VoodooShield/Cyberlock

That's why I was checking, because VS itself will simply block malware from running if it's not whitelisted. So I suppose you tested VoodooAI, and it correctly classified all of your samples as malware, without the use of signatures. If so, that's quite a good result.

Yes exactly, I was trying to explain that the local sandbox is not that advanced at the moment, so it can't be compared to SBIE. So my advice would be to combine VS with Sandboxie.

Good one, but the reason is that I don't want to stress my SSD, so that's why I haven't installed VirtualBox or VMware. But again, you don't have to be using apps in order to give advice and/or understand their inner workings.

 

I can understand his way of thinking, it's basically what I said in one of my posts, see link. Too many companies stay vague about the way AI actually works, and in some cases they are acting like they have reinvented the wheel. I'm also still waiting on a consumer version of Cylance Protect, they are getting pretty good results, so they must be doing something right.

https://www.wilderssecurity.com/threads/voodooshield.313706/page-549#post-2643744

 

You can actually purchase Cylance at malwaremanaged.com

Speaking of which, here is a Cylance, Sophos and VoodooShield test, ransomware edition .

https://youtu.be/TuvZO9E3W2A

(I apologize moderators... for some reason it will not let me unlink it.)

 

Regarding the above test, I'll be boring and stick with Smart mode.

 

@VoodooShield

Dan, I did not expect Sophos to out perform Cylance. Did you use Sophos Home?

Regards Kees

 

If you watched the video you would see the Sophos Home notification.

 

I agree with you, Dan!

I always say that AI does exist now, but exists as a low-level AI, instead of high-level AI (or true AI).

When others say, including Eugene Kaspersky, that AI does not exist (yet), I presume that they mean the high-level AI, which I agree that it doesn't yet exist. They are probably referring to AI that is found in the TV Series Westworld, or Humans, or Matrix.

Personally, I would even consider an electronic calculator to be an AI (low-level AI). Just imagine a small machine being able to calculate complex mathematical formula in less than a fraction of a second!

 

BTW, I totally agree! If their technology is as good as they say it is, then they have nothing to hide, right? . Hackers know how their technology works, so that cannot be used an excuse .

 

Hehehe, yeah, me too! The odds of something slipping by when VS is on AutoPilot are extremely small, but there is no sense in taking the chance . But AutoPilot is great if you have a really great traditional AV running with VS as well.

 

Yeah, Sophos did really well, it has always been a great product, but it looks like it just keeps getting better and better. Yeah, it was Home, I do not have access to their endpoint protection, but I am sure the results would have been about the same.

 

I think this is payback for Kees poking fun at Rasheed .

 

Yes deserved that , now going out for a run (it is snowing light).

 

Yeah, totally... just imagine what everyone thought in 1952 when the Univac predicted the election MUCH more accurately than the pollsters... This will probably go down in history as the dawn of the artificial intelligence age.

https://www.wired.com/2010/11/1104cbs-tv-univac-election/

It is going to be a very, very long time before we see a machine that is capable of artificial general intelligence... probably at least 40-50 years. Especially considering that the demand for data scientist recently experienced a major decline. And also consider this from Mr. Kaspersky's article... "Silicon Valley has faced false starts with A.I. before. During the 1980s, an earlier generation of entrepreneurs also believed that artificial intelligence was the wave of the future, leading to a flurry of start-ups. Their products offered little business value at the time, and so the commercial enthusiasm ended in disappointment, leading to a period now referred to as the ‘A.I. Winter.’"

And actually, I was with a buddy of mine at lunch the other day and we were talking about how the new i7 Kaby Lake processors did not offer hardly any noticeable performance gains over Skylake... I believe this is the first time this has happened. We were also talking about how there has not been hardly any killer new technology for the last couple of years. I mean, look at the whole wearables thing... I am incredibly happy that did not work out . Then if you look at the products / ideas on the crowdfunding sites, there is hardly every anything that is truly new.

So it kinda looks like technological progress is stalling, although I am sure there are certain sectors (like maybe the medical field) that continue to develop at a fast pace. I would love to hear your guys thoughts on this... like what is the coolest new, unexpected technology from the last 2 years?

 

Q1: any cautions, particulars with regard to Enter Exit Shadow Mode + VoodooShield.

Q2: does VoodooShield do voodoo during machine start.

Thanks

 

"Voodoo Ai is not yet available for this file type" - Doesn't make sense, to me.

 

Likewise.

 

I heard it scans DLLS as well but could be wrong again.

edit: I am not sure if you are talking about VT scans or Voodoo's Pete.

VS it self blocks against much more then exe's as far as I know.
the AI scans go through 55 VT engines as far as I know to determine if they are safe.

 

Ai Scans separately from the VT 56 engine scan. Ai scans don't "go through" VT engines.

 

Yeah, currently VoodooAi (and all of the “Next Gen” Ai solutions) only analyze files that are Portable Executables (exe and dll), and currently do not scan scripts, or basically files that rely on interpreters.

There are a few reasons for this… mainly because the Portable Executable format contains hundreds of features that can be extracted for analysis, whereas scripts do not. We can actually extract the text from scripts, but these features would be similar to hand writing character recognition (for example), and not something absolute and binary like whether DEP or ASLR was enabled in a portable executable file. Also, there are not nearly as many scripts as there are executables, so collecting enough samples for a representative data set will be difficult.

Scripts are scanned with VS’s blacklist and should scan all of these file types... if you guys find a file type it does not scan, please let me know!

The other Ai solutions typically simply blacklist scripts altogether and any good script can be manually whitelisted in the web console.

Obviously, there should not be that many “good” scripts that people need to allow… whereas we all know that a lot of ransomware begin as scripts. This is why VS will only allow scripts that are absolutely known to be safe, or possible from whitelisted parent processes, etc. But if it is an unknown script, it needs to be blocked… especially if the computer is at risk .

 

Not sure about this one . Someone more familiar with SD will be able to answer this though.

 

Okay, question not related to Shadow Defender.
Q: does VoodooShield do any voodoo during machine start.
Or, does voodoo start at desktop?
Thanks

 

Sorry, I missed that one... VS starts with a HKEY_LOCAL_MACHINE registry entry, so basically it is a machine start.

 

Sorry, I meant does VoodooShield protection start at machine start. Meaning, might VoodooShield User Prompt ever stop/interrupt machine start (best as I can explain).