

3. It can't do merges, so you end up needing to use the git CLI anyways.

4. It crashed repeatedly while trying to handle large (1GB) repositories. Very sluggish and occasionally unresponsive on smaller repositories, too, especially with large single commits.

5. Various minor bugs. People would ask me stuff like 'how do I discard changes?' and I'd discover they'd gotten into a state where the menu would not appear until the software was restarted. They found it difficult to know when something confusing was inherent or a bug.

I wanted to love it, because it looks like it's good for beginners. Unfortunately, being pretty is not the same as being easy to use.


I've found Sourcetree to be powerful, simple and beautiful. It is also clear and good for learning.


Huh. I didn't realize Sourcetree was available for Windows. That would have been worth a shot.

In the end, I introduced them to the git CLI, simply because I could always answer or find an answer to their questions about it.


I was able to get some people who were apprehensive about git on board after finding SourceTree.


I have run into 2, 3, 4, 5 as well. And in general, I often feel like the tool is not telling me what it is doing (especially while handling large repos when operations some time take considerably longer)

I have since switched to SourceTree and it is working out well so far.


Here is a library that helps to create such an interface: http://mahapps.com/

It's also mentioned in the blog post you've posted.

Disclaimer: I'm one of the developers of MahApps.Metro, I hope nobody minds the shameless self-promotion


MahApps.Metro has been my go to for simple interfaces. Mix it with ReactiveUI and some saner DI, and it's just awesome. Thanks very much for your work!


Ha, yeah, ReactiveUI is awesome, I use it in all of my projects


Thank you for your work on MahApps. It's not perfect but does 95% of what I need when I drop it in to small WPF applications.


If you tell me what's not perfect, maybe I can fix it :)


It would be really cool to use this with pyQt. I know Qt has styling already so maybe it isn't needed?


This is a WPF library, so I don't think it'd work with pyQt


Oh I know it's a WPF, I just meant a library for pyQT or if Qt could do it by itself.


GitHub for windows was awful last time I tried it. Didn't follow standard desktop application HIG and was annoying to figure out, sluggish. I've had a markedly better time with SourceTree. I hate it when apps force their own design instead of following the user's window manager settings and form.


Github for windows is mind bogglingly bad. It's like staring into the sun. Nothing works like you'd expect it. They do their own thing. They should consider using a design similar to btSync. Now that's a good clean UI/UX.


that app has less features than a rock.


While true, it does what i need to do, sync my branches with my github for doing PRs.


I use Github for Mac, just for that feature - selectively write 'meaningful' comments while pushing files.


Didn't you get the metro^H^H^H^H^Hmemo? Features and options are bad as they will confuse and scare the user. </s>


Agreed. At least with a rock I can print off my source code, wrap it around the rock, and rapidly transfer it to my coworker.


Finally. I thought I was stupid for not being able to help the Windows guys in class with their git guis.


Nailed down the whole Windows Metro style experience.


Useless for actual computing but designed to appeal to anyone a room temperature IQ.


Looks like the Zune app for Windows.


Too metro for my tastes (or to be usable).


I'm a Windows user (go on, press the down arrow) and I don't care about app design. Give me military ship grey windows, text menus and a way to hide all icons. Windows 2000 was for me the apogee of 2D design.


I'm in on Windows 2000. Active window titles that could be set to bright colors to distinguish the active window from all the others (mine was canary yellow). I miss you Win2k.


I don't have a Windows 8.x box to check on, but on Windows 7 you can still set the display attributes for active windows - it's just a bit more buried.

To do so:

  * Right-click on the Desktop background, Personalize

  * Select Window Color button/link at the bottom

  * Select "Advanced appearance settings..." link

  * Click on the Active Title Bar in the preview area, or 
    select Active Title Bar from the Item dropdown

  * Customize the font appearance, including font, color, size and weight.


I may be wrong, but as far as I know, the only way to access these settings in Win8 (without extra apps) is regedit. HKEY_CURRENT_USER\Control Panel\Colors has the keys you want.


Despite flat design being categorized as a fad by design news today, I would LOVE a Win2k style desktop with flat design. Could probably just be a texture swap.


Not sure if that is what you mean, but Windows 8 has flat Window borders, buttons, etc. even on the Desktop.


The design language I generally like but I really want hard-to-learn, fast-to-use utilitarian UI like in Windows.


I've that aroglassy thingy disabled on Windows 7, looks about the same as XP without that ugly Luna (seriosly, who thought of that?).


I think that you are missing out on the concept of design if you limit your understanding of it to the color and shape of the widgets. When it comes to Windows, I definitely prefer the W2K look, but I wouldn't say that I don't care about app design.


I'm on Win7, but it looks exactly like the classic Win2K desktop. Grey bars, bottom taskbar, no pins, classic and functional.


> go on, press the down arrow

There you go. Nothing wrong with the comment, but since you asked...

The people mentioning "this is an unpopular opinion", "why the downvotes" or "this will be downvoted to hell" always get the upvotes and indeed, I see the comment doesn't turn gray when I downvote so it means others already upvoted.


On the subject of Mac counterparts, I highly recommend Little Snitch for this particular functionality.

I have no affiliation with the developer, I've just found Little Snitch to be quite useful and thought I'd share (admittedly it's graphs aren't as nice as this app's).


Also not affiliated but I've been using Little Snitch for about 5 years now, and I can't recommend this app enough. It's the first app I install on a new OSX installation.


I love the app and what it represents. You have a great story and motive behind it. I'm +1 for a mac version as I think your work is beautiful. I'll share this with a few friends.


Super useful if you spend a lot of time tethering. Just set everything to "ask" and build up your whitelist over time. After that, you no longer have to worry about remembering to turn off your torrents, CrashPlan, etc.


Second your Little Snitch recommendation. Invaluable.


There are windows design guidelines, most developers/ISV's adhere to them.

Another point: many companies don't want to spend any time or effort on design, as for most applications, it won't translate into additional revenue. I would argue that many customers don't even care what the app looks like so long as it works and they can figure out how to use it.

Also you don't want to have to re-learn how to computer for every single application you open because somebody got bored with the current state of design for a network traffic monitoring tool.


I agree. I hate how certain programs (e.g. Adobe Creative Suite) feel the need to re-invent UX paradigms in every new version. I 99% don't care how an app looks if it's useful.


Good design will make a product understandable


I think in this case, there is a difference between UX and Design. They do overlap, but not completely.

UX is about the user experience - or rather, the user understanding the program.

Design is about the application looking good.

You can have both, or you can have either one, or neither.

The command prompt is a good example of the former - I'm sure we can all agree that the design isn't great, but functionality wise, it's doing it's job perfect. Giving commands to experienced users.

Perhaps it's my understanding of basic 3D programs, but I would point to 3D programs being the exact opposite, having a great design without a good UX. I always feel like I'm limited, in that I don't understand the millions of options. The programs themselves looks great, but I just don't understand how to use 90% of their functions.


Thanks! It was actually very difficult to make rounded peaks due to the way network activity tends to suddenly spike. Sometimes the mini graph at the bottom of the UI doesn't match up exactly with the top graph due to our rounded graph but we're improving it all the time. I also hate the way spiky graphs look.


It might look good on "standard" resolutions but unfortunately it doesn't handle Windows 8.1 scaling and a high resolution monitor that well. For example the "Usage" tab is unusable for me with fonts cut off in half and labels to the diagrams unreadable.


Working on a fix.


+1 for the nice design of this app! But personally, unless the curves represent actual data points, I think they're somewhat disingenuous. Granted they look prettier than spikes but they give a false representation of the resolution of the data.


You are correct, it's not perfect but we're always trying to improve the graph so it's a better representation.


>Wow. I hate how so many Windows applications are considerably uglier compared to Mac counterparts.

I lost you after this sentence. I thought you were about to use this program as a shining example of ugly windows software.


All software related to security should be open source. This particular piece of software doesn't sit at a crucial point in a secure system, but a greater deal of transparency would be appreciated. I personally avoid using closed-source tools for security purposes, and especially closed-source tools that are hoping to monetize. I use Linux, though, so I guess it doesn't really matter to me in this case :)

I would also say that calling home is a huge no-no for this software. I would seriously consider revisiting that choice if I were you.


> All software related to security should be open source.

That's a very common and dangerous misbelief.

Security products should come from a trustworthy source. Open source doesn't imply trustworthiness. If I were to screw you, I can very well do it with an open source product and pre-compiled binaries. Some people will rebuild from source, but a vast majority will use binaries provided assuming that since I'm all "open source" then I must be trustworthy. Hell of an assumption to make if I am not.


> If I were to screw you, I can very well do it with an open source product and pre-compiled binaries.

This is even easier to do to closed-source products, and if you're worried about security than compiling your own binaries is a pretty basic measure.

It is not just that open source software is inherently more trustworthy than closed source software.

1. It is more resistant to backdoor attacks (related to trustworthiness) and more effectively hardened. Fundamental to security is transparency. You cannot secure something if you cannot understand its attack surface; insecure undocumented features (ie the recent iPhone discoveries[1]) and binaries accidentally (or "accidentally") compiled with debug flags are only detectable if the source is available.

2. It is often more nimble and can respond to new threats which closed-source projects ignore. At my work, we were hit by as USB virus that McCaffe ignored despite our very premium support plan because it didn't exist anywhere else. This was before my time, but from my understanding it was a custom-tailored attack that was made in a virus creator -- a drag-and-drop not-so-advanced persistent threat. (Probably a prank or experiment; I work at a school.) If we used open source software, and the community shrugged at us, we could at least make our own signature. At it was, we had to bring the computers down one at a time, boot them into Linux, and run a script to delete the files and registry keys. This is the job antivirus software is meant to automate. I understand virus companies have a heavy workload, but what exactly were we paying for? With open source, you always get your monies worth. (For the software at least; open source support plans can still suck.)

3. Appsec is expensive, its not always something you can afford to pay for. If you aren't designing with security in mind from the start, its not just a feature you can build into your app. It will require pentests and likely a partial rewrite. On an open source project, theres a good chance someone will volunteer to close at least the widest holes. No one volunteers for closed source.

4. This is likely not a part of your threat model, but its harder to serve an open source project with a national security letter.

[1] http://www.theguardian.com/technology/2014/jul/23/iphone-bac...


I'd argue that both criteria needs to be met :)


It's not just about screwing intentionally. Open source also helps with getting more eyes on the code. You need to be able to catch vulnerabilities before the bad guys or no amount of good reputation would survive. That is the primary reason for security software to be open source - reducing security by obfuscation and easy vulnerability check.

That said, all software is written and audited by a group of individuals. Ultimately it all comes down to trusting them. Even audits on open source software is done by a few individuals, so when using any open source security software, you are only really trusting them. Any sense of security more than that is a smokescreen. In that regard, I agree with you. Open source does not help with reducing risk of bad intention. That is a myth.


That argument is often repeated and also that often falsified, that Open Source is better because there are more people who have an eye on it.

I just want to mention: — The famous Debian-Bug, which lead to easily guessable "random" numbers. Nobody reviewed that code change for years. — SSL Heartbleed. Nobody reviewed the code change by that guy. Not even the maintainer reviewed it.

So the problem with Open Source is, as I see it, that everybody - from those who are experienced - thinks, that someone else has done the review. Which leads to the situation, that at the end of the day nobody does a review.


> SSL Heartbleed. Nobody reviewed the code change by that guy. Not even the maintainer reviewed it.

I think this is a blatant counterexample actually.

The code _was_ reviewed. It passed the review. This just shows that security is hard and that reviews don't always catch everything.

But the only reason that heartbleed ever came to light was that OpenSSL is open source. Had it not been, such a bug would have been much much more difficult to find. Yes, this is not instant, yes, it takes time and leaves people vulnerable in that time, but it did work out in the end.

If a similar bug were to exist in proprietary software, there's a good chance it would never come to light at all. Save for the extremely dedicated intelligence agencies who may have the people and desire to exert the effort to find it. That's who proprietary security software helps.

The Debian bug isn't a terrible example, but it simply shows that distro-specific patches aren't well reviewed, not projects in general. Most people who want to see OpenSSL code go to OpenSSL, not Debian.

Bugs happen, reviewers miss things or may not look in the right places. Open source does not mean secure by any means, it simply removes some requirements of trust of a sole entity and eases reviews.


It's a problem with the people who make that assumption. Not everyone does.

Just because you have examples of code that wasn't reviewed properly doesn't mean it applies to all open source software. I personally have my eyes on open source quite often, and I know many others who do. I also know we wouldn't have our eyes on it if it weren't for the source.

Really, software being open source doesn't make it secure. It's just a precondition that allows us to find out if it is secure (and fix it when it isn't). If it isn't open source, then we should assume the worst, as we likely have no other way of knowing whether it's reasonably secure.


So if it wasn't open source, how would you go about discovering Heartbleed? It was discovered independently by multiple people beacause it was open source - so contrary to your naive assumption, people are looking at these things.

Here is a story how it happened and how it was patched - http://en.wikipedia.org/wiki/Heartbleed#Discovery

Are you really arguing that discovering and fixing Heartbleed would be simpler and faster in a closed source form?


heartbleed wasn't discovered by browsing the source code, it was found using a fuzzer. it wouldnt have mattered if it was open or closed source.


most people do that but developers contribute to that will see it eventually.


As a (unworthy, since I happen to use proprietary software accidentally) believer in Free Software, I tend to agree, but since that's unlikely to happen, I'd say all security-related software should be at least fully auditable by end-user. That is, there must be either 1) some form of human-readable (i.e. unobfuscated) source code and means to validate the built binaries to match the provided sources or 2) means to easily decompile the binaries to a human-readable high-level language and study their behavior.

That is, one of the first things this GlassWire app did is connection to its home server. It openly admitted that itself, but nonetheless, why it did so and what kind of data (~200+ KiB, that's a fair amount that probably exceeds any analytic and update-checking needs) were transferred — I have no idea and I'm too lazy to figure out.


Thanks for your feedback. We'll try to add more transparency. The calling home is for software updates and it shows up on the graph, and GlassWire can even block itself.


Update channels are very hard to secure and is a huge opportunity to take ownership of the software (and from it, the machine).

For an example, check out the Defcon 22 talk Hack All the Things[1], page ~61. NTV200-100NAS owned through unsigned updates....

[1] http://download.gtvhacker.com/file/generic/GTVHacker-DEFCON2...


Thank you. We will check it out in detail.


Another simple fix: tell us who you are. The contact page is woefully generic and anonymous. Glasswire appears to be a company, more than one person. Where are you based? What's your background? Funding?


That may be the case, but it's still not acceptable in my opinion. Calling home to fetch a new database of malicious hosts and such is fine, but calling home for analytics is not okay. At the very least, clearly disclose it and make it easy to opt out.


> but calling home for analytics is not okay

It's like you didn't even read what was written.


Out of curiosity, do you have any security concerns about calling home for analytic or is it just you would prefer the privacy of not having your usage tracked?


If it's opt-in, I enable it. If it's opt-out, I disable it.

For me it's a matter of principle. That people politely ask is both an indication of trustworthiness and how I prefer things to be, so I try to help by enabling it.

It also depends on the way they ask. Mozilla Firefox for Android tells me that I should choose what I share, enabling crash reports and disabling telemetry by default. Even though the crash report is technically opt-out, they ask me in clear terms. I like that.


It's mostly privacy concerns, but also the fact that you use this software at all can disclose some interesting information to eavesdropping attackers. Most worrisome is just that it's not very well disclosed - most users just don't know it's happening, and it's not very well justified.


How can you say "most users don't know it's happening" when it's the first thing you see in the graph when you load the application?

We got your initial point..

I think you're just grinding metal at this point.. Ease down.. ease down...


I don't see anywhere that it discloses what is being sent, just that it's sending something. Did I miss something?


> All software related to security should be open source

Why just security-related software? It doesn't get special permissions or anything. All software can do equal damage on most operating systems.

> I personally avoid using closed-source tools for security purposes

I too prefer open source tools for security purposes, but that means that for security purposes I prefer all my software to be open source.


In a perfect world, all software would be open source. Our world isn't perfect so I just live with asking people to make their security-related software open source.


How do you know software isn't security related if you can't see its source? They might tell you it isn't :)


Sounds like Debian is perfect world then :)

I must confess to using a few blobs for drivers, software that school wants me to run (for UML designing) and the occasional game. But overall, I'm pretty clean of closed source software.


I think you are conflating security advice with business advice. Obviously, you are not the target audience. I may agree with you on a technical level but on a business one I do not really agree.


>> All software should be free

Fixed that for you, yours RMS ;-)


Hello all,

The company that made this is: SecureMix LLC (est. 04/15/2014); aka Free Firewall Antivirus LLC (est. 10/17/2013); aka Blue Quail Capital, LLC (est. 06/21/2010). Here is the corporate registration: https://mycpa.cpa.state.tx.us/coa/servlet/cpa.app.coa.CoaGet.... The person opted to use a CPA (EDWARD H. GOWETT) to register their LLC (looks like a nice guy: https://www.linkedin.com/profile/view?id=34375436). And finally, the man, the myth the legend: ANTON BONDAR.


What's up with the doxxing? Has GlassWire done anything wrong?


It is a made up title from a big $$$ company to promote their new app, that's what's wrong in the first place. How can you trust a company that uses a title like this to ultimately get you sign their licence and fetch your private data to make money out of it? This leads to being hacked with your own consent and that's why it is wrong and misleading. Try install the app and read the license to see what they want from you and it all becomes clear...


There is no big company here and we don't even have an office. I currently have no ownership in any other businesses or products. Your graph data is never sent to our servers. We plan to make money via a paid software version with more features, for example the ability to monitor multiple remote servers. I agree that it wouldn't make sense to have a product like ours that collects user data.


How is searching Google while I sleepily sip my morning coffee "doxxing?" I don't even own a Guy Fawkes mask.


Also affiliated with Manycam LLC. Seems less like NSA, more like marketing guru.


My name is Jon Hundley. Anton is my cofounder. I founded ManyCam also with Anton and it was acquired last year. We need an "About" page on our site. GlassWire is now my only project. https://twitter.com/hundley


Honestly, sorry about that Jon. I wanted to bring some transparency where there was none, and this seemed reasonable to actually share some concerns (and I don't consider this "doxxing" or whatever that other guy said, more like "googleing over coffee"). I did install your app and it is great! Coming from using the flow tool argus (part of the CALEA collection toolkit), I always thought that analyzing flow/connection data was the next frontier in client/end user security; and sure enough GlassWire does just this! It is true, however, that further transparency would be good. I suppose that just comes with time. To keep it simple, this app being free really just makes me wonder what the catch it. So, what's the catch? :) I use Ghostery and that catch is pretty obvious.


We'll about the catch part, they're pretty open about that on the front page. They intend to implement new features just for paying customers. Over time I'm guessing the business value of the free product will decline while the paid one will rise.


I felt paranoid, installed Glasswire, and got hacked!


GlassWire is on HackerOne. https://hackerone.com/


I got hacked, felt paranoid, made an app... Yeah right!

This app is not a one man show! This app, with all it's license stuff, backdoors etc.. all ready to know a lot of all your network traffic going in and out, and you agree upon all this when you install it. Now YOU got hacked! Or do you think the app will also show in detail what data they store and share on their servers and third parties and more?

767 point and counting on HN, amazing...

Good luck!


I feel paranoid, too:

Surprise HN; I'm trying to grasp why this is upvoted so high (1) This submission has a reddit style storified title but doesn't link to the story (2) Uses the word "app" , to catch the mobile crowd, which for Windows wasn't used traditionally (That also explain the top comment, which is about aesthetics) (3) seems to suggest the problem is solved the first time, despite the fact that there are dozens of similar apps, commercial, free or open source.


It is the best looking and best presented Windows app I can remember seeing. Can you show me a single app with similar functionality that is presented as well as this?


Why is that relevant? _diminish_ points out misleading marketing in the HN post title. It aggrevates me as well, even though the presentation on their web site is nice and all that.

_edit_: I can see that your post is relevant with regards to (3) - "problem solved for the first time". They may have some features that no others have, such as alerts. There are many similar apps though. One example: Netlimiter http://www.netlimiter.com/


You're ignoring the aesthetics of the app and the marketing. It stands apart because of it.

To give you an anecdotal idea of how compelling that can be, I booted my gaming Windows machine just to take a closer look at it.


Not to mention, this kind of app does us no good. Its another little snitch clone. Joe End User isn't making heads or tails of this. Why would he want to?

What I want is a simple no-worry IDS/IPS I can install on easily on Win or OSX machines. Have it use the rules Snort uses. Make it dead simple to install. Now I don't have to spend hours digging through logs or graphs by apps like these. The IDS/IPS just stops hackers from entering. I'm a sysadmin and I run IDS and its a game-changer for us. Yet somehow in the home user space, its non-existant.

No idea on how bad the licensing on those Snort rules is, but a 1-click WinSnort that auto-updated itself would be a game changer. I find it amusing that everyone lives in fear of Cryptolocker when a simple rule can detect Cryptolocker traffic and deny it access to the mothership to generate a key. No key, no encryption.

I could see this evolving into a smart firewall type app on top of these static rules. It could say, "Hey why is guy downloading an unsigned exe from a computer on the botnet list? I'll block that." Or "why is this guy sending out suddenly smtp connections to thousands of servers. I'll just block that."


For me, I don't think that applications like this are targeted at "Joe End User" more at technical people who would like more information about what network connections are happening from their machine.

Personally I've been looking for a little snitch equivalent for Windows for a while now and this one seems like a good starting point.

I think that the problem you might have with IDS/IPS for end user machines is similar to the problems that end users would have with this kind of software. Namely when it blocks/alerts it's very hard to translate the reason for the block (a SNORT rule) into something that's meaningful for a non-technical user.

the alternative is just to silently block, but that leaves the user with a problem whenever there is a false positive (which is a fairly large problem with network IDS/IPS in my experience)


You could say the same thing about AV software. Just log events in a tray application. False positives are simply going to happen. They happen with everyday AV. Well written rules won't have this issue often and for end users it'll be edge cases they don't have to worry about. If it is a serious case they can call their tech savvy son for help, just like they do now with all other issues.


I'm all for caution when it comes to installing software, but it seems in your comment that you're suggesting that this software is actually malicious.

Do you have any evidence of malicious intent/execution from this software, or this just your presumption based on their marketing?


Can anyone explain why the Qt DLLs are offset in size? I compared them to Qt 5.3 and even replaced them and app works fine with original Digia compiled versions. Maybe it is the digital signature? I just recall a trojan people used before by re-compiling the Qt Libraries with malicious intent.


Beautiful app, I looked at the Privacy Policy on the site & breezed through the Install legalize and it doesn't seem to include specific network traffic information being relayed back to remote servers in anyway (I easily could have missed this), can you confirm that you guys are not collecting network usage statistics from the app?


We absolutely can't see your network data and we don't want to see it. GlassWire checks for software updates and that network activity appears on the GlassWire graph. If you block GlassWire via its own firewall then you won't know about future updates.


Thanks for the quick answer. I would pay for this in a heartbeat, great experience. Good luck to you guys.


Holy hell, this was the app I was looking for for a long time! It does exactly what I want it to do and does it beautifully. Thank you! I'll be happy to pay you when you provide that option.

By the way, I'm surprised this isn't a default feature of OS'es. I always thought knowing exactly what apps are talking to the world and how much is something one would like to know about.


FYI, Task Manager on Windows now has an "App History" tab which includes both CPU and Network usage. OS X provides similar functionality in Activity Monitor.app.

See: http://blogs.windows.com/bloggingwindows/2013/06/06/windows-... and http://support.apple.com/kb/HT5890


Thanks! I also felt like I couldn't easily see what was happening in the background and it made me feel nervous.


I developed the need to know what's talking to the world when I used a mobile Internet connection with a limited plan (16GB/month) (long story). In such situation, one wants to account for every single megabyte being used.


Not really a default, but under Ubuntu I always setup the system load indicator, sits in the top bar, nice little colored charts of CPU/Mem/Network/IO. After a while you notice when something unusual happens. I used nethogs to check which processes use the network but I'd like to see such a nice gui to track network usage.


Holy crap, this got popular fast.

This will probably stop some drive-by hacking - great. But my understanding from some well informed people, is that increasingly rootkits can hide their network traffic.

So, whilst this will add piece of mind, you'll still need to maintain security - because all this will really do is let you know you've been "hacked" again. Sure, it may prevent the dropper from connecting out - but often that would look like Flash or Java just connecting out to a random host.

As someone who got hacked, and installed NoScript, I'm amazed at the number of hosts that even mainstream websites connect out to. I struggle to stay on top of my whitelists. I just don't think you're going to see the dropper in time and stop it.


Thanks for the feedback. Yes you're right about rootkits and there are other ways to bypass the network that GlassWire can't see.


This is immensely helpful (and beautiful). I really like how you can monitor remote boxes. Customization of alerts is great too!

Any chance you will support hi-res screens (see http://imgur.com/ztN8cL3)?


Wow, that looks awful. What kind of screen are you using? I don't have one. Any details would be appreciated so we can fix this.


You have to declare that the app is "DPI aware" in the manifest and implement few things that go along with that promise. Just google it, it's fairly simple.

While I got you here, can I ask how many people worked on this and how long did it take? Just curious.


You should be able to simulate one by clicking "make text look larger or smaller" in screen resolution.


At Screen Resolution -> Make text and other items larger or smaller you can set the DPI to other value (ex. 125%)

This is the information for DPI-Aware applications.

http://msdn.microsoft.com/en-us/library/windows/desktop/dn46...

I would attach some source code from a game I wrote, but I don't have the source code of it at hand right now.


Running Windows 8.1 on Macbook Pro Retina (via bootcamp). I found this on MSDN...not sure if it's applicable: http://msdn.microsoft.com/en-us/library/windows/desktop/dn46...


Thanks! We will try to recreate this.


Came to say the same thing. This is while running it on Windows 8.1 through Parallels 9 on a rMBP.

http://i.imgur.com/aieLXtJ.jpg


I'm seeing similar behavior on a Surface Pro 3.


Bug report: After few hours of installing the app. I got a blue screen KERNEL_SECURITY_CHECK_FAILUR which repeated 3 times. I removed the app from the start up list and disabled the windows service. now everything is back to normal. System: Win 8.1


I haven't seen this yet. If you have time to post a report to our contact page we'd really appreciate it https://www.glasswire.com/contact/


I don't see it anywhere on your site, but have you passed (or at least tried) Windows Logo test? That coupled with driver certification kit can show some warnings. It's costly to get signed driver and certified product, but you can just run the tests for free and see if everything is OK.


If you do report it, see if there was a minidump produced. I hope the OP is also enrolled in the Windows Error Reporting program.


I am surprised he managed to get the driver signed by microsoft, epecially when it is free and causes bluescreens.


The driver wasn't signed by Microsoft, but VeriSign Class 3 Code Signing 2010 CA.


I know some have mentioned white/black lists, but in addition to known malicious stuff, one feature that might be really helpful is a known list of what connections are used for, or processes/executables.

i.e., "spynetus.microsoft.akadns.net" could have some clearly Glasswire edited note that said something like "Used by Windows Defender". You could even add a +1232 Safe/-12 Unsafe that linked to a crowdsourced/forum sourced "what's this" registry. Sort of like reviews on processes or hosts.


This is brilliant! Windows users are seriously in need of an authoritative source for information like that. Especially since the URL you mentioned looks just like a phishing site that pretends to be Microsoft and distributes spyware.

Search for any common Windows service or .dll filename, and you'll get dozens of forum threads where people who have no idea what they're talking about try to figure out whether it's a normal part of the OS or the worst virus ever. These are the same people who open Task Manager every day and blindly kill everything that they don't recognize. (Doing so does tend to make Windows run faster, which reinforces the impression that svchost.exe was indeed a virus.)


I like this idea. Thanks!


Please send my compliments to the designer of both your app and website. both designs are clean, beautiful and work with the UI. bravo.

it would be nice to have more info about how you monitor the connection and prevent any Trojans from going around the monitor point.


I will let them know, thank you! GlassWire is kind of like "Little Snitch" in the way that it shows you everything and lets you make your own decision on what you want to do, but we also add in some extra protections like malicious host alerts, ARP spoofing detection, DNS server changes, Host changes, and we let you know about changes to your applications that are accessing the network. For example if Chrome's certificate is changed or it's updated you should be alerted. Unfortunately nothing can stop trojans/viruses but we hope GlassWire helps some.


Beautiful indeed! Only tiny stray semi-colon: "Our Windows network security monitor also looks for; domains or IP addresses..." I wouldn't mention it but for that fact that attention to detail is clearly important to you judging by the design of both the site and the app!


Thanks, I'll fix it.


This is great.

Surprising really it has taken so long to get an app like this on Windows. I've been using My Data Manager[1] on Android for a the previous 2-3yrs.

The closest I've gotten on Windows up to this date is CFosSpeed[2] in traffic shapping = off mode + process explorer. There have been other apps that attempted to present the data, however none have done it like GlassWire.

Looking forward to the paid version, this is awesome :)

Got a few rendering issues on Windows 8.1[3]

Hopefully these issues get sorted out, quickly.

[1] https://play.google.com/store/apps/details?id=com.mobidia.an...

[2] http://www.cfos.de/en/cfosspeed/cfosspeed.htm

[3] http://i.imgur.com/0jOFvos.png


Beautiful. I can easily see using this regularly on my Windows machines.

Some items: 1) It'd be nice to be able to scroll around directly on the graph using mouse gestures (middle-click drag?). 2) Graphing of bandwidth seems to be off somehow. If I do a speedtest.net, my ~104Mbps transfer shows up on the graph as 38 Mbps and the graph scale shows a max of 20 Mbps. http://imgur.com/QkZMVvj


I use Speedtest quite a bit and I think they estimate your speed via a system that doesn't require you actually hit their transfer rate. I could be wrong though... we'll look closer and see what's going on there. I agree dragging right/left on the graph would be cool. Thanks for the complements and feedback!


The graph shows a discrepancy when downloading from other sources as well. Steam is reporting 4MB/s while GlassWire shows around ~3.3Mb/s (hard to really estimate).

Also, the Apps tab under Graphs says 250Mb for Steam. I have no idea what this value is supposed to reflect. Similarly, the Traffic tab shows a similar value (but slightly different value) for HTTP traffic which Steam is the only user of right now.


Be great if there could be the data rates / current speed on the graph > traffic view. That's one thing I am missing - takes too long to figure out which app is doing something.

https://www.dropbox.com/s/qdzovwg9eif5ebp/glasswire_datarate...


This is happening to me as well, Glasswire reported 10MBps steady (while the chart's max val was 20Mbps) while Speedtest.net is reporting 104Mbps.


They definitely do real bandwidth measuring.


I actually just signed on to HN to comment on this news. Great job, first of all for a good solution to a real problem. Next, great design: finally an application that does not pale in comparison to its Mac counterparts.


Thanks for the kind words!


From FAQ page:

> GlassWire keeps an up to date list of known suspicious hosts and alerts you if you contact one. Suspicious hosts are often related to botnets, malware, and other malicious behavior

How is this implemented exactly? Does the app phone home? Does it do some sort of RBL check (if so, against which servers)?

Thanks


GlassWire checks for software updates and also does an RBL check. You can see it on the graph and block GlassWire if you want, but then you won't be alerted to new versions and your malicious hosts will become outdated. We don't list our malicious host list sources but I guess we could, I'll have to think about it more. We don't get the hosts from our users or access any user data at all. Your graph data is private on your machine, unless you set up our remote monitoring feature and that data also never goes through our servers at all.


Sorry, I should've been more specific - does your app talk to your servers when it's up for reasons other than checking for updates? If yes, is there a way to switch it all off?

I'm sure you can understand why I'm asking. In fact, it'd be ideal if the update checks would have the "remind" option like Bvckup2 has it - https://bvckup2.com/img/r8/screenshot-4-preferences.png


Clearly one of the most beautiful app on Windows. Just installed on my desktop, looking forward to the mac version ;)


Really great work! I installed it yesterday and I have to say that I like it. It's different from most AV/security products in that it is very low-profile -- probably because it is intended for a more technically-inclined audience. It doesn't bother you when you try to do stuff, it doesn't really spam notifications, and it doesn't nag you to buy useless shit.

Is there any way to opt-in to share network stats? I, personally, would not mind and I think it would lead to a stronger product.

Here is a small suggestion. I actually didn't know I could close the tray notifications. When I looked closer at the notification, I saw the X in the top right corner. The X looks just like the background; maybe you should make it a little darker or somehow add more contrast.

Also, I think I may have discovered a bug. GlassWire thinks that Microsoft Word has transferred 253.7 MB, when it was actually Microsoft Silverlight (I was watching Netflix and had MS word open for a while). http://i.imgur.com/84qFF42.png


Nice graphs. On the site, why did you choose to promote the monitoring features over the outbound firewall features?

Can it import existing whitelists or blacklists?

If there are competing products (paid or free), a comparison would be helpful.


Our firewall uses the Windows firewall system so it doesn't add instability to your computer. I was afraid it would sound kind of lame to talk about the awesome firewall when it's more of a firewall manager. I think the monitoring feature is the most useful thing because you can go back in time and see your network activity for up to 30 days, or of course clear your history if you want. For Mac there is Little Snitch but for Windows I haven't seen anything that has a "network time machine" like we have and also gives notifications like we do. The way GlassWire organizes the data is kind of unique. I made this application for myself due to my own paranoia.


Your motivation and follow through is equivalent to your product's quality. I hope this is a trend that grows. Thanks for the work.


Would you or others care to share the story of how they got hacked?

The only time I've been aware of getting hacked, my friend handed me his computer and said, "You're a nerd, find me a live pirate stream of the Big Game. Quick, people are coming over!" Friend may be too strong a word, but I gave it a shot even though I thought it hopeless. I went to some sketchy pirate sites, and I clicked on a link. A popup launched, and immediately there was an error; "Shockwave has crashed."

"Do you install updates?"

"No, why?"

Another time, my brother was lamenting that he couldn't take pictures with his phone because his SD card broke. I never used mine, so I pulled it out and handed it to him. A few days later I had to get some information immediately and the only device available was my phone. I was on a website and an error popped up; it was to the effect of "Can't download someapp.apk because you don't have an SD card."

Close call.

Edited to add:

https://incidents.org has good reads.


> Safari can not verify the identity of "incidents.org". Would you like to continue anyway?

That's what I get in iOS. Teachable moment?


It's using an isc.sans.org certificate. Connecting to https://isc.sans.org/ gives the exact same site, with no warnings.


Perhaps. It reminded me of another incident; I tried to access EFF's Panopticlick, and got a certificate signed by "OHAI THAR" or something like that.


I know saying just 'Wow, what a beautiful, useful app' doesn't really add much to the discussion, but it's all I can muster.

Beautiful app. Amazingly designed. Insanely useful with zero configuration. Would love to pay money for this, especially if you can bring this sort of zero click usability to a LAN environment.

Congratulations!


ITT: people care way more about the superficial qualities of security software than, ya know, security.

This looks way easier and prettier than open sourced NIDS and HIDS like snort and OSSEC, and I think that's why I'm supremely skeptical they hired enough security people versus frontent people.


GlassWire isn't a replacement for an antivirus. I think the only way to see all network activity is by tapping into the wire itself. I made GlassWire to give myself an easy way to see what my computer was doing in the background but I do understand there are always going to be ways to bypass it along with any other application.


I'm not sure you are clear on what distinguishes a host based intrusion detection system, network based intrusion detection system, and antivirus. The feature list you are advertising sounds like a NIDS and HIDS, well known security software used in any secured network. I realize your software isn't antivirus like Norton or ClamAV. I am suggesting you might not be familiar with popular open source software that seems to accomplish your same feature set that large companies often use.


Intrusion detection systems are in a different business. They use stats or fingerprints to flag bad traffic/behaviour, then log alerts. Glasswire is an inspection tool to see what apps are doing net traffic wise on your computer.


Beautiful! And just a future feature request for the paid version: Would it be possible to limit the bandwidth allotted to an individual application? I know it's a monitoring tool, and that would be more of an administration tool feature, but I think it could fit in with the concept.


Beautiful UI! Just curious: why not block connection attempts from new programs automatically? By the time a user has noticed and blocked future connections, it may well be too late.

On a related note, I recently tested a number of firewalls for Windows using Comodo's HIPS and Firewall Leak Test Suite[1]; the only one I found that passed all tests with virtually no setup or changes was SpyShelter Firewall[2]. Not an endorsement by any means, just an observation.

[1] http://personalfirewall.comodo.com/cltinfo.html [2] http://www.spyshelter.com/spyshelter-firewall/


I use Little Snitch on my Mac. I found myself just "allow"ing everything all the time anyway. I think most users just get used to pressing "OK" and stop even paying attention to what they are agreeing to. I know I get lazy and do that myself. Instead I wanted to briefly alert the user and let them make their own decision, then we also added in some malicious host monitoring and other features to help. Users can use our "network time machine" feature to go back and time and see exactly what happened in the past. I haven't seen another product that does that.


Have you tried using Little Snitch along with Privoxy?

I find the combination works very well. You get two ways to block things (Little Snitch rules and Privoxy rules) and because Privoxy is so easy to restart you can make "Deny" your default behavior since if the site doesn't show properly, just restart privoxy and hit refresh.

Great looking app btw. Haven't had to work on a windows box in a long time but if I do I'm definitely going to try this out.


I've stopped using Little snitch a while back because it felt useless as I would indeed allow everything out of habits. Good decision.


I believe the point is not being a firewall, but rather let the user know what's going on. Firewalls may cause all sort of problems for the common user by blocking by default, and still don't reveal privacy violations (e.g., whitelisted applications generating traffic at unexpected moments).


Do you have it written down perhaps? What firewalls you tested and how they managed? I'd be interested.


I'm sorry, I don't, but there are detailed tests and comparisons at: http://www.matousec.com/projects/proactive-security-challeng... . One well-respected app that does not appear in those results is Online Armor, apparently due to some sort of falling out: http://www.wilderssecurity.com/threads/privatefirewall-awful...


You felt paranoid and made an app which a random binary from internets we should download and run.

Feels like a trap.


Looks pretty but I dont know how well this will help with detecting a compromised system. Once a system has been compromised cant it lie about its network usage?


Yes a system can lie about its network usage. I answered a similar question below, check this link https://news.ycombinator.com/item?id=8223296 GlassWire shouldn't be your only security tool.


Looks beautiful, What's it written in?


I would also like to know this, and also what GUI toolkit does it use (if any)?

Edit: It seems it's using QT, impressive.


It's Little Snitch for Windows? Love it.


Unlike Little Snitch, GlassWire does not block new connection attempts - see the author's comment here: https://news.ycombinator.com/item?id=8223036


Darn. I hope that's just a default that can be configured otherwise this is useless to me.


I've wanted a replacement for CoreForce for quite some time:

http://corelabs.coresecurity.com/index.php?module=Wiki&actio...

It was a piece of security software modeled after OpenBSD's pf firewall which let you define policies around network, file, and registry access for applications. You were able to setup really fine-grained policies as well, for example to only allow access to the C:\temp directory for list and read access, but to deny delete access, and to ask the user to accept/reject if it tries to open a file for writing.

So instead of monitoring access after the fact, CoreForce let you actively grant permissions and would either silently deny or interactively prompt you when an application went outside the resources you granted.


Wow. Presentation is everything. You nailed it.

Downloaded it just to see if those screenshots were real. Keeping it because its awesome!


Thank you!


How do I know this isn't a trojan? :P


Feel free to check it out in a virtual machine if you're worried, or upload to VirusTotal.com.


How does VirusTotal.com know this isn't a trojan?


I don't think that's even possible. The best you could do is analyze a program and see if it does things that are "suspicious". Otherwise it's just going to match known binaries/strings.

It'd take an amazingly complicated scanner to detect if GlassWire was, for instance, capturing your DNS requests and sending them somewhere. Or allowing updates to get loaded into its process space. I'd guess you'd need a nearly general AI to determine if any program is malicious.


That was actually the point I was hoping to make, but it can be hard to convey whether a question is meant seriously or not.



I work in IT and I just installed this on one of our servers. This is just the kind of thing I needed.


Thanks. Remote monitoring setup instructions are here https://www.glasswire.com/userguide/#Remote_Monitoring.


Not to be a downer, but I don't see how this is any better than a real firewall like Comodo.

If you cannot block new connections, it is likely the valuable information on your computer has been siphoned off, or glasswire bypassed before you noticed it on those fancy but useless graphs.


It is also about unexpected outgoing connections. This is mostly what I use little snitch for.

And yes, I check each one that pops up and don't put an approved one in permanently unless I know what it is.


Beautiful!

Could you make it so when the graph rescales, it just doesn't snap into place, but gradually (say, animate over a half second) resizes?

EDIT: If I have GlassWire on my second monitor, and click "+ 2 more" to see what else is going on, the pop-up opens on my first monitor.


Impressive software. Simple (looking, and to use) and beautiful; but with plenty of technical depth/value. I've been running it on my machine all day, and plan to roll it out to others in my local network.

I'm definitely curious to see what the paid features will be...


Thanks! If you find any problems please contact us or post in our forum.


Shamelessly bikeshedding, since I can't use the app until you have an OS X version, but would be nice if it could query my router via SNMP to get whole-network usage.

That's what I currently do via NetUse, but this looks quite a bit better.


Sounds like that could be a good feature for the Pro version of his/her software.


+1 on this, it's tricky to find a good SNMP monitor with the right MIBs for ADSL modems. (I hate SNMP, I once had a router I could crash with snmpbulkwalk)


I don't have Windows so can't evaluate, but this looks quite nice. Good job!


Looks awesome. Little Snitch is one of the things I miss most from my Mac days and this looks like it will feel that hole nicely.

e: After trying it, yep, this is excellent. And far too good to be free. I almost feel guilty using it.


Thanks!


Great app! Serious question: why hasn't something like this become a standard app if not OS feature? It is something I have always wanted. Want something similar for Android phone too.


This is excellent - I was looking for similar functionality just recently in the Windows networking system. I look forward to seeing what the paid features are!

Here's my minor feature request (I'm sure you'll get a hundred or so today) - how about a config setting to turn on an automatic virus scan of the executable on first network activity? I imagine this would not be enabled by default for performance reasons, but I'd like to run it this way for a few days before reverting to default settings.


ejp, you can manually do a virus scan of an exe on first network activity. Click the desktop alert then mouse over the file name and click "virus scan". This uses your own antiviruse software, not ours. Therefore if your antivirus is not up to date your scan won't be. We also thought about adding a virustotal.com upload there. Maybe we will add this as an option that's turned off by default. I worried that some users may complain about too much CPU usage. Thanks for the feedback/compliment!


I gotta ask, why not open source? i feel slightly paranoid - too.


Does anyone else remember sygate?

That used to do almost exactly the same as glasswire is advertising, 10 years ago. It died in 2005 when symantec acquired the company and killed the product.


I wonder if the OP should set up UserVoice or similar for feature requests/voting.

My wishes:

* A pay-once Pro version

* A plugin API so I can add my ISPs usage monitor

* Per-app bandwidth limiting (difficult on Windows I think)


Good idea! How could we plugin with your ISP exactly? Any ideas that would work for a majority of people? We're still investigating that idea.


Doing this generically is a hard thing. I'd say pull apart http://netusage.iau5.com/ and see how that works. I feel like ISP usage APIs are mainly an Australian thing (and some of those will work via screen scraping).

Supporting Telstra, TPG, Internode and iiNet would get you a large number of Australians, but I have no idea how you'd do the same for Comcast or Time Warner Cable.

Contact details are in my profile and I'm happy to be a guinea pig for this kind of thing.

Edit: This looks pretty good, actually - http://netusage.iau5.com/ispjs.html


Great application, please create one that can be run on Linux and Windows machines as a service and monitoried using such a beautiful client software.


Check this out https://www.glasswire.com/userguide/#Remote_Monitoring. We're considering Linux monitoring also.


Thanks! I am looking forward to the Linux monitoring.


This looks really nice. One thing I'd like is that it would show the current download and upload speed when hovering over the tray icon.


We're working on something like that.


Another request from me for a Linux version!

--- maybe related... I remember when switched to linux some years ago, the software I really missed was ZoneAlarm and still haven't find a nice alternative (for fast and easy control of the outbount(!)/inbound net trafic). I liked that I could block and unblock the internet access of each application from the systray icon. Any suggestions?


try ufw https://help.ubuntu.com/community/UFW pretty straight forward


What I would like to have: 1. a notification in real time: "Application FooApp tries to access internet (ip, port, etc)" and options like "Allow Now | Allow Today | Allow Always | Never Allow" (in the gui...) So I will get informed that an application is starting to send data.. and I could block it.

I think it's much easier to set the filters and k control list for the applications while you are using the pc rather than setting them up all at once.

2. "Internet & Bandwidth Usage Monitoring" similar to the Glasswire screenshots. (Stats, Application List that access the internet, hosts, etc) and feature to block with a click some of these (apps,ports,hosts) or all

do I ask a lot? :)


Looks beautiful. I love its simplicity as well. Can you give a quick breakdown of what was used to develop this? Looks like Qt was used.


It could very well be WPF using XAML


Does anyone know how to remove the red notification numbers from the icon? I hate these things drawing attention in my taskbar


I thought people would want to remove the desktop notifications, but not the numbers on the icon. We may need to rethink the settings.


Site is getting hammered right now, but everything looks awesome. Are there any settings for VPNs? Does it work with VPNs?


You can use your VPN with GlassWire and it works OK but we haven't tested in detail. I used GlassWire with my own VPN and I didn't see any obvious problems so far.


I just tested GlassWire with OpenVPN on Windows 7 64-bit. I get an instant bluescreen as soon as the GlassWire driver is installed and started and OpenVPN is connected. The order doesn't matter, as soon as both applications are active, boom. Please investigate. I had to manually remove the driver, because the bluescreen occurred during installation and corrupted the deinstallation routine.


Awesome thanks, I'll have to check this out tonight! Just a feature that I'm thinking of right now that would be nice is if it alerted you that your VPN dropped or was disconnected.


Yep, I second that feature request. My OpenVPN connection with redirect-gateway enabled sometimes looses its route definitions and suddenly all my traffic goes directly to the internet instead.


I wish there was something like this for my wifi router (or in the Tomato Firmware) because that way if there is a malware in the phone, or my laptop I can immediately know about it without installing this on each device.

Also I hope it has list of known malware hosts for which it should give a huge red alert dialog if a connection is made to it.


I agree. I wonder what the best way would be for GlassWire to tap into the majority of routers? If you have some ideas please let me know. We're still investigating.


I use Networx( http://www.softperfect.com/products/networx/manual/?lang=Eng...) , they have SNMP & UPnP for monitoring routers. No idea how they actually do it, I'm afraid.


Really good looking software. Very rare. But...

Isn't the best "trojan" horse that one, that comes as a security programm?

I'm always afraid, that software programs that aren't open-source steal sensitive data from my computer and upload it to the web. I experienced, how easy that is and no user ever knows, especially on MS Windows.


Stunning landing page! You get the message instantly and it got me curious enough to want to boot my windows box to try it out.

Great job.


Thank you! The team spent a lot of time on the graph and we wanted to show that to the user before they downloaded.


This is really pretty, but I don't use anything in this vein except for Spybot Search and Destroy. I wonder what other HNers are think about that: am I asking for trouble? I haven't had any problems in years. I'm a Windows user, and I run SS&D every month or so (I don't run the resident process).


YMMV, but not downloading every fool thing that comes my way has been a very reliable way to keep my Windows machines free from infection.


You want to add EMET to your setup to shield (to a degree) against zero-days - http://microsoft.com/emet


This looks brilliant and is badly needed on Windows. However the fact that it's free gives me pause, especially since we're talking about privacy software that is not open source.

What usually happens with freeware like this is that it becomes adware or dies. I think you have enough features to charge for it now.


Thank you! The bottom of our index page explains that we plan to make a paid version with more features in the future. We're working on a list of paid features. I don't think it would be appropriate for a privacy type application to include adware so please don't worry about that.


As long as you keep the main functionality free - because more people need to be using this sort of app, and I feel having to pay would be a pretty significant obstacle.


This is great app. However, I am facing an issue.

I am not able to connect to a remote server. I don't know why! This is what I am doing: 1- Allowing server access in Server tab in Settings on one computer. 2- Trying to connect from another machine using the credentials.

I am not able to connect. Does anyone else face the same issue?


We plan to add more detailed instructions on the user guide this week. Sorry for the problem.


something like this for linux?


Looks very nice, though as with any security software it would be lots better if it was open source.


I haven't installed the app, so I don't know if this is part of some alert functionality, but why are there Twitter and Facebook API links in the code? https://i.imgur.com/QPIYUfQ.png


You can post your graph to Facebook or Twitter if you want to (completely optional). Check out the hashtag #GlassWire on Twitter. Some people have already posted some graphs. We have no relationship with Facebook or Twitter.


I just installed this on a Surface Pro 3. First off great app, but just wanted to give you a heads up: The icons in the taskbar and notification area are blurry due to a HDPI screen. A good portion of the interface is cut off or broken likely due to scaling issues.


Thanks for the heads up. We'll pick up a Surface and fix this.


No need to pick up a surface; just adjusting the display settings in Windows 8.1 should be enough to simulate the problems. Increase the DPI, etc.


It doesn't seem to do what it says. According to it, Outlook initiated it's first Network connectivity just now. A point in time where I had already sent and received mails for some hours.

At least it so much better looking than other windows apps…


If you check the final installation window it warns you that you should reboot to catch all ongoing connections, but we plan to improve this in the future so a reboot isn't necessary. We didn't want to force users to reboot because I think that would suck.


My mistake, but you should at least make that information more visible. Unless there is a yellow or red sign, or some box to check the readme I do not assume installers will tell me about important things in the post-install window.


While this is great for certain types of attacks, I wouldn't be surprised if the really smart attacks try to fly under the radar, by distributing traffic and activity. Does this app somehow help detect that?


See my problem is that I am already paranoid... How do I know glasswire does not provide access to my machine to its developers?

My point being it's a closed source project by using it you implicitly trust its developers.


Looks like a nice implementation of a good solution to a real problem. Kudos.


Thank you!


Minor nit, not everyone has their notification area at the bottom right of the display (I use a vertical taskbar on the left). It'd be neat if the notifications showed up near the notification area.


I never thought of that. We'll see how we can move the notifications so they are near the GlassWire icon.


really love the color scheme and design on your website. sorry I don't have any more relevant feedback to add. I deal with colors, UX and UI all day long and this was refreshingly lovely.


This has been an application idea I've been wanting to build for a long time, but not having much networking know-how when it comes to these things, I put it on a to-do list.


Really nice looking page. I'd love to get an OSX version...



We're working on a Mac version. Also I agree Little Snitch is cool. We concentrate more on visualizing network activity and we have a "network time machine" feature our UI allows you to go back and forth in time. Also I don't like how Little Snitch always pops up those alerts. I wanted the user to see the alerts but not have to always "OK" every little network activity. I felt like users tend to just press "OK" all the time anyway...


I like your graphing a lot definitely!

LS has a similar network activity visualization. You can of course drill down by process and such: http://i.imgur.com/ZQX0XEa.png

As a power user, I like alerts for all unclassified network activity on my machine. No affiliation with obdev, just a fan of LS.


Downloaded it, love the idea and UI. My only niggle about the app now is that it could use better support for hidpi (the text is a bit jumbled). Other than that, great work!


Please post a screenshot to our forum with details or email us and we'll fix it.


I'll definitely try this app out. Also, love the title!

Getting hacked? Make an app! Feeling paranoid? Make an app! House getting repossessed? Make an app! Hangover? Make an app!


This is awesome. I would be happy to pay for your upcoming "pro" version. Do you already have an in-app mechanism that will warn me when this is available?


Unless you make GlassWire block itself via its own firewall manager then you will be alerted to software updates.


Any reason why WhoIs data on glasswire.com is concealed?



Isn't that standard practice? (genuine question)


I did a corporate search and tracked the owner: ANTON BONDAR. Also affiliated with ManyCam.


Why does it only pop up internet explorer icon in the alert? Is it possible to show an icon of what application is initiating the connection instead?


It should show the app that connected, not just IE. Is it only showing IE for you over and over? If so it must be a bug. Please report it to our contact page.


Is there a way to enable e-mail notifications ?


Love this. The installed app looks just as good as the screenshots.

One question, what does "powered by Symantec" mean?

Is this just a sexy UI on top of a Symantec engine?


I think its just for domain ssl certificate - http://www.symantec.com/ssl-certificates


Ahhh....ok.

Thanks!


greenwalls, thank you for a lovely looking product. It is definitely a keeper even this early in development. I'm looking forward to seeing it grow.

I've encountered an issue with the Anti-Virus scan function. I'm using Symantec Endpoint Protection (SEP) and the SEP logs indicate that GlassWire does not perform any scans what so ever. A response to this would be greatly appreciated!


I believe that the hosts history should not be visible by default. It also shows hosts while browsing in private mode.

Maybe only visible with an UAC auth.


Thanks for the feedback. You can go into the settings and clear your history also.


What are the good tools to monitor network traffic that run on Linux? Probably, there are better open-source alternatives to this?


A person who failed to keep his computer safe wrote software to protect others? Sorry if I don't feel incredibly safe.


Reminds me of BlackIce back in the day... awesome tool this Glasswire. This is what I wanted for everyday network paranoia.


Installed it under Windows 8.1, got several BSOD and restarts. Looks awesome, but it made my system highly unstable.


beautiful design!

other than that am gonna say what everyone ELSE is thinking, Security + Microsoft, give me(us) a break, last time i checked the word security does NOT exist in Windows

am surprised how THIS made it to the top of HN, probably has something to do with those users who were defending IE's developer tools ;)


This is such a nicely made app, Thank you!!


considering you are also monitoring physical changes to the box (network interface changes for example), would it be within scope to monitor workstation locking/unlocking and hibernation? same question with removal/addition of plug-and-play devices (HDDs for example)


Instead of monitoring locking/unlocking we monitored idle time instead. You'll notice the graph turns shaded when your computer is idle so if you see some strange spikes you can go back in time on the graph and investigate.


on the alerts page, it tells me that 2 alerts occurred, but it doesn't allow me to view those alerts?

that should probably be fixed, not much point in a idle mode if it just makes things more difficult to investigate

edit: also currently using 1.3GB of memory. what.


Beautiful, would be nice if it had an option to open the folder where the listed apps are located.


Never mind, it already shows the apps folder, just click on the apps icon.


@developers: I wonder what your business model behind this product looks like. Please elaborate!


This is really well done - congrats.

How are you planning to monetize - Will there be a "Pro" version ?


very great stuff, nicely packaged and presented. jealous it's only for windows.


Thank you. We wanted to see what the reaction would be before considering a Mac version.


Any plans for a plugin API? I'd love to add my ISPs usage monitor to this.


How would the plugin work?


Sorry for double posting, I've gone into more detail in another reply to you.


Beautiful app. Almost (but not quite) regret jettisoning the Windows ecosystem.


What about AUTO-UPDATE ?


what is the charting library that is used for time-series data?.


little bug: ireland flag is wrong, you used the flag of italy.


Does it use a kernel driver? and how does handle rootkits ?


Ok, I need to know. how you made such a beautiful app?


oh wow it's so shiny. Seriously people are downloading this and it's not open source, maybe they should blog about it on medium.


You sound a lot like Linus Torvalds. :-)


The software and graphs look amazing. I started Windows after a long time just to try it out. I hope you will launch the linux equivalent soon.


What are you using for forum software?



What graphing components do you use?


All OSes should have this built in.


This is so gorgeous.


Thumbs up! Really.


Wow, this app is the most beautiful app for Windows ever made.


"GlassWire is not compatible with this Operating System."

XP x64


It is a 13 year old OS.


The best one since Win2k.


Thank you.


Nice app. Please test it with the Windows classic theme (Windows 7/2008 R2), the "Glasswire" button is a bit glitchy.

What's the overhead of Glasswire? For me it's 2-6% CPU (of my many core systems).

What does the gwdrv.sys kernel driver do exactly? Hook into the TCPIP.sys kernel driver?

Is the "Glasswire control service" an app update service? Blocking it in the "Firewall" tab has no negative side effect so far.


Thank you. We will test with that theme, thanks for the details. My CPU is nowhere close to 2% when GlassWire is minimized and I have an older PC with 8.1. Please send details if you have time via email or our forum. GlassWire checks for software updates. If you block GlassWire from accessing the network then you won't hear about new versions.


Any chance of a write up of the design process and UI frameworks used?


What about rootkits that can falsify the data that the app sees? It would be good to have something similar that plugs directly into the router logs.


The only true network data is via some kind of tap on the actual wire. We're considering adding a plug-in so you can do that but there are so many awesome tools out there for that already I'm not sure if we should. GlassWire is for everyday users to understand what's going on with their computer. There will always be ways to bypass the OS but I think GlassWire will still help in many situations.


Cool app, but if you're the kind of person who gets hacked, why should we trust your sec?


He/she likely didn't get hacked. It's just a narrative created to get clicks. Basically a lie. Marketing.


What kind of person doesn't get hacked?


One that doesn't use x86, iOS, or Android?


valid question. and nothing against the app but i kinda don't trust security app developed by single person. maybe just me.


well done. but useless for the intended purpose.

most malwares will rip thru this like butter.

i would only trust something like this running out of the box believed to be compromised. in the router for example.


The only true way to fully monitor the network is by tapping the actual wire. We started off wanting to make a malware tool but we found it was not reasonable so we tried to add more network monitoring and privacy features. The GlassWire software does look for malicious hosts and other changes to the system that could indicate malware but of course without directly monitoring the wire there is no way to see everything your machine is doing on the network. GlassWire works with your antivirus and is not meant to be an antivirus.


impressive!


Oh, wow! Amazing! Puts "Little Snitch" on Mac to shame!


This is cool - looks more appealing than little snitch - needs a mac version :P




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: