Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
VoodooShield
VoodooShield CyberLock 7.0
Message
<blockquote data-quote="danb" data-source="post: 1069147" data-attributes="member: 62850"><p>Here is another way to explain "allow by parent process" feature. The "allow by parent process" does not actively block child processes... it only auto allows items when it is able to do so safely. If another CyberLock feature auto allows a child process, the "allow by parent process" will not block the item if the "allow by parent process" feature is disabled.</p><p></p><p>In other words, you said "Disabling the "allow by parent process" setting in CL does not trigger alerts for child processes.", which is correct... disabling this feature will not automatically block all child processes. If CyberLock blocked all child processes, there would be WAY too many blocks, and honestly the system probably would not boot.</p><p></p><p>CyberLock is deny-by-default. So we lock down the system, and then have the features and rules decide what to allow. And in a deny-by-default system, you can easily create rules and features that allow items, but it is difficult or impossible to create useful rules that block items. The main reason is that all items are blocked by default... and then the features and rules decide what to allow.</p><p></p><p>A feature to block child processes might work for allow-by-default products, but honestly, that would not make a lot of sense either because the system would not function properly and probably would not even boot.</p><p></p><p>What WhitelistCloud issue are you referring to?</p></blockquote><p></p>
[QUOTE="danb, post: 1069147, member: 62850"] Here is another way to explain "allow by parent process" feature. The "allow by parent process" does not actively block child processes... it only auto allows items when it is able to do so safely. If another CyberLock feature auto allows a child process, the "allow by parent process" will not block the item if the "allow by parent process" feature is disabled. In other words, you said "Disabling the "allow by parent process" setting in CL does not trigger alerts for child processes.", which is correct... disabling this feature will not automatically block all child processes. If CyberLock blocked all child processes, there would be WAY too many blocks, and honestly the system probably would not boot. CyberLock is deny-by-default. So we lock down the system, and then have the features and rules decide what to allow. And in a deny-by-default system, you can easily create rules and features that allow items, but it is difficult or impossible to create useful rules that block items. The main reason is that all items are blocked by default... and then the features and rules decide what to allow. A feature to block child processes might work for allow-by-default products, but honestly, that would not make a lot of sense either because the system would not function properly and probably would not even boot. What WhitelistCloud issue are you referring to? [/QUOTE]
Insert quotes…
Verification
Post reply
Top