@bytebot
Mitsukeru coded update
Since yesterday's beta 2 to investors, LinkSentinel got:
- OAuth Redirect Monitor that warns users if the flow redirects to suspicious/malicious domains before authorising access
- clipboard address swap guard (unlike the macOS standalone piece, this sits in-browser) and just focuses on text being copied and text visible on screen. You should use this in conjunction with Clipboard Address Guard. It also looks at ENS/SOL (bonfida/SNS) homographs, basically warning if an ENS/SOL name contains lookalike characters (Cyrillic/Greek) intended to deceive.
LERG - which is not in beta yet, has features that look like this now:
1. Stops Ransomware Before Encryption
- Canary tripwires (honey pot files that trigger on access)
- Header decapitation detection (detects file corruption patterns)
- Mass mutation monitoring (blocks rapid file encryption patterns)
2. Prevents Data Exfiltration
- Network containment via NEFilterDataProvider
- Blocks malicious C2 communication
- Kill switch isolates all network traffic during attacks
3. Hardens Against Malicious Installers
- Recognises trusted patterns (Homebrew, Rust, NVM, PyEnv, etc.)
- Static script analysis with risk scoring
- Installer domain restricts capabilities (no persistence, no new file execution)
4. Zero Trust Architecture
- Biometric authentication required for High/Critical overrides
- SEP-signed audit logs (tamper-proof)
- CredentialGuard blocks unauthorised access to cookies, keychains, SSH keys
1 reply
5 recasts
10 reactions