VoodooShield/Cyberlock

any progress to report

 

LOL....yeah I'll tell Lenovo to install VS then install their OEM malware

 

as you're the VIP ~ please explain

 

No, VS will not protect you in that case.
Remove adware...it's easy...just uninstall it....

 

Exactly!

 

https://voodooshield.com/ Read VS's Home Page!



or Adware.

 

I did a lot of web searches without finding what I was looking for. I have not chatted with any exploit experts about it yet. I've been really busy.

 

I'm new to VoodooShield and so far its working great. Can you add PDF XChange Viewer to default webapp list ? Its one of the most commonly used PDF reader.

 

Dan,

While I am not about to dispute the effectiveness of VS, I do have one thing that annoys me - from your FAQ;

Is it difficult to train VoodooShield which programs to allow? How long does it take?
Training VoodooShield is much easier and quicker than you would think. On average, it takes around a total of 10 minutes to train VoodooShield. Once VoodooShield is trained, you never have to worry about annoying antivirus pop ups and scans again.

What does annoy me is that I DO need to worry about annoying pop ups and balloon messages from VS if and when a program tries to update in the background, for example Adobe Flash Player. I don't know if there is an answer to this issue as I believe VS is working as designed, but I feel that the more input I have to make it defeats the purpose of VS. Perhaps I was wrong and VS is not for everyone. If an inexperienced user has to keep allowing programs then how do they know if any program is safe to allow, and what would stop them allowing anything and everything? Maybe VS really is only for those with more advanced computer skills?

Just my thoughts, Dan. Again, I don't really see an answer.

Cheers,
Dave

PS: Perhaps the System Requirements should also mention the need for C++ 2010 runtime?

 

Cool, thank you, I will do that next time!

 

Cool, thank you. Now that we have everything worked out and the web server is running normal, we should be good to go, but if not, please let me know! The web server actually crashed today, it was something with the hardware. Anyway, it is fixed now!

 

Very cool, thank you for letting me know! I tried several of the exploits and could not get anything to bypass VS. But the same guy did find a way to run a targeted attack against VS, and it did bypass it. But it was an easy fix and will be included in the next release. I would release it now, but I am certain that VS is not on any hackers radar yet, and it is a targeted attack, so it is not a concern at this point. Hopefully it will be a concern in a few months . I will release that version soon with the fix, but I want to make sure this guy cannot find any other security holes, and I will include any fixes to security holes that he finds. I have always thought that there had to be a way to bypass VS, I just could not figure it out.

 

Cool, we will do this then, thank you!

 

Command lines do special things with processes, and software developers do special things with them to get their software to do what they want it to do. For example, when you start the Mouse control panel app, the command line looks like this: "c:\windows\system32\rundll32.exe"" c:\windows\system32\shell32.dll,control_rundll c:\windows\system32\main.cpl

rundll32 is the process, and everything else you see are special instructions to tell rundll32 what to do. The problem is, hackers use command lines as well to run certain things to try to get their malware to execute.

VS cannot just automatically allow all rundll32 executions, because hackers use this A LOT to trigger their payload. So basically, VS has hardwired all of the most common safe command lines and they are allowed automatically. If you have some special software that utilizes a command line, then it has to be "whitelisted", and VS will allow rundll32 only if the command line is hardwired or whitelisted by the user.

I hope this helps, if not, please let me know! Thank you!

 

Sorry about that, we were upgrading the web server, but everything should be good to go now! Thank you!

 

Hehehe, yeah, I did. Man, you are too quick for me sometimes . Thank you TH!

 

Hehehe, thank you, I appreciate that. I am close to running out of ideas though .

 

Yeah, exactly, since a lot of times installers have to do admin type stuff, it probably is not a good idea to run them sandboxed, so I just hide the button when VS detects an installer. Thank you!

 

Cool, thank you! Maybe, I will add some more web apps in the next few months and we will make a list on wilders of what to add. Thank you!

 

Yeah, I see what you are saying, but my point is that the user is no longer forced to reply to an affirmative prompt before they can continue using their computer... for example, the way UAC bothers the user. Since VS uses deny by default, the user is not forced to make that decision.

Over the last 3+ years, 80% of my local clients have ran VS. Some users are extreme novices and some are semi advanced. What I can tell you, on no uncertain terms, is that they all learn how to use VS extremely quickly, and they simply do not get viruses anymore. I think what happens with the extreme novice users is that they just ignore the deny by default balloons, but if VS blocks something they really want to run, they figure it out in a few minutes... and THEN they understand quickly how it works. The more advanced users seem to understand how VS works even quicker, although it seems that it sometimes takes them a while to truly understand the concept. And once they figure out what VS is all about, they realize that it is actually very simple, and they were over thinking it all along.

But, locking a computer while making it user friendly is a tough proposition. So VS is not absolutely perfect, and I am going to continue to refine the user experience, and hopefully one day we will have the perfect user-friendly computer lock. But for now, the alternative technologies like UAC displays an affirmative user prompt and forces them to make a decision right then and there. And usually the user will click yes or allow. So while VS is not absolutely perfect yet, it is certainly better than the alternative, in my opinion. Thank you!

 

Hmmm, that is odd. I replied to your email, please let me know if it continues to be a problem. Thank you!

 

Yeah, I really would leave the auto allow program files option enabled for a day or two at least. Thank you!

 

Thank you CET!

 

Yeah, we could do that! Let's think about it and decide at some point.

 

VS is a vaccine, not medicine. But look how well the medicine is doing . If preexisting malware is a concern, then scan your system with several different traditional antivirus and antimalware solutions, then reset VS's whitelist and you are good to go! Thank you!