• Unlock forum

    Guest, you need to be a "Verified" member to post a new thread or reply in this forum.

Status
Not open for further replies.
E

Eddie Morra

Hiya.

Many friends of mine are very big fans of default-deny solutions and I've noticed that VoodooShield is being mentioned a lot on the forums. I'm currently trying to learn more about the company which owns VoodooShield (VoodooSoft, LLC), as well as how well organised the VoodooShield project is in general, but I've not had much luck in finding the answers to many questions which I have.

I'm going to list all of the questions I am seeking an answer for at the moment and am hopeful that there'll be someone around here with the answers, combined with a reputable source to help validate the correctness of the answers.

General company questions.
  1. Which country is VoodooSoft, LLC situated under? (I am assuming United States currently).
  2. Who is the Chairman, Chief Executive Officer, Chief Operating Officer, Chief Financial Officer, and Secretary of VoodooSoft, LLC?
  3. Does VoodooSoft, LLC comply with GDPR, and if so, how is this compliance managed (e.g. Data Protection Officer)?
  4. Does VoodooSoft, LLC have any investors, and if so, who are they and how large are the investments?
  5. Does VoodooSoft, LLC have a past or active relationship with any government agencies?
  6. Does VoodooSoft, LLC have any legally-employed staff who are working full-time?
  7. If the answer to the third question is no, does VoodooSoft, LLC have any freelancers which are relied on as and when they are needed, and if so, where can I find more information about who these freelancers are, as well as their portfolio?
  8. Does VoodooSoft, LLC have an actual headquarters/office building?
  9. Does VoodooSoft, LLC have any history with investigation from law enforcement? If no, are there any current investigations from law enforcement?
  10. Does VoodooSoft, LLC have any acquisition/merge deals pending or actively in the works?
  11. Does VoodooSoft, LLC contribute to the open-source community in any shape or form?
  12. Does VoodooSoft, LLC make use of any content provided from the open-source community?
  13. Does VoodooSoft, LLC have any patents and if so, where can I find information on any of the patents?
  14. Does VoodooSoft, LLC rely on any third-party technology for any of their services, and if so, which third-party technology?
  15. What are the biggest challenges that VoodooSoft, LLC has faced in the past 6 months?
  16. What are the biggest opportunities which VoodooSoft, LLC has taken advantage of since it was founded?
  17. Who are VoodooSoft, LLC's main competitors and why do they deserve to be at the same playing field for competition as any mentioned alleged competitors?
  18. Where is VoodooSoft, LLC heading over the course of the next 5 years (in terms of direction)?

VoodooShield specific questions.
  1. Does VoodooShield license its technology to any third-party companies, and if so, which companies are licensing from VoodooSoft, LLC?
  2. Does VoodooShield get audited by any professional, well-known and reputable companies? If so, where can I find more information about how these audits are conducted, as well as review information from the audits such companies have performed on VoodooShield?
  3. Does VoodooShield perform automated stress-testing/fuzzing? If so, are such automated tests performed before each new release?
  4. Does VoodooShield make use of Microsoft's Driver Verifier for their kernel-mode software, and if so, are there any reported issues?
  5. Does VoodooShield follow Microsoft's Driver Security Checklist for their kernel-mode software? If not, can I please have an explanation as to why such was not followed?
  6. If applicable for VoodooShield, does VoodooShield use Microsoft's Security Development Lifecycle (SDL) to help it find mistakes earlier on and improve the quality of future work?
  7. Since VoodooShield does make use of the .NET Framework, how is the .NET Framework used exactly?
  8. Does VoodooShield follow Microsoft's secure coding guidelines for the .NET Framework?
  9. On average, how many active customers are there of VoodooShield on a monthly basis?
  10. How many total sales have been made for VoodooShield Pro since it was first introduced?
  11. How many bug reports have been made over the period of the last year (including Beta versions)?
  12. Out of all of the bug reports which have been made over the period of the last year, how many of them remained unsolved after a duration of one month, and are there any which have remained unsolved for over 3 months?
  13. Following on with question #12, how many unfixed bugs are currently known about, and can details please be shared on who reported the bugs, when the bugs were reported, and what has already been done for investigation/resolution?
  14. Does VoodooShield hire independent penetration testers to try and break VoodooShield to catch out new ways of attacking the service (both the local software as well as any available online services which are in-house and may be relied on by VoodooShield)? If so, which independent penetration testers have been hired (where can I learn more about who they are as well as their background and examples of work)?
  15. Has VoodooShield's source code ever been requested by a government agency?
  16. Has VoodooShield ever been caught out (with concrete evidence that can be shared) preventing an exploit attack which was crafted by a government agency during a real, non-staged and non-PoC attack on a real customers machine? If so, please also provide concrete evidence (which can be considered valid under the eyes of the law for both the United States and the European Union) that such was really from a government agency (as well as an explanation on which government agency was responsible) and that the attack was also actually performed by a government agency.

I am aware that the chances of my questions being answered with thorough detail and correct, clear and precise English skills is extremely slim, but the above are the questions I currently have and I will appreciate it if any of them can be answered with accuracy, combined with at-least one reputable source to help with accuracy validation.

Kind Regards.
 

upnorth

Moderator
Verified
Staff member
Malware Hunter
IMO some of those questions should not be impossible to get a pretty good answer on but would information that also surrounds the domain as that partially can help with a few others of the main questions be interesting?

This is extremely common here in Sweden as for example it exist information sites that Swedish companies can not avoid being a part off. We also have in this country governmental organisations that give a lot of similar information, free of charge. For US companies I lack knowledge.
 

oldschool

Level 57
Verified
IMO some of those questions should not be impossible to get a pretty good answer on but would information that also surrounds the domain as that partially can help with a few others of the main questions be interesting?

This is extremely common here in Sweden as for example it exist information sites that Swedish companies can not avoid being a part off. We also have in this country governmental organisations that give a lot of similar information, free of charge. For US companies I lack knowledge.

In the U.S. the rule is this: make or steal as much money as you can, using many tactics that would be banned in some other countries such as yours. Government regulation? HA, it's mostly a sham! The businesses and interests governed by any rules are spending billions lobbying government officials, buying legislation, their lobbyists even WRITE the legislation - you name it. Heads of corporations later become head of government departments doing the overseeing. And when they're out of government a corporation opens the door even wider. It' s only gotten worse and more out-in-the-open under the wannable dictator and serial liar Trump. You could not believe what is allowed here - IF YOU HAVE THE MONEY!
 
Last edited:

Nestor

Level 8
In the U.S. the rule is this: make or steal as much money as you can, using many tactics that would be banned in some other countries such as yours. Government regulation? HA, it's mostly a sham! The businesses and interests governed by any rules are spending billions lobbying government officials, buying legislation, their lobbyists even WRITE the legislation - you name it. Heads of corporations later become head of government departments doing the overseeing. And when they're out of government a corporation opens the door even wider. It' s only gotten worse and more out-in-the-open under the wannable dictator and serial liar Trump. You could not believe what is allowed here - IF YOU HAVE THE MONEY!
Pretty much, in every "civilized" country works the same.
 

jerzy601

Level 18
Verified
I am afraid that you will not get an answer for many of these questions.
because they are against the interest of the programmer of this software.
It's just like you would ask these questions to Kasperski, and you will not get an answer because they will be contrary to his interest.
so this is not the goal.
 

Jimbo791

Level 2
The answer to most of the questions you are asking are not needed by a normal user, indeed such information is often used by people intent on no good. So im sure you have no intention to use such information to harm the firm, it would be wise to send your questions to the firm its self.
 

Freki123

Level 8
Verified
@Eddie Morra After you get a answer from Microsoft which you need to install VS in the first place go ahead *duck*
Don't forget to include a question about backdoors for the country specific security agency (atleast for Microsoft)
I like the idea of knowing stuff about a company but i don't think any company would answer more than 20% of your questions.
And i would ditch Microsoft in a heartbeat if i could be gaming on Linux like on MS
 
E

Eddie Morra

Attention to any VoodooShield fan-boys!

If you cannot bring anything useful to the table, then do not bring anything to the table at all.

I thank those who have contributed so far with comments which are actually helpful and do not evolve around how the answers to my questions aren't "anyone's business".

I cannot recommend VoodooSoft, LLC services to friends of mine who are interested in default-deny solutions until I know a lot more about how they operate as a company and manage their solutions.
 
Last edited by a moderator:

Weebarra

Level 15
Verified
I honestly think the only way to get most of your questions answered would be to go directly to the dev or possibly submit a freedom of information request (i don't know what they would call it in the country that VS is situated) but i guess it would be called something similar and i assume you would need a pretty valid reason for requesting that.

Edited : Also @Eddie Morra depending on where the VS is based, i would imagine the government has a website like we do in the UK (companies house it's called) whereby you can visit and see if said company has a registered address and other information.
 
Last edited:

Andy Ful

Level 65
Verified
Trusted
Content Creator
If the vendor would want to sell the product to businesses and organizations, then some of those questions should be clarified. The actual (publicly available) information about the VS vendor would be insufficient to most organizations and businesses.
The questions are interesting, but they are also not standardized. We do not know in fact, how many of them would be answered by the vendors of Avast, BitDefender, Emsisoft, Eset, Kaspersky, Trend Micro, etc. The below is the available information about Avast (for example):
Avast - Wikipedia
But, VoodooShield is probably a small vendor (1-10 employes), so some questions about it will not apply.
For many MT members, it would be probably sufficient that VS is signed and has a good reputation. It was also tested on this forum a few times.
 
Last edited:
E

Eddie Morra

Did you look at the homepage?
It states for example on the bottom VoodooShield is patented by US Patent No. 9,197,656.
I've seen the US Patent No. 9,197,656 and there's a document about it here: US9197656B2 - Computer program, method, and system for preventing execution of viruses and malware - Google Patents

However, what about any other potential patents, or do they only have the one?

There may be other patents which are not mentioned on the website or that I may have missed on my searches, and I wanted to be sure about this by asking about patents in my collection of questions.
 
E

Eddie Morra

We can learn a lot about VoodooSoft, LLC just by sitting like ducks and waiting to see what happens.

I they cannot handle some forum questions then I will personally never trust them to handle stopping a malware attack, even if the testimonials and shared YouTube videos on the website are great.

For the record, I will contact directly with my inquiries if the questions remain unanswered for awhile, because it is possible that they will not see my questions asked here.
 
Last edited by a moderator:
Status
Not open for further replies.