VoodooShield/Cyberlock

Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.

  1. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,792
    Location:
    .
    Hi Dan,

    I found this contradiction:
    -----------------
    Dan's reply via pm:
     
  2. smokeyjoe

    smokeyjoe Registered Member

    Joined:
    Feb 17, 2007
    Posts:
    18
    LOL.. what's ironic, at least to me, is that he basically did just expose the company with the whole "Cons" paragraph.. but gotta appreciate honesty right?
     
  3. Problem with 'data' is that it often contains code also. Remember the exploit a few years ago which misused a tiny sniplet of code in the meta data of an image.

    Machine learning /Artificial intelligence with current state of technology wont stop these types of attacks. You need additional containment like blocking access to often misused dynamic code interpretators and vulnerable (shell) commands.

    These are the tricks most nextgen ML/AI use. VS also blocks WebPrograms calling other programs and blocks suspicious calls to often misused commands. No big deal, only marketing it that the nextgen catches all (like Cylance does), is misleading.

    Not all dev's are that honest about their product as Dan is, but that is also the reason I am positive about Dan and VS.

    The irony of the Cylance brand guy stepping in to protect brand reputation is that he basically confirms the cons the frustated employee of Cylance describes as SmokeyJoe above already mentioned.

    So in terms of brand management and employer branding a big blooper, not honesty With such friends in your branding team you don't need enemies. :argh:
     
    Last edited by a moderator: Jan 7, 2017
  4. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Hi Dan

    Finally finshed. To all: basically what I was go back an review testing of about 60 samples of just vbs,js, and wsf files. I tested them in both auto and on modes. Not a miss Dan, VS caught them all. The miss must have been another product. VS is golden so far.

    For some of the new comers to VS, what I have been doing is testing Live Malware against VS, and it's caught everything.

    Pete
     
  5. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Do possibly have a firewall that is blocking VS's communication with the internet? If not, what is your Region set to in Windows Control Panel? Thank you!
     
  6. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Very true ;). PM me the email address that you use for your VS account and I will convert it to a lifetime license, thank you!
     
  7. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Very cool, thank you Kees and Pete!
     
  8. Pete, my favorite MOD ~snipped as per TOS, please refrain from comments on other mods ~

    It probably was a lot of work, so I am a bit reluctant to ask, but when you find some time, please test VS also in auto-pilot mode against these samples

    Regards Kees
     
  9. askmark

    askmark Registered Member

    Joined:
    Jul 7, 2016
    Posts:
    392
    Location:
    united kingdom
    Dan

    What I find ironic is you have a company that on the one hand is promoting their security (which infers trust) credentials yet are according to an employee actually trying to deceive the public by making wild claims about the efficacy of their product.
     
  10. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hey Mark! Yeah, and then when AV labs test their products and find that they are not as effective as they claim… we all know what happens ;).

    I used to be a fan of the next gen Ai companies, but there has been a recent trend among them to refer to traditional antivirus technology as “legacy”, which I find to be extremely disrespectful… especially considering that the NG Ai companies obviously utilized this “legacy” technology to classify files in order to create their training sample sets that were used to train their models.

    Let’s all hope that they do not start dissing Alan Turning for the prediction he made 75 years or so ago… which was basically that it is mathematically impossible to consistently distinguish all good code from malicious code.

    But really the final straw for me was another recent trend where they all jumped on the bandwagon and started recommending removing traditional AV protection, and replacing it with only machine learning / Ai. This is insane.

    PM me the email address that you use for your VS account and I will convert it to a lifetime license, thank you!
     
  11. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hey Kees, I think he did... "I tested them in both auto and on modes."
     
  12. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Indeed, I sure did
     
  13. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    Dan, I had to correct, sorry...:)


    < see post #7297, page 292 - https://www.wilderssecurity.com/threads/voodooshield.313706/page-292#post-2499326

    < see post #7311, page 293 - https://www.wilderssecurity.com/threads/voodooshield.313706/page-293#post-2500621
     
  14. tonino

    tonino Registered Member

    Joined:
    Jan 2, 2017
    Posts:
    62
    Location:
    somewhere
    Yeah right! But maybe is just a way to promote a product (don't need it in my opinion) and to test it from "wilders" members!
     
  15. tonino

    tonino Registered Member

    Joined:
    Jan 2, 2017
    Posts:
    62
    Location:
    somewhere

    great!:thumb:
     
  16. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    Thanks for that testing, Pete!
    I am curious - will you be keeping or removing AppGuard on your machines?
    I know you had some personal frustrations with AG, but do you believe there is still a benefit in running them together?
     
  17. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    1,156
    Location:
    Canada
    " The company culture is very good."

    " The product is succeeding because of smoke and mirrors and some clever tricks."

    " Without all the little tricks to make it work well, it would struggle"

    " There is a fear we will be exposed."

    " Upper management doesn't seem trustworthy"

    " There is a lot of BS"

    Would you want to buy anything from these guys, seems like they are pushing a product that may or may not work for profit.

    Biggest irony is that under Pros he says " The company culture is good" Looking at the next few comments I would definitely say that the company culture is far from good.
     
  18. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590

    Keeping. Solved the frustration. If curious pm me.
     
  19. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Okay, going back thru the thread I saw a couple of posts comparing VS to Sandboxie. I don't see it at all so a couple of questions.

    1. I want to browse using the sandbox in VS how do I do it.
    2. I want to test a nastie in the VS Local Sandbox. VS didn't give the option. So how do I do that?

    PS. This is NOT meant as a criticism of VS, as I do think it an excellent product and a keeper for me.
     
  20. mesaboogieman

    mesaboogieman Registered Member

    Joined:
    Aug 2, 2004
    Posts:
    52
    Location:
    UK
    Hi all
    I am a novice VS user so please bear with me.. Could anyone advise if VS protects against malware which would infect the MBR or would I need to install something like MBRFilter to protect against this problem.

    Thanks
     
  21. andi_cro

    andi_cro Registered Member

    Joined:
    Dec 24, 2013
    Posts:
    49
    Location:
    Croatia
    Here we go again...but this time I was not run app.from protected user space like "desktop" !
    Image 1.jpg

    This time, notification apears after opening Chrome browser via "WinX DVD Author"
    Image 2.jpg
     
  22. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Yes, I'm also not sure about WAR, the developer refuses to give even basic info about it. I'm guessing that it's a very sensitive behavior blocker, that's why it's blocking a lot, including legitimate software. And it's striking that Invincea doesn't even mention sandboxing and behavior blocking anymore, it's all about AI/Machine Learning, but I'm guessing it's a marketing move. The thing is, all companies that claim to use AI, are very vague about the way it works. I mean, it sounds a lot like standard AV heuristics to me. I did find this interesting article:

    http://www.networkworld.com/article...nd-prevent-malware-and-apts-in-real-time.html
     
  23. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    I believe VS is basically an anti-executable, so its main purpose is to block exploits. But now it has added AI and a sandboxing option. AI is meant to let you know if it's safe to run some app, similar to an AV, but it doesn't use signatures. And perhaps the developer can give some more info about the sandbox, but I'm guessing it's a lot less advanced than Sandboxie. Personally I think it's best to combine anti-exe with sandboxing, that's why I use the EXE Radar + SBIE combo. VS is an interesting tool, but for now it's too complex for my taste.
     
  24. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Rasheed you shouldn't be advising people when you are basically guessing especially when you aren't even using the software.
     
  25. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    I think I have enough experience to make these calls, you don't actually have to be using software to be able to assess things. And I did read some stuff about the sandbox months ago.

    Just to be clear, VoodooAI managed to block all of your malware samples? And what type of malware are we talking about, ransomware and trojans for example?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.