App Review Quick Follina test ;).

[danb]

Content source

https://www.youtube.com/watch?v=LMxOPv-RWdU

 

[Trooper]

Thanks for sharing Dan!

 

[Digmor Crusher]

Seeing I don't have the patience to even sit through a 4 minute video, I just don't like watching anything on my computer, can someone summarize please?

 

[danb]

Seeing I don't have the patience to even sit through a 4 minute video, I just don't like watching anything on my computer, can someone summarize please?

I tested every (and I mean every) zero-trust / deny-by-default product against Follina, and they all failed, except VS.

 

[Infinityx]

Pretty Cool! Might have to look into Voodoo shield again.

 

[Back3]

Till Microsoft gives us a patch, I think it will be more secure to open my emails on my Iphone!

 

[L0ckJaw]

I tested every (and I mean every) zero-trust / deny-by-default product against Follina, and they all failed, except VS.

Isnt this a bit like " We from Mercedes advise you to drive Mercedes ? " You are from Voodoo shield, i understand you advise your own product.
Untill we / me / i see any proof of other products fail.... well ......

 

[Shadowra]

I'm not surprised about Voodooshield, this software is just awesome.
Not for nothing I love it (I also have a lifetime license ^^)

 

[Freki123]

I watched it twice and tbh I just found it lacks information. You got HC and OSarmor installed (no mentioning the settings used). At least please make it a three part comparison and mention with which settings you are testing (for each HC and OSA).
As far as I understand it even SWH should block Follina and HC got a lot more options than SWH
Q&A - Simple Windows Hardening Post 518
Since I use VS and HC on different pcs I consider myself biased for both

 

[Back3]

I think it's good marketing to show the strength of your product. And I don't have any doubts about the excellence of Voodooshield. But it's not good practice to show what you perceive as the weaknesses or failures of your fellow developers and competitors. You're biased, it helps hackers, and it doesn't enhance the ethical reputation of your company.

 

[Stelica]

Isnt this a bit like " We from Mercedes advise you to drive Mercedes ? " You are from Voodoo shield, i understand you advise your own product.
Untill we / me / i see any proof of other products fail.... well ......

I think it's an unfortunate comparison. There were a lot of problems with VoodooShield, DefenderUI Free and Pro and Dan solved them as soon as possible.

 

[Stelica]

I think it's good marketing to show the strength of your product. And I don't have any doubts about the excellence of Voodooshield. But it's not good practice to show what you perceive as the weaknesses or failures of your fellow developers and competitors. You're biased, it helps hackers, and it doesn't enhance the ethical reputation of your company.

I think it's good marketing to show the strength of your product. And I don't have any doubts about the excellence of Voodooshield. But it's not good practice to show what you perceive as the weaknesses or failures of your fellow developers and competitors. You're biased, it helps hackers, and it doesn't enhance the ethical reputation of your company.

Why if you show what is good compared to other competitors is unethical? Do we always want to have a globalist vision?
Sorry, there may be rhetorical questions!

 

[danb]

Isnt this a bit like " We from Mercedes advise you to drive Mercedes ? " You are from Voodoo shield, i understand you advise your own product.
Untill we / me / i see any proof of other products fail.... well ......

Please feel free to test for yourself. There are tons of POC's on GitHub, just search for Follina.

 

[danb]

I'm not surprised about Voodooshield, this software is just awesome.
Not for nothing I love it (I also have a lifetime license ^^)

Thank you, I appreciate that! When I first read about Follina, I was quite sure that VS would have no issues blocking this attack. But the really cool thing was that I also knew it would confirm my suspicions either way that the companies who adopted my anti-exploit method did not implement it properly.

 

[L0ckJaw]

Please feel free to test for yourself. There are tons of POC's on GitHub, just search for Follina.

No need, not interested to test anything anymore.

 

[danb]

I watched it twice and tbh I just found it lacks information. You got HC and OSarmor installed (no mentioning the settings used). At least please make it a three part comparison and mention with which settings you are testing (for each HC and OSA).
As far as I understand it even SWH should block Follina and HC got a lot more options than SWH
Q&A - Simple Windows Hardening Post 518
Since I use VS and HC on different pcs I consider myself biased for both

All cybersecurity products are always tested with Default settings. I showed the OSA profile, I wish I would have remembered to show the HC settings as well.

I wasn't joking when I said that I tested every zero-trust / deny-by-default product and that they all failed, except VS. SWH had the same result as HC.

 

[Kongo]

SWH had the same result as HC

@Andy Ful Statement?

 

[Freki123]

*Getting popcorn*
I forsee a lot of Andy / Dan posts again

 

[danb]

Isnt this a bit like " We from Mercedes advise you to drive Mercedes ? " You are from Voodoo shield, i understand you advise your own product.
Untill we / me / i see any proof of other products fail.... well ......

I think it's good marketing to show the strength of your product. And I don't have any doubts about the excellence of Voodooshield. But it's not good practice to show what you perceive as the weaknesses or failures of your fellow developers and competitors. You're biased, it helps hackers, and it doesn't enhance the ethical reputation of your company.

I only showed products in the video that publicly claimed to have stopped Follina on day zero. Once again, people were speculating without properly testing, and it is important to me that everyone knows the truth so they can be properly protected.

"Not good practice", you mean like this...

Video - OSArmor vs malware - RoboMan

This is a very basic test. I tested OSArmor as a standalone solution, which should never be the case. It's not meant to replace anything or be your first layer defense. OSArmor reaction to: 1. Scripts and general docs 2. Executable applications Tested without network monitoring tools...

malwaretips.com

Q&A - Which threats are not prevented by Voodooshield ?

There is a lot of praise on this form for Voodooshield. But surely it can't stop all threats ! If I only had Windows Defender and Voodooshield installed, what types of malware would my Windows PC still be vulnerable to ? I suppose this is another way of asking what else is needed alongside...

malwaretips.com

Video - OSArmor vs malware - RoboMan

Best damn sentence i have seen in this forum in the last couple weeks. Makes one wonder why those that are perceive as professionals here, push to pile loads of security software inducing extreme paranoia with many, which in the end, introduce more bugs and issues to the users systems, thus...

malwaretips.com

In all fairness, Andy did ask me to prove my claims...

Q&A - Which threats are not prevented by Voodooshield ?

removed per rules

malwaretips.com

NoVirusThanks OSArmor

Anyway .... for this app, I believe the developers are working on 3 settings that can be installed - somewhere here or over at Wilders this has been discussed. Right. I made that feature request, for 3 pre-set levels of protection. The dev said he will do it. I hope it will be implemented soon.

malwaretips.com

BTW, I spoke with Andy, about this last link and it was not an actual bypass. He knows this but never corrected his statement.

 

[danb]

*Getting popcorn*
I forsee a lot of Andy / Dan posts again

There really is nothing to talk about. People can test for themselves.

Build software better, together

GitHub is where people build software. More than 83 million people use GitHub to discover, fork, and contribute to over 200 million projects.

github.com