VoodooShield/Cyberlock

Thanks Gillor!

 

After using this a bit more, I think I was maybe a bit harsh with how easy it is to use. I just needed to get my head around it a bit more. I think for anyone barely tech savvy this will be very very easy for them to use. Of course for those that are computer phobic or that have other issues, it will be too difficult. But then again, ALL AV/AM is too difficult for them. I just got a few new licenses for WSA and you won't believe the difficulty I am having getting my family to just put in the new serial number so it keeps them up to date. They aren't stupid people, but they hate computers with a vengeance. They love to check their facebook and love to play a bit of scrabble, but that is it. Anyway, these people don't count. I'll probably put the free version of VS on their computer for them, but then again, maybe I won't, as they see any kind of pop up as a potential threat. They get flustered and go into a meltdown. Clicking the first thing that comes to hand. These people just aren't representative of those that can get the most out of VS, but I just thought I'd mention that they exist.


I've been using VS on a new win7 build and it's probably not the best time to have an AM on there. Lots of popups. I disable it most of the time. It causes problems with microsoft installers after updating, which, obviously it would do. But I have to say, just disabling it or even putting it into training mode does the job. I was tempted to uninstall it, but I thought that keeping it on the system when there are loads of new updates and installer being added would give me a feel for it for later. I now feel pretty confident to use it later on when things are quieter and settled down. If it ask me or blocks something then, I can be sure the thing needs my attention.

Everything is a few clicks away with this program. It makes use of the left and right click paradigms so nothing is wasted with the interface. Coming from Opera and mouse gestures, this is a good sign. Once you have experienced mouse gestures in Opera it is hard to go back and every program that doesn't employ it is a frustration. That thing at the end of your finger tips, and those two or three fingers you use to control it, hold mighty power. Very few have ever even begun to skim the surface of what this combination is capable of. Sorry if OT and all that, still, it's nice to see this implemented to an extent in VS. It shows intelligent design.


I've had a few bsod's with my new install of win7, but I'm pleased to say after installing even more updates (200) that the thing seems pretty solid now. I just installed my new license for WSA and everything is working peachy. I get a few alerts from Winpatrol Plus, which is all well and good.

I don't know what more to say. Having this program on your computer while you are building up your OS is a real test. I am also installing lots of audio apps too. So of course it will be a click fest. I just thought this would be a good opportunity to run this program through its paces and see what it is made of. No blips, nothing bad to report. And boy is it a lot better than that damned annoying UAC stuff. I'd rather spend the few clicks here than going through that every time. Nearly all audio software like Digital Audio Workstations (DAW) expect you to not be using this, in fact they tell you to switch it off. And that is not even counting the amount of plugins (VST) that also expect you to not be running this.

This is why I see a bright future for this app. Giving security to those that have no security - remember, 99 percent of all musicians and songwriters and producers and engineers, run in FULL admin mode. And the vast majority of those also connect to the net at the same time. They will call you paranoid for using more than one AV/AM though. Ok, this is a small sector of the total computer market. But it was big enough for Apple to buy out Logic, to use the computer as a dongle effectively, and it was big enough for Apple to buy out Camel Audio, which has caused massive disruption in the field since it happened.

Anyway, this program is a really great solution. I'm not a typical user the way I am using it, but every now and again, I com across a ground breaking security product, and I take the time to learn it, in depth. I did this with Comodo, Winpatrol, Hitman Pro, Webroot and a few others. So far, I've not regretted any of the little time I have spent with this product (VS), I only see it as an investment for future use.


Thanks for the license btw, that was really kind of you. I just have to declare that here so everything is out in the open. This testimony was unsolicited, and the giving of the license to me was unsolicited. It's all just people working together, sometimes from different fields, and showing respect for what the other days.

 

Hey everyone, I am right in the middle of some pretty cool stuff, so I will catch up soon.

But I was hoping you guys could do me a huge favor. I have never been good at making screenshot videos that demonstrate how VS works and some of the cool things it does, like scanning, drag and drop, etc. If anyone would be interested in making a 2-5 minutes video to help explain how VS works and how it is different, I would really appreciate it! It can have dialogue or not, it really does not matter. If anyone would like to do this, that would be really cool! Thank you!

 

Dan,

My first error message from VS.



Thanks,
Krusty

 

If you have ProcessHacker2, click the services tab, scroll to Voodoo ShieldService and click start. Now you should be able to launch the application.

 

Thanks Norman.

I don't have that program but a restart solved my problem.

Cheers!

 

BTW, I am working out the last few bugs for VS 2.x and we will release it soon. Are there any other bugs I need to fix before we release it to the public? I noticed a small bug that displayed a plain grey box instead of the usual user prompt, but I think it is fixed now. Has anyone else seen this?

Also, I have been working on VS 3.0, which assuming everything goes right, will implement a KMD and Cuckoo Sandbox. I am really excited about the Cuckoo Sandbox feature... for anyone who is not familiar with Cuckoo, it is an automated malware analysis system. Basically, VS will perform the initial cloud based blacklist scan, and if the file is unknown, or if the user wants just for the heck of it, VS will upload the blocked file to a Cuckoo Sandbox server which will run the file in a VM and display (or email) an extremely detailed report and screenshots of what happened when the file was executed and any changes to the system.

Here are some samples... just click on any of the MD5 hash links to see what it will look like! https://malwr.com/analysis/

Thanks again for all of your help, talk to you guys soon!

 

Ok, cool, thank you, let me see what I can do. Yeah, WMP does not toggle with VS, but has built in protections, just like the other commonly exploited applications. Maybe it should toggle with VS as well, huh? What do you think? Thank you!

 

Very cool, thank you for letting me know! You too Baldrick!

 

Yeah, we definitely need to develop the CL features a little more. Yeah, anything you can send me would be a great help, thank you!

 

Very cool, thank you, I will check it out!

 

It looks like Gillor pointed you in the right direction, thank you Gillor! Please let me know if it does not make sense!

 

Yeah, I see what you mean. The thing about VS is that it really is a lot different from anything else, so most of the time people do not initially understand it (like maybe they are over thinking it or something). Then once they do understand VS, they are like "ohhh, I see, man, that is soooo simple." Thank you!

 

WOW

 

Hi Dan

Cool...that is great news...can hardly wait.

Regards, Baldrick

 

I get accused of over thinking things a lot actually. So you might be on to something there!

It really just needs a very quick tutorial to show how simple it really is. If I had the video skills I'd do it. But time is not on my side and I'm more into 3D rendering than video capture. Still, it would be easily done.

Anyway, it is very simple. Anyone serious about using and learning this tool wouldn't be put off I'm sure. I'm kind of a worst case scenario type of person to deal with. But not the worst there is.

I had to spend almost an hour on the phone to my folks to get them to reinstall the license for WSA. Somehow it got uninstalled from their machine. No idea how that happened. Anyway, dealing with someone that doesn't know what a task bar is... You can understand why I don't want to put this on their machine.

They aren't idiots. They oversaw and were responsible for multi-million pound defense deals in the middle east. It's just that they don't do this kind of thing every day.


I had WSA give a false positive (as it always does) for SEM. Synth Edit Modules. And another av/am did as well that escapes me. But VS just kept invisible in the background, I forgot it was there.

It's a very clever concept I have to say.

I'm still working with the free version for the moment and not the full version. I don't see why this couldn't become a part of any security conscious person's personal arsenal of defense in depth.

 

I don't know if I needed to, or if I even should of, but I had already added WMP to the Web Applications anyway.

That sounds awesome!

 

Incorporating a Cuckoo Sandbox would be a really innovative approach...

With such integration, VS would have no equal.

Best Regards,

HJLBX

PS - If VS is not going to block an exploit, why toggle on when WMP is launched? Afterall, VS' domain is the exploit payload - and not the exploit itself - correct?

 

I look forward to seeing the KMD version of VS.

 

Would you not want the payload from the exploit to be blocked? If VS does not toggle to on then the exploit will be able to cause much more harm to your machine. You will have a persistent threat on your hands then.

 

Run Always On.

 

When the payload is executed, VS will protect the system; there is no need to toggle on during the exploit download - only when a file is executed.

 

...and why can I not run Always On during exploit download

 

You can, but not absolutely necessary... as VS will block execution of any payload. If exploit has no payload, then VS doesn't cover that sort of thing...

 

I use VS "Always On" mode. My question regarding Windows Media Player was "Is that really necessary - since VS would block the execution of any WMP exploit payload."