VoodooShield 2 Beta

[ifacedown]

VoodooShield 2 beta is out!

From one of the developers:

The blocking method that VS 2.0 uses is actually a method written by Microsoft and is
quite similar to the blocking method that UAC uses . This method blocks
the process before it is ever created, then VS or the user decides whether
to allow it or not.

Utility Tab:

Coming soon on the final release.

Some known bugs:

Logs empty
Says an app is blocked, but sometimes still run
Too much RAM usage when used with WebRoot

http://www.voodooshield.com/freeoffer/Install VoodooShield.2.00 beta.exe


::This is still a beta and is closely being watched for bugs to be fixed. Thanks.::

Your feedback will be much helpful.

 

[Littlebits]

Does it still disable UAC? Does it still run as only software level security below the OS kernel?
Will there still be a freeware version available after the beta testing is over?

Thanks.

 

[Ink]

Any screenshots of the new beta?

 

[ifacedown]

Does it still disable UAC? Does it still run as only software level security below the OS kernel?
Will there still be a freeware version available after the beta testing is over?

Thanks.

During installation the user is encouraged to turn off the UAC, though it says it is compatible with it. It says that VS is an alternative improvement over UAC. However, the VS user could still use UAC if he/she chooses.

About the software/kernel level, AFAIK, the developers of VS believe there's no such thing - I will confirm this if I'm right.

Yes, a freeware version will be available.

 

[ifacedown]

Any screenshots of the new beta?

Actually there's no change in the UI - only new functionalities are added, and performance improved.

 

[Littlebits]

During installation the user is encouraged to turn off the UAC, though it says it is compatible with it. It says that VS is an alternative improvement over UAC. However, the VS user could still use UAC if he/she chooses.

About the software/kernel level, AFAIK, the developers of VS believe there's no such thing - I will confirm this if I'm right.

Yes, a freeware version will be available.

On this diagram, Software Level is represented by "Applications".
A kernel connects the application software to the hardware of a computer.

Kernel level security products patched the Windows kernel and run at a higher level than other security software.
For example: UAC which is part of Windows components uses Kernel Patch Protection which makes it harder to hack, better defense against dll injections, unauthorized changes, deletion of components, etc. Kernel Patch Protection is not perfect but still make x64-bit Windows more secure and is constantly criticized by third-party security software developers claiming malware can bypass it. But still there have been no known malware that has been found in the wild to bypass Kernel Patch Protection just simple hack tools that have to be manually ran on the local system with Admin account just like these so-called UAC bypass hack tools. Software level (Applications) are much easier to crack, bypass, hack, inject malicious code, change, delete, etc. (even remotely without Admin rights). Think about how many users crack their security software to avoid paying for it.

On x64-bit Windows, Kernel Patch Protection doesn't allow any patching forcing all security products to run at software level only below UAC. On x32-bit Windows some security software are allowed to patch the kernel and run at the same level as Windows components like UAC. Who still uses x32-bit Windows?

On x64-bit Windows, no security product can provide the same level of protection as what UAC does. That is if the user pays attention and doesn't approve a malicious process. Kernel Patch Protection also provides much better security on Limited User Accounts running x64-bit Windows.

Enjoy!!

 

[Deleted member 178]

Any screenshots of the new beta?

 

[ifacedown]

Thanks much for posting these pics!

 

[ifacedown]

Does it still disable UAC? Does it still run as only software level security below the OS kernel?
Will there still be a freeware version available after the beta testing is over?

Thanks.

The exact words from the developer:

Disabling UAC is completely optional, even though we highly recommend disabling UAC since it does not block everything, whereas VS blocks EVERYTHING that is not on the tiny, customized whitelist that it automatically builds for the user.

The blocking method is not a "software" method at all. It is a method developed by Microsoft that blocks all processes from ever being created in the first place. It is quite similar to the method the they use for UAC... All 3 or so of the Create Process Notify methods are similar, and we can easily change to one of the other methods at anytime. We just chose this method because it is not used as much as the main method that most security companies uses, so in theory, it should work well with all other security software, while still being essentially bulletproof.

....I would like to offer a free version. We have been talking to some companies, and I am not sure what all is going to happen, so it is hard to say.

The goal is to make VS to everyone by having Microsoft baking VS into windows. It would be an amazing integration of UAC and VS, and would use the best features from each software, to kind of create a super easy to use UAC on steroids. As I have always said... If UAC was user friendly, and 89% of all users did not disable it because it is sooooo frustrating to use, then there would never have been a VoodooShield .

 

[ifacedown]

A bug on windows 8.1. VS is blocking an exe, and basically flashing 6 times, then allowing the process. This will be fixed soon.

 

[ifacedown]

A better way to explain this is that we believe that every device should
have a free desktop shield gadget / toggling computer lock, that only allows
items that are on its tiny, customized whitelist that is built automatically
by toggling from ON to OFF, depending on if the device is at risk or not.
For example, if you are playing a game of solitaire, your device is not at
risk. If you launch a web app (browser or email client for example), your
device is at risk.

We also believe that the affirmative user prompt is the most dangerous
security hole in modern security software. There is never a good reason to
FORCE a user to make a decision on whether to run something or not, when you
can use the deny-by-default method that VS uses. Some people suggest that
if a user accidently allows malware because of an affirmative user prompt,
that this is not a bypass. You can call it what you like, but the reality
is, the system is still infected. By utilizing a desktop shield gadget /
toggling computer lock, we can avoid this issue altogether.

Besides, who is going to want to contend with affirmative user prompts on
their smart phones and tablets (along with desktops and laptops), when they
can have a simple desktop shield gadget / toggling computer lock, that only
allows items on the tiny, customized whitelist, while at the same time
letting them know that their device is safe?