VoodooShield/Cyberlock

+3

That's great advice digmor crusher, thank you, I appreciate that and totally agree that the focus should be on development!

 

Hey Dan,
is there any chance that in the near future Vivaldi get added to the Browser list? It is growing relativly fast and i think it is worth to add it soon.

 

Hey NWOAbschaum, probably in 2-3 months I will ask everyone to see what new web apps we should add. It is best to add them in groups of 7, so we will add 1 or 2 groups of 7 in the next few months. Thank you!

 

I follow what goes with the many suggestions, but I don't put my 2 cents worth in. I leave it up to you, Dan.

 

Information:
https://www.mrg-effitas.com/testmyav-an-independent-next-gen-testing-vendor/

http://www.channelweb.co.uk/crn-uk/...sting-website-to-stamp-out-misleading-reports

 

Crusher is right, which is right out of the gate why I suggested that
there are other software that may suit his needs better.
Some of you have been here for a very long time and can see issues
from posters like that coming from a mile away. I have learned over the years
to kill them with kindness, and not wasting my time or resources on them.
While focusing on those that seriously and honestly are trying to make a
difference. The more years you spend on forums, the better your radar gets

 

This does look kind of interesting, looking into it more tomorrow morning

 

I may have added oil to the fire maybe.
If someone don't like all or part of a software she/he is free to go and see elsewhere, yes, definitely!
There are questions, interrogations, and there are the rest.
Yes, can't please everyone.

About browsers list.
Do you intend for the futur something different, open, to add applications? A sort of list.
Maybe something which can import rules inside VS Web Apps?
So far, I'll use 4 places in the Web Apps. Website-Watcher (2). Claws Mail (1), and PicoTorrent (1).
Adding custom web appl makes us lose the 'Automatically allow by parent process'.
With severals 'exotic app', "Always On" is more suitable?

 

Ok, now that is NOT a very good idea .

 

WOW, thank you very much for finding this... this is truly unbelievable. I am truly speechless.

After seeing what happened in the following link, I was going to ease up a little, but not now.

Please take a look at SSmith207's post... he works for Cyberforce Security, which is a Cylance distributor. This is where I found out about testmyav.com... no wonder he recommended the site. Security software vendors and developers should never determine what samples are used in tests, let alone control where test samples come from.

https://community.spiceworks.com/topic/833551-does-anyone-actually-use-cylance?page=17

The funniest post is by Parker (Trend Micro) where he posts "This will be fun to watch.", and showed George Costanza eating popcorn on the couch .

Although, the post by Andrey (Kaspersky) where he posts "You mean videos like this one are not credible" is really cool too .

BTW, I received a suspicious email last night, asking for the samples that were used in the test, so I sent them right away... I will send them to anyone who requests them.

The reason I am concerned about all of this is simple... the Bulletin of the Atomic Scientist recently set their clock to two and a half minutes to midnight, citing cyber security as one of their top concerns. While the next gen companies are going to great lengths to make as much money as possible, and could care less about anything else that is going on.

https://thebulletin.org/sites/default/files/Final 2017 Clock Statement.pdf

I am certainly not trying to be a fear monger, but this is one of the many reasons why we need to get serious about cyber security.

 

Very true, thank you!

 

Yeah, you might want to check my post above before you look into it... it might change your perspective (thanks to darktwillight) .

 

Seems we all have our idiosyncrasies and thoughts on what is important. Guess that's what makes life interesting. Just hang in there, Dan. Appreciate your efforts and work.

 

It's all good Deckard! Yeah, we will add more web apps soon, and I will post on here a few weeks before we do so that we can figure out which ones to add.

I am not sure what you mean by "Maybe something which can import rules inside VS Web Apps?"... can you please explain more?

Adding a custom web app shouldn't make you lose the 'Automatically allow by parent process'. All that option is saying is that if you have a web app that is not listed in Custom Web Apps, then you should add it to the Custom Web Apps. If for some reason you cannot add the app to the Custom Web Apps, then you should disable the 'Automatically allow by parent process' option... but this should never happen... all you need to do is add the app to the Custom Web Apps. I hope that makes sense, if not, please let me know!

Yeah, from what I have seen, most people do not have that many web apps, they typically run one or two web browsers and maybe an email client, and that really is about all that should be included on the Web Apps screen (but it does not hurt to keep the other default web apps checked). But I imagine some users run 5-10 web apps all of the time... and if that is the case, then Always ON or AutoPilot is probably the preferred mode. Thank you!

 

Thank you John, that is very true .

 

Hi Dan,

Is this a bug; by design or I am doing something wrong?.

In Basic Settings I check these options:

• “Display simple right click menu”
• “Enable balloon notifications and user prompts”
• “Disable left clicking of the shield to prevent users from allowing new items”

If I try to run malicious software I am presented with the usual options, and selecting >“Quarantine”< does what it says and removes the malware and quarantines it accordingly - so far so good.

However, if I check the box >“Deny Default – Uncheck to show prompt instead of balloon< and run the malicious file, a prompt appears saying that it is going to automatically quarantine the malicious file, the file appears in the VS quarantine list but isn’t removed.

 

A question: I have a funky router I've been fighting with, and even though the bang goes away over the network icon, I notice that VS still isn't always blocking things like it should. I use the cmd as a test. How vulnerable is VS to somewhat less-than-perfect internet connections? It is understood the hard way that there are degrees of connected-ness--apparently you may not be fully 100% connected despite Windows' assurance. When "connected" I still get periodic packet loss, but how can you monitor these little slips? I need VS to be fully there all the time..

Edit: VS isn't blocking CommandPrompt or PowerShell.

 

Not fear mongering at all...get your VPN's fired up and take a look at this....

http://www.bbc.co.uk/iplayer/episode/b08bcc18/storyville-zero-days-nuclear-cyber-sabotage

 

I suppose each web applications available are hard-coded, in the .exe (or dll) and each application are delimited by attributes, rights, process names, dependencies, paths monitored or not, etc. which I named "rules.”
If it's possible - don't know how work VS inside - to have these "rules" not in the code but as a variable ?
This will allow writing our own rules, to create them, to download them, or to remove those that we are sure we will never use (for me: Lotus Note, SeaMonkey, AOL, ...).
I remember in the DefenseWall forum, Ilya Rabinovich was so often solicited to add compatibility with new software; it was endless for him.

I missed that.I thought it was for any applications outside of those listed by default. Thank you Dan !

 

Gillor

I have mentioned this to clone that this only works if you are in the UK. however I think this might be the same only in YouTube version?

https://www.youtube.com/results?search_query=Zero+Day:+nuclear+sabotage

 

For me, working all sensational
thank you for this wonderful program
VoodooShield
Regards

 

Sage advice

 

OK, I fixed it, apparently I didn't "register" the router properly with internet provider. Now VS blocks everything consistently. Routers, gotta love em.

 

That's the one.

 

I will catch up soon, but I just realized something.

What is the average time to detect a threat / breach, isn’t it like 240 days or something?

Sure, you can have a global whitelist, but I would imagine that this is probably ineffective considering that most software is constantly updated.