SiriusLLM is a portable second opinion scanner with no real-time protection.
SiriusGPT is the installable real-time protection version.
CyberLock 9.0
- Thread starter danb
- Start date
- Featured
SiriusGPT is the installable real-time protection version.
- Oct 25, 2014
- 2,694
- 7,413
- 3,588
- 40
RoboMan
Level 38
Verified
Honorary Member
Top Poster
Content Creator
Well-known
High Reputation
Forum Veteran
Hi Dan. Thanks for the hard work.
Question: if I update my stable version of CyberLock with this beta, will my product stay forever in the beta channel or will the next stable release automatically replace this beta? Or are all updates manual? Thanks a lot.
Question: if I update my stable version of CyberLock with this beta, will my product stay forever in the beta channel or will the next stable release automatically replace this beta? Or are all updates manual? Thanks a lot.
@danb
When you still have the test sample set you received from Avast when they were compared the VoodooAI with Avast inhouse AI system (few years ago). Would be fun to see differences in evaluation and detection between VoodooAI en Sirius (and yeah I know the samples they classified as safe would probably classified as suspicious at the minimum by now).
Regards Mr58 incognito
When you still have the test sample set you received from Avast when they were compared the VoodooAI with Avast inhouse AI system (few years ago). Would be fun to see differences in evaluation and detection between VoodooAI en Sirius (and yeah I know the samples they classified as safe would probably classified as suspicious at the minimum by now).
Regards Mr58 incognito
Very cool, thank you guys as well! It will automatically update the the public release version, so no worries there at all. It only should be a few days before this happens... I do not think we are going to find anything major that needs to be fixed, but I am certain there will be a few small things we need to fix over the next few days.
Now that would be interesting, thank you for the suggestion! Those samples are quite old, like at least 5-7 years old, but it would still be very interesting, and I am certain Sirius would do extremely well, even with old samples. I will see if I can find those and run a quick test.@danb
When you still have the test sample set you received from Avast when they were compared the VoodooAI with Avast inhouse AI system (few years ago). Would be fun to see differences in evaluation and detection between VoodooAI en Sirius (and yeah I know the samples they classified as safe would probably classified as suspicious at the minimum by now).
Regards Mr58 incognito
I just thought of another way we can test the new Sirius... it is a false positive test of sorts. I have seen on maybe 7-10 or so occasions that a member on MT was disappointed that Sirius did not return a Safe verdict for a well known app... usually unsigned, but not always. If anyone can think of a file from the last few months where they think Sirius should have returned a Safe verdict, please test the new Sirius with any of the new products listed in the original post, and then please post the results. I will be super curious if any of these files now have the "correct" verdict.
Having said that, if the app in question is an unsigned cybersecurity binary, there is a heck of a chance that Sirius will return a Not Safe verdict, simply because Sirius has said on multiple occasions "There is no excuse for a cybersecurity product to not be signed, this file is Not Safe". But I think I might have seen a Safe verdict or two from unsigned cybersecurity apps with the old Sirius, but I cannot remember what they are.
But anyway, please test these files and post the results, I am super curious how will the new Sirius is going to do, thank you guys!
Having said that, if the app in question is an unsigned cybersecurity binary, there is a heck of a chance that Sirius will return a Not Safe verdict, simply because Sirius has said on multiple occasions "There is no excuse for a cybersecurity product to not be signed, this file is Not Safe". But I think I might have seen a Safe verdict or two from unsigned cybersecurity apps with the old Sirius, but I cannot remember what they are.
But anyway, please test these files and post the results, I am super curious how will the new Sirius is going to do, thank you guys!
Sirius analyzed 3-4 applications on my system, and 4,160 tokens remain. I wonder what the value of the license is, particularly the lifetime option, considering that I only get an interface. The previous CyberLock was full software with local VAi and WhitelistCloud, but the new version depends on Sirius and tokens—50,000 tokens seem less!
1. Remove the VAi and WhitelistCloud info from the "How VoodooShield works" screens after installation.
2. Why remove the file upload setting rather than including a large file size limit?
3. Is the "mini prompt" the new default and only prompt now?
4. The Smart Firewall setting has an icon/link to the Windows Firewall. Similarly, is it possible to have a logs icon/link and provide logs for Smart Firewall?
1. Remove the VAi and WhitelistCloud info from the "How VoodooShield works" screens after installation.
2. Why remove the file upload setting rather than including a large file size limit?
3. Is the "mini prompt" the new default and only prompt now?
4. The Smart Firewall setting has an icon/link to the Windows Firewall. Similarly, is it possible to have a logs icon/link and provide logs for Smart Firewall?
All I got to say @danb that I hope your wife appreciates you as much as we all (your customers) do. *Mic drop*
The Sirius tokens work exactly as they did before and there was not an issue. In other words, the WLC and VoodooAi scans were independent of the WLC and VoodooAi scans as far as token usage goes. So the new 9.0 version is "full software" as well... you are just somehow incorrectly conflating the WLC and VoodooAi scans with Sirius token usage, when in reality it has not changed one bit.
The reason tokens are being spent seemingly faster than before is because we created a brand new database that had only around 20 rows of results from my 2 computers. But in the next couple of weeks, the database cache will populate, and then more and more Sirius verdicts will no longer use up the tokens because the verdict will be returned directly from the database cache, which uses 0 tokens.
So give it a few days to a couple of weeks and it will go back to EXACTLY the way it was before. And at that point 10-15 manual scans per day is more than enough for all users, except people who are testing Sirius.
Having said that, I will double check to ensure the Sirius snapshot scan is not using tokens... it should not be, but I will double check, and if it is, then I will fix it.
So in short, the Sirius tokens will be EXACTLY the same as they were before... the tokens have absolutely nothing to do with the WLC or VoodooAI scans.
1) Thank you for finding that! I removed the WLC intro screen but forgot to check the CyberLock intro screen.
2) There is no need for file upload settings anymore since there is no longer an upload / limit. It users want to disable ALL metadata upload to our servers, the only way to do that properly is to disable SiriusGPT completely, and there is a big button at the bottom of the SiriusGPT tab to enable or disable Sirius.
3) Yes, the old prompt would take tons of work to update it properly, which is why I created the new Sirius prompt from scratch. I also figured out very quickly while working on it that even if we did update the old prompt, it would ultimately end up looking almost exactly like the new Sirius prompt... like for example, it really needs to be a lot wider to make the Sirius Analysis Report easy to read. So instead of trying to make the old prompt work, I did it correctly and started over from scratch and did everything properly.
4) Sure, that would be a great thing to add, thank you for the recommendation! I haven't had to look at the Windows Firewall logs in quite some time, so I forgot what they looked like, but we can do something pretty cool for that I am sure. Thank you!
Hehehe, how funny... and thank you!
I just double checked and the Sirius scan is not deducting tokens, so it is working properly. Tokens are only deducted for manual launches and scans... basically if the Sirius Verdict is in the User Prompt, and they are only deducted if the specific file has not be analyzed before and is not in the database cache.
Also, I found the WLC and VoodooAi references on the third page of the How it Works intro, and I will update that soon. If anyone finds any other mentions of WLC or VoodooAi, please let me know and I will remove them all at once in 2-3 days. Thanks again!
Also, I found the WLC and VoodooAi references on the third page of the How it Works intro, and I will update that soon. If anyone finds any other mentions of WLC or VoodooAi, please let me know and I will remove them all at once in 2-3 days. Thanks again!
In simpler terms, the previous CyberLock with VAi and WhitelistCloud (providing verdicts) required no additional subscription with its lifetime license. In contrast, the new CyberLock with Sirius (providing verdicts) requires a subscription for tokens once the initial tokens are exhausted.
As mentioned in my previous post, Sirius analyzed 4-5 applications, and the tokens were exhausted. 50,000 tokens is simply not sufficient for users who try software, which is a common scenario. I understand the improvements and costs, but the allotted tokens should have a fair value, in which case 50,000 tokens seem less.
The file upload settings should be available for various reasons, such as internet speed, data plans, or users wanting to limit their file uploads or opting not to upload at all. In my country, the internet plan is expensive in many places; the ISP has a monopoly, and many people still use limited plans with a 1-1.5 GB daily limit.
I didn't mean Windows Firewall logs but a Smart Firewall section in the interface, which would show logs if Smart Firewall rules blocked connections.
How do the tokens work?
Let's say I have a lifetime license for five devices.
1. CyberLock on five devices.
2. Two devices have CyberLock, two have SiriusGPT, and one has DefenderUI Pro.
3. The device had CyberLock, but the tokens ran out, so I removed CyberLock and installed SiriusGPT instead.
Last edited:
You said "In simpler terms, the previous CyberLock with VAi and WhitelistCloud (providing verdicts) required no additional subscription with its lifetime license. In contrast, the new CyberLock with Sirius (providing verdicts) requires a subscription for tokens once the initial tokens are exhausted.". This is absolutely incorrect. The Sirius tokens work EXACTLY like they did before. Please read my statement above again. And the WLC and VoodooAI scans have nothing at all to do with the Sirius tokens. Maybe someone else can explain this better to you.
We no longer need the upload "Maximum file upload size" setting because the actual file is no longer uploaded. This is one reason why it is so much faster than before. But there is literally no place in the code to apply the "Maximum file upload size" setting.
Yeah, we will build out the Smart Firewall feature some more, I just have not figured out what to add. We do not want to add bloat, but it would be nice to expand on that feature a little.
The tokens are per computer. So if I am running CyberLock and use 20,000 tokens, the install DefenderUI Pro instead, then I will have 30,000 remaining tokens for that day.
If tokens are an issue, you can always buy more, they are super cheap. But no one had an issue at all with the tokens before the new Sirius, and only 2 people bought additional tokens, so there is zero chance you are going to need them... because the token handling has not changed at all, it is EXACTLY the same as it was before, and no one had issues.
We no longer need the upload "Maximum file upload size" setting because the actual file is no longer uploaded. This is one reason why it is so much faster than before. But there is literally no place in the code to apply the "Maximum file upload size" setting.
Yeah, we will build out the Smart Firewall feature some more, I just have not figured out what to add. We do not want to add bloat, but it would be nice to expand on that feature a little.
The tokens are per computer. So if I am running CyberLock and use 20,000 tokens, the install DefenderUI Pro instead, then I will have 30,000 remaining tokens for that day.
If tokens are an issue, you can always buy more, they are super cheap. But no one had an issue at all with the tokens before the new Sirius, and only 2 people bought additional tokens, so there is zero chance you are going to need them... because the token handling has not changed at all, it is EXACTLY the same as it was before, and no one had issues.
What I stated is absolutely correct! I meant with the new CyberLock or CyberLock with Sirius; I need to purchase tokens to see verdicts once the daily tokens are exhausted. I did not intend to imply that removing VAi or WhitelistCloud affected CyberLock tokens; I understand the tokens are unrelated to VAi or WhitelistCloud.
I understand you can purchase tokens at an affordable price, but I believe the daily tokens are less than enough for many users who try new software—the tokens should have a fair value, and 50,000 tokens seem less. This is my perspective!
No, you were implying that the token handling changed from the old Sirius to the new Sirius, and that is simply incorrect. It has not changed at all, and not a single person had an issue with it before, so they will not now. There were 2 people that wanted to test the heck out of Sirius, so they each wanted to buy 1,000,000 tokens for $1.00, so I just added the tokens to their account. Besides that, it has worked perfectly. If we ever do need to increase the tokens, or if we figure out an even better way to handle the compute costs, then we will make changes. But when something is working this well, there is not a lot of motivation to find an alternative.
BTW, if someone is testing that much software, especially on a daily basis, their computer would be running horribly in a month, even if they uninstall the software after testing. The best way to test that much software on a daily basis is in a disposable VM. Not to mention, if someone is testing that much software on a daily basis, then a zero-trust endpoint lock is probably not the most appropriate protection for that particular software testing computer.
If you want 1,000,000 tokens, please email me your Machine ID and I will be happy to add them to your account.
You misunderstood my posts. I referred to the old CyberLock as full software and the new version as Sirius-dependent. I put "providing verdicts" in brackets. What I meant is that with the old CyberLock, I'll see verdicts from WhitelistCloud, and that with the new version, I'll only see allow/block once tokens are exhausted. Overall, I meant that the new version is just a blocker; it offers no verdicts after the tokens run out, and I believe the daily tokens are less than enough for many users.
I appreciate it; I'll happily buy more tokens if needed. I believe 100,000 tokens is a sweet spot and amount for most users, including those trying new software. It's also suitable for occasions; some programs will use tokens for updates, and you will try some new software. You've asked about daily tokens in related threads and whether you should increase the amount; take 100,000 as my answer.
I am super tired of talking about this. If we need to increase the daily tokens in the future, we certainly will. Looking at the data, 90-95% of users use less than 8000 tokens a day, and most are 0. I am in the same boat, I never install new software, so I never use tokens.
BTW, before I forget... the new snapshot scan in version 9.01 is going to take longer than the current < 1 second snapshot scan. It is a very long story and I do not want to get into a long conversation about why this change is optimal, but in short...
1) I added a method that cleans the whitelist before the scan, and removes invalid entries
2) I also added the option to clean the temp folders before the scan, which actually comes before the whitelist cleaning because if the file does not exist, it is removed from the whitelist.
3) A scan time of less than a second is completely unrealistic and make users who do are not familiar with our products question if the scan is even working or not.
4) So I was actually looking for a valid reason to increase the scan time (I was not going to do it artificially either way), and running maintenance on the whitelist seemed like the obvious choice.
So now instead of taking a second or less (after the initial scan), it is taking around 7-10 seconds for me, which is about right. For larger whitelists it will obviously take longer, but since I reset my whitelist continually for dev purposes, my whitelist is smaller.
Any improvements to the whitelilst is good because we rely on it for our safety. So a 10 sec generation time is OK by me.
In comparison I remember my wdaclockdown whitelist generation (by scanning the entire C drive method) was ~40 mins.
In comparison I remember my wdaclockdown whitelist generation (by scanning the entire C drive method) was ~40 mins.
Last edited:
Hi Dan, I hope this isn't a dumb question but you talked about possibly adding a full system scan option in SiriusGPT / SiriusLLM / Cyberlock. Is this still an option or is it too cost ineffective.
You may also like...
-
Introducing SiriusGPT: The First Real-Time GPT / LLM AI based Antimalware Solution- Started by danb
- Replies: 241
-
Introducing VoodooSoft's RansomGuard EDR - Streamlined EDR for Consumers and SMB
- Started by danb
- Replies: 43
-
-
An Ai Conversation about Bitdefender, Comodo, Avast, and Cyberlock (Voodoo shield).- Started by annaegorov
- Replies: 30
-