I really like Hardened Mode because of it’s protective potential, but sometimes it gets annoying when otherwise trusted apps get updated. For example games in Steam that are in Early Access and they get updates more often than regular games.

Would it be possible to add third Hardened Mode option named “Trusted Aggressive” that would operate the same as current “Aggressive” mode, just with added trusted parent, unverified child relationship? For example, if Steam app (Trusted) launches a newly updated game (Unverified yet), it should automatically treat that app as trusted since Trusted app is launching it.

This should GREATLY decrease the number of unwanted app blockings because they were updated and avast! doesn’t have the record for it yet.

I’m also aware that this could potentially be exploited from outside via app injections. I’d be willing to take that risk within this separate additional mode. Or even better, would it be possible to detect such external injections and still block them while not blocking things that are actually executed by a trusted parent itself?

Would love to hear an opinion from avast! team about this, so it could maybe be pushed out as a feature for new major avast!+AVG product in early 2017 as was mentioned recently.

It would also help with some of the files in Windows updates that are currently being detected since they are “new”.

Yeah, if they only include selected things like Valve’s Steam, EA Origin, GOG Galaxy, Windows Updates, that would already resolve huge number of unnecessary blocking.

I think this is a good idea

But Avast should only decide what can be included.
And from that list from Avast, the user should have a choice of what he wants to be included.

Greetz, Red.

If you give the user a choice, you’re also broadcasting it to the bad guys.

Like I said : The choice should be limited by Avast !

But maybe I ONLY want to include Windows Updates, and NOT Valve’s Steam, EA Origin and GOG Galaxy

Greetz, Red.

Certainly, Hardened Mode should get it’s own settings section with more options for users to configure it. It’s a powerful component that with some extra extended settings could become even more widely used than just for clueless users and grandmothers/grandfathers…

I get the point, but the problem I see is that programs like Explorer.exe (or browsers, popular file managers, …) are also trusted… so this trust inheritance would basically allow anybody to run anything.

That’s why it could be selective. Or exclusive. For example, you can make it a global thing, but exclude Explorer.exe from such parent-child trust behavior. Or simply only include things like mentioned above, Steam, Origin, GOG Galaxy, Windows Update components and nothing else.

Bad idea.
If by default inheritance is disabled, there will be a lot of users who will allow things because they have no clue about security and/or what they are doing.
Kinda like the story about the many locks on the back door and leaving windows and other door wide open.

You don’t understand it Eddy. No one said Parent-Child trust should be unconditional. I’m very much aware of that. But users not giving the flexibility is the same as them just turning Hardened Mode off or demanding whoever admins their system to turn it off. Or do you want a Hardened mode that is virtually as secure but 10 times more flexible and user friendly?

Give user the choice to lower security and they will do so.
What’s the point of offering them security ?

And what’s the point of security that is more of an annoyance than a helpful thing. What have you achieved then? Nothing.