VS dev is welcoming any testers to test it and publish the video , a free license may be offered 
Clyance (Home) vs Sophos (Home) vs Voodoshield
- Thread starter DJ Panda
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
- Aug 2, 2015
- 4,286
Nice share Umbra, let the Ill Informed critics put their proof where their mouth is, because all else is speculation and accusation.
I know enough about Dan over the past few years to know that cheating or throwing a test is not in his arsenal.
Suggesting such is ignorance. Nothing implied here just a well stated fact.
PeAcE
I know enough about Dan over the past few years to know that cheating or throwing a test is not in his arsenal.
Suggesting such is ignorance. Nothing implied here
just a well stated fact.PeAcE
VS dev is welcoming any testers to test it and publish the video , a free license may be offered
I don't need any free license because I don't use Windows
Nice share Umbra, let the Ill Informed critics put their proof where their mouth is, because all else is speculation and accusation.
I know enough about Dan over the past few years to know that cheating or throwing a test is not in his arsenal.
Suggesting such is ignorance. Nothing implied here
PeAcE
You sound very arrogant, I hope you looked at the video and how the testing tool works and not only talk empty words (especially since you are a trusted user).
You can test what I said using there tool www.voodooshield.com/artwork/EfficacyTest.exe
I already told in my last post how to test the VD AI (it looks like you didn't read, please do it now).
- Aug 2, 2015
- 4,286
It comes down to respect and trust Null, I am well aware how to use these tools, and if not I have friends here to assist.
My issue comes with a new face showing up here slinging accusations at someone with a well founded reputation for
honesty and the courage to enter the AV field. The critics come and they go, and I have seen my share pass through here.
I will take the word any day of a well founded respected Dev working in their field over a new face lacking in respect and rich with accusations,
if that makes me arrogant, well I'm one arrogant sob then.
PeAcE
My issue comes with a new face showing up here slinging accusations at someone with a well founded reputation for
honesty and the courage to enter the AV field. The critics come and they go, and I have seen my share pass through here.
I will take the word any day of a well founded respected Dev working in their field over a new face lacking in respect and rich with accusations,
if that makes me arrogant, well I'm one arrogant sob then.
PeAcE
Last edited:
VS has built-in emulation submission to Cuckoo Sandbox - but nobody ever mentions that.
Oh, I admit... reading the emulation reports require advanced knowledge - but it does provide a more accurate score than AI in those 50:50 cases.
* * * * *
Any how, what is so damn difficult about this ?:
It don't get any easier nor trouble-free than that...
Oh, I admit... reading the emulation reports require advanced knowledge - but it does provide a more accurate score than AI in those 50:50 cases.
* * * * *
Any how, what is so damn difficult about this ?:
- Clean install your OS
- Install desired software
- Lock Down your system
It don't get any easier nor trouble-free than that...
I hope someone from the forum staff or any trusted member will test what I said (since I'm untrusted).
The "EfficacyTest" is basically what I said in my post, so I don't understand why you still talk about trust and respect (i understand, it's because you have an agenda). The test is showing how Voodoo Shield blocks everything and other security products fail (the test is unethical because it doesn't wait for the security product to use BB/Cloud) and it shows how many files allowed the execution (if you look at the video you can see PUP and other riskware that didn't execute till the end).
About the AI with VirusTotal it's not that accurate I will show you here why.
Here are 4 files, tell me how many are clean files and how many are malware.
The "EfficacyTest" is basically what I said in my post, so I don't understand why you still talk about trust and respect (i understand, it's because you have an agenda). The test is showing how Voodoo Shield blocks everything and other security products fail (the test is unethical because it doesn't wait for the security product to use BB/Cloud) and it shows how many files allowed the execution (if you look at the video you can see PUP and other riskware that didn't execute till the end).
About the AI with VirusTotal it's not that accurate I will show you here why.
Here are 4 files, tell me how many are clean files and how many are malware.
Last edited by a moderator:
Accurate?
VS/VAi is not accurate & never will & so does any technology/security software.
Currently, there are 3 verdict with VAi, Safe, Suspicious & Unsafe.
Safe & Unsafe verdict works good with low FPs. VAi verdict & Balcklist Scan results on Popup helps users to take action.
Suspicious verdict is little sensitive. It is like, informs you "Suspicious" And you can look at Blacklist Scan results & take action.
Currently, in Pro version, there is an option to allow files not detected as malicious by Blacklist Scan & not detected as Unsafe by VAi.
Currently, in Pro version, you can select VAi sensitivity level, test & select the sensitivity level you find good.
Default Sensitivity Level is good And Experts can select their own sensitivity level.
Dev is improving/optimizing VS/VAi.
Features/options will be there.
NullByte
VS Dev's reply to your posts -
Hehehe, how funny... I am not going to get into a pissing match with someone who is not familiar with how OTHER security companies are testing efficacy, but to be brief...
Out test was a reproduction of this video that was posted quite some time ago:
Do you notice all of the PUP's in the Cylance video? When you are testing random samples, there are always going to be PUPs, which is a good thing because AV test labs include all kinds of malware when testing. You could cherry pick the samples (instead of randomizing the samples), but then you would skew the results.
Also, the whole purpose of EfficacyTest.exe (besides its ability to create a truly random sample set), is so the tester has some control of what is executed and when... instead of using a batch file / command like Cylance and Sophos did, which simply executes everything at once. Also, EfficacyTest.exe starts the execution, then waits for the process to either be created or blocked, THEN starts the next execution... you can even put a pause in between if you would like, but there really is no reason to because at that point, the AV and EfficacyTest are essentially just waiting. So let me ask you, what is more ethical... running a batch file / command like everyone else does, or taking the time to write an app that ensures that there is a pause between executions?
Having said that... generally speaking, I did not design the test... I am just reproducing a standard test that many companies in the industry are using. I think it is a good test, and I think there are other tests that need to be performed as well.
VS has a false positive detection feature, and VoodooAi is extremely accurate, so I have no idea what his point is there. VoodooAi is absolutely an Ai... he apparently does not know how machine learning or Ai works, and is also not familiar with IBM Watson or the Azure Machine Learning platform.
Is he seriously suggesting that there are no files that are somewhere right in between an absolute safe file (eg., a windows file) and an absolute unsafe file (eg., super bad malware)? Obviously there is A LOT of greyware... and I guess his solution is to have the security software automatically classify whether the file should be blocked or allowed, and not provide the user with any information.
I believe we need to get away from automatically classifying an item as simply Safe or Unsafe... malware classification is not black and white (even though a lot of people pretend it is), and that is why we are fighting gravity. Sure, if an item has a VoodooAi value of 0.1000 or less... cool, call it safe and auto allow the item. If the score is 0.9000 or above, the item should be blocked, no questions asked. These are just random numbers that I am using in this example (it is probably more like .3333 and .8500), but it is difficult to determine the exact thresholds.
But my point is, on the Safe end of the spectrum, you have all of the native Microsoft Windows / Microsoft Office files. On the Unsafe end of the spectrum, you have super bad ransomware... and EVERYTHING else falls somewhere in between. Really the range between .6000 and .8000 (or so) is the most problematic range, because these files are typically not bad enough to be truly bad malware, but they are probably something that should not be installed on the machine, unless there is a reason that they have to be. So the answer is not to auto allow the file, or even to auto block the file... because really, there is no correct verdict for this problematic range. So to me, the answer is to let the user know that this file might be dangerous for their system, and let them decide if it is worth the risk or not.
You do realize that VS was released well before SecureAPlus, right? Put both of them on AutoPilot (assuming SAP has a similar mode), and test them side by side... I suspect you will find that Ai and helps a lot more than you think it does. The reality is VS has focused on application whitelisting (the lock) and mechanisms that help with user recommendations, and SecureAPlus has focused on its Universal AV, which apparently does not require an active internet connection . Both are cool technologies, but I suppose it is up to each individual which one they prefer. Keep in mind, VoodooAi, AutoPilot and VS's user recommendations are in their infancy... and I have great things planned for them.
I really do not have time for this... simply find something in the wild that bypasses VS, and make a video of it (or any kind of test video for that matter)... that will be a lot more meaningful to people than a dramatic pissing contest.
And for this post...
Video Review - Clyance (Home) vs Sophos (Home) vs Voodoshield
The answer is NONE of the files are clean enough to auto allow... they require further inspection by the end user, before they should be allowed, otherwise they should be denied by default.
You are expecting security products to be able to determine the INTENT of executable code, and render the correct verdict automatically every time. Sorry, but that is currently not a possibility, and will not be for a very, very long time, if ever.
Video Review - Clyance (Home) vs Sophos (Home) vs Voodoshield
Instead of throwing your hands in the air and saying "I'm just saying that most AVs are useless."... give the users some recommendations on how they can protect their computer, instead of simply complaining without offering solutions or alternatives.
Is VoodooShield / VoodooAi absolutely perfect in its current state? No, it is not... but considering that over the last 5 years, it is perfect enough that users who install VS simply do not have to worry about being infected with malware anymore... obviously we are doing something right. As with all security software, VoodooShield is a work in progress, with amazing things to come.
VS Dev's reply to your posts -
Hehehe, how funny... I am not going to get into a pissing match with someone who is not familiar with how OTHER security companies are testing efficacy, but to be brief...
Out test was a reproduction of this video that was posted quite some time ago:
Do you notice all of the PUP's in the Cylance video? When you are testing random samples, there are always going to be PUPs, which is a good thing because AV test labs include all kinds of malware when testing. You could cherry pick the samples (instead of randomizing the samples), but then you would skew the results.
Also, the whole purpose of EfficacyTest.exe (besides its ability to create a truly random sample set), is so the tester has some control of what is executed and when... instead of using a batch file / command like Cylance and Sophos did, which simply executes everything at once. Also, EfficacyTest.exe starts the execution, then waits for the process to either be created or blocked, THEN starts the next execution... you can even put a pause in between if you would like, but there really is no reason to because at that point, the AV and EfficacyTest are essentially just waiting. So let me ask you, what is more ethical... running a batch file / command like everyone else does, or taking the time to write an app that ensures that there is a pause between executions?
Having said that... generally speaking, I did not design the test... I am just reproducing a standard test that many companies in the industry are using. I think it is a good test, and I think there are other tests that need to be performed as well.
VS has a false positive detection feature, and VoodooAi is extremely accurate, so I have no idea what his point is there. VoodooAi is absolutely an Ai... he apparently does not know how machine learning or Ai works, and is also not familiar with IBM Watson or the Azure Machine Learning platform.
Is he seriously suggesting that there are no files that are somewhere right in between an absolute safe file (eg., a windows file) and an absolute unsafe file (eg., super bad malware)? Obviously there is A LOT of greyware... and I guess his solution is to have the security software automatically classify whether the file should be blocked or allowed, and not provide the user with any information.
I believe we need to get away from automatically classifying an item as simply Safe or Unsafe... malware classification is not black and white (even though a lot of people pretend it is), and that is why we are fighting gravity. Sure, if an item has a VoodooAi value of 0.1000 or less... cool, call it safe and auto allow the item. If the score is 0.9000 or above, the item should be blocked, no questions asked. These are just random numbers that I am using in this example (it is probably more like .3333 and .8500), but it is difficult to determine the exact thresholds.
But my point is, on the Safe end of the spectrum, you have all of the native Microsoft Windows / Microsoft Office files. On the Unsafe end of the spectrum, you have super bad ransomware... and EVERYTHING else falls somewhere in between. Really the range between .6000 and .8000 (or so) is the most problematic range, because these files are typically not bad enough to be truly bad malware, but they are probably something that should not be installed on the machine, unless there is a reason that they have to be. So the answer is not to auto allow the file, or even to auto block the file... because really, there is no correct verdict for this problematic range. So to me, the answer is to let the user know that this file might be dangerous for their system, and let them decide if it is worth the risk or not.
You do realize that VS was released well before SecureAPlus, right? Put both of them on AutoPilot (assuming SAP has a similar mode), and test them side by side... I suspect you will find that Ai and helps a lot more than you think it does
. The reality is VS has focused on application whitelisting (the lock) and mechanisms that help with user recommendations, and SecureAPlus has focused on its Universal AV, which apparently does not require an active internet connection . Both are cool technologies, but I suppose it is up to each individual which one they prefer. Keep in mind, VoodooAi, AutoPilot and VS's user recommendations are in their infancy... and I have great things planned for them.I really do not have time for this... simply find something in the wild that bypasses VS, and make a video of it (or any kind of test video for that matter)... that will be a lot more meaningful to people than a dramatic pissing contest.
And for this post...
Video Review - Clyance (Home) vs Sophos (Home) vs Voodoshield
The answer is NONE of the files are clean enough to auto allow... they require further inspection by the end user, before they should be allowed, otherwise they should be denied by default.
You are expecting security products to be able to determine the INTENT of executable code, and render the correct verdict automatically every time. Sorry, but that is currently not a possibility, and will not be for a very, very long time, if ever.
Video Review - Clyance (Home) vs Sophos (Home) vs Voodoshield
Instead of throwing your hands in the air and saying "I'm just saying that most AVs are useless."... give the users some recommendations on how they can protect their computer, instead of simply complaining without offering solutions or alternatives.
Is VoodooShield / VoodooAi absolutely perfect in its current state? No, it is not... but considering that over the last 5 years, it is perfect enough that users who install VS simply do not have to worry about being infected with malware anymore... obviously we are doing something right. As with all security software, VoodooShield is a work in progress, with amazing things to come.
Yes
EDIT: I will talk with the developer (if he will PM me) and tell him a few stuff about what I posted. I don't wanna write here and make internet drama or something similar.
EDIT: I will talk with the developer (if he will PM me) and tell him a few stuff about what I posted. I don't wanna write here and make internet drama or something similar.
Last edited by a moderator:
- Aug 2, 2015
- 4,286
- Aug 2, 2015
- 4,286
Hehehe, how funny... I am not going to get into a pissing match with someone who is not familiar with how OTHER security companies are testing efficacy, but to be brief...
Out test was a reproduction of this video that was posted quite some time ago:
Do you notice all of the PUP's in the Cylance video? When you are testing random samples, there are always going to be PUPs, which is a good thing because AV test labs include all kinds of malware when testing. You could cherry pick the samples (instead of randomizing the samples), but then you would skew the results.
Also, the whole purpose of EfficacyTest.exe (besides its ability to create a truly random sample set), is so the tester has some control of what is executed and when... instead of using a batch file / command like Cylance and Sophos did, which simply executes everything at once. Also, EfficacyTest.exe starts the execution, then waits for the process to either be created or blocked, THEN starts the next execution... you can even put a pause in between if you would like, but there really is no reason to because at that point, the AV and EfficacyTest are essentially just waiting. So let me ask you, what is more ethical... running a batch file / command like everyone else does, or taking the time to write an app that ensures that there is a pause between executions?
Having said that... generally speaking, I did not design the test... I am just reproducing a standard test that many companies in the industry are using. I think it is a good test, and I think there are other tests that need to be performed as well.
VS has a false positive detection feature, and VoodooAi is extremely accurate, so I have no idea what his point is there. VoodooAi is absolutely an Ai... he apparently does not know how machine learning or Ai works, and is also not familiar with IBM Watson or the Azure Machine Learning platform.
Is he seriously suggesting that there are no files that are somewhere right in between an absolute safe file (eg., a windows file) and an absolute unsafe file (eg., super bad malware)? Obviously there is A LOT of greyware... and I guess his solution is to have the security software automatically classify whether the file should be blocked or allowed, and not provide the user with any information.
I believe we need to get away from automatically classifying an item as simply Safe or Unsafe... malware classification is not black and white (even though a lot of people pretend it is), and that is why we are fighting gravity. Sure, if an item has a VoodooAi value of 0.1000 or less... cool, call it safe and auto allow the item. If the score is 0.9000 or above, the item should be blocked, no questions asked. These are just random numbers that I am using in this example (it is probably more like .3333 and .8500), but it is difficult to determine the exact thresholds.
But my point is, on the Safe end of the spectrum, you have all of the native Microsoft Windows / Microsoft Office files. On the Unsafe end of the spectrum, you have super bad ransomware... and EVERYTHING else falls somewhere in between. Really the range between .6000 and .8000 (or so) is the most problematic range, because these files are typically not bad enough to be truly bad malware, but they are probably something that should not be installed on the machine, unless there is a reason that they have to be. So the answer is not to auto allow the file, or even to auto block the file... because really, there is no correct verdict for this problematic range. So to me, the answer is to let the user know that this file might be dangerous for their system, and let them decide if it is worth the risk or not.
You do realize that VS was released well before SecureAPlus, right? Put both of them on AutoPilot (assuming SAP has a similar mode), and test them side by side... I suspect you will find that Ai and helps a lot more than you think it does
I really do not have time for this... simply find something in the wild that bypasses VS, and make a video of it (or any kind of test video for that matter)... that will be a lot more meaningful to people than a dramatic pissing contest.
And for this post...
Video Review - Clyance (Home) vs Sophos (Home) vs Voodoshield
The answer is NONE of the files are clean enough to auto allow... they require further inspection by the end user, before they should be allowed, otherwise they should be denied by default.
You are expecting security products to be able to determine the INTENT of executable code, and render the correct verdict automatically every time. Sorry, but that is currently not a possibility, and will not be for a very, very long time, if ever.
Video Review - Clyance (Home) vs Sophos (Home) vs Voodoshield
Instead of throwing your hands in the air and saying "I'm just saying that most AVs are useless."... give the users some recommendations on how they can protect their computer, instead of simply complaining without offering solutions or alternatives.
Is VoodooShield / VoodooAi absolutely perfect in its current state? No, it is not... but considering that over the last 5 years, it is perfect enough that users who install VS simply do not have to worry about being infected with malware anymore... obviously we are doing something right. As with all security software, VoodooShield is a work in progress, with amazing things to come.
Thank you yesnoo,
there were a few inconsistancies I could have called him out on (Null) but I got wrapped up in the disrespect pointed at Dan who if ya are familiar with him did not warrant that. I am glad Dan set him straight.
He clearly needs to get his facts straight, and has a grudge either against VoodooShield or Dan himself that much is obvious reguardless of what he says the proof is in the reading.
I wont reply to him any further as I have blocked and ignored him out of respect for the Mods and my friends here.
PeAcE
- Nov 19, 2014
- 2,350
Relax guys, we can agree to disagree and all is cool. Luckily we can install what we wish on our computers and assuming none flames the other we have the freedom of speech to express our opinion.
You all have a nice day and enjoy the programs of your liking.
You all have a nice day and enjoy the programs of your liking.
- Aug 30, 2015
- 1,928
@Umbra I know you said Voodosheid became a UAC replacement, but should UAC still be disabled? Isn't it a security risk reguardless wether or not you have very good or very poor security software..?
- Jul 5, 2016
- 416
hello everyone.
I chose cylance and voodoo like you do shield. from my experience both malware managed and dan give great support. I also understand nullbytes frustration with wilders. been there done that. any of you that have known me is I have been the supporter of the underdog. in this case nullbvytes is no different than cruelsister. why would not you get paid for a poc? In all the years I did testing I was just happy to get a free lic afterwards. times have changed. I would give nullbytes a break if I was you.
I chose cylance and voodoo like you do shield. from my experience both malware managed and dan give great support. I also understand nullbytes frustration with wilders. been there done that. any of you that have known me is I have been the supporter of the underdog. in this case nullbvytes is no different than cruelsister. why would not you get paid for a poc? In all the years I did testing I was just happy to get a free lic afterwards. times have changed. I would give nullbytes a break if I was you.
- Aug 2, 2015
- 4,286
@J Gamez065
At it's release it was recommended to disable UAC, that is not the case anymore with VoodooShield.
So I guess it would be up to user preference at this stage in the VS game.
I personally set it (UAC) to the lowest setting while using VS Pro.
there have been some very revealing tests as of late concerning the effectiveness
of the UAC feature one or two of them were posted here, I trust VS Pro to supplement
and enhance my UAC.
PeAcE
At it's release it was recommended to disable UAC, that is not the case anymore with VoodooShield.
So I guess it would be up to user preference at this stage in the VS game.
I personally set it (UAC) to the lowest setting while using VS Pro.
there have been some very revealing tests as of late concerning the effectiveness
of the UAC feature one or two of them were posted here, I trust VS Pro to supplement
and enhance my UAC.
PeAcE
- Jul 5, 2016
- 416
on a side note if you email dan he will give you a free 2 year lic just did it. I really don't know much about Sophos but I do know dan had only good things to say about cylance. there really is no home version but instead malware managed found a way to make the corporate version work for the home user.
- Aug 30, 2015
- 1,928
Similar threads
-
- Locked
- thread_type.competition
