- May 31, 2017
- 1,725
Thank you CS, I appreciate you taking the time to test DD! Your results make perfect sense and help tremendously! The cloud backup feature in DD is not ready yet, and I was putting it off for now because I was wanting to see what suggestions people had for cloud storage, because we either need to find a secure cloud storage solution, or figure out a way to truly protect the local backup from all attacks, which I think would be difficult to do if an elevated process is allowed to run. Who knows, maybe we can figure out a way to disconnect the local backup whenever a backup is not running.
The main goal of the DD project is to holistically monitor any and all drive activity to protect the user data files, instead of monitoring specific suspect processes and the modifications they might make to the user data files. In other words, it’s great when an anti-ransom mechanism can detect encryption from a specific process, but if it fails then all of the files are encrypted. I am not worried about 5-15 easily restorable files being encrypted, but I am worried about having half or all of the data being encrypted. In other words, early and reliable detection of user data modification is key, and that is the focus of DD.
Thanks again, this really helps to build a roadmap to work from!
The main goal of the DD project is to holistically monitor any and all drive activity to protect the user data files, instead of monitoring specific suspect processes and the modifications they might make to the user data files. In other words, it’s great when an anti-ransom mechanism can detect encryption from a specific process, but if it fails then all of the files are encrypted. I am not worried about 5-15 easily restorable files being encrypted, but I am worried about having half or all of the data being encrypted. In other words, early and reliable detection of user data modification is key, and that is the focus of DD.
Thanks again, this really helps to build a roadmap to work from!
