Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
VoodooShield
VoodooShield CyberLock 7.0
Message
<blockquote data-quote="danb" data-source="post: 996023" data-attributes="member: 62850"><p>Hey CS! We have several protections in place to mitigate bad sigs. First, VS does not auto allow by digital signature at all... unless the sig is already in the endpoint's tiny, customized whitelist. And of course we exclude certain sigs for this feature for obvious reasons.</p><p></p><p>The second layer is what I call VoodooVerified. We have a list of roughly 15,000 of the most common sigs we have collected the last 10+ years that have all been verified. So if a file is signed and verified by the issuer, but is not verified by our list, then the user will get a prompt like this...</p><p></p><p>[ATTACH=full]267918[/ATTACH]</p><p></p><p>So even if VoodooAi and WLC determine the file to be safe, and even if the file is signed and verified by the issuer, the user is still warned that "The digital signature cannot be verified by VoodooShield".</p><p></p><p>We have a couple of other minor protections in place, but I would have to look through the code to remember what they are. But by far VS's most important protection for digital signatures is simply not allowing by sigs alone <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite110" alt=";)" title="Wink ;)" loading="lazy" data-shortname=";)" />.</p><p></p><p>I have not thought of checking the counter-signature before, but that would be a really great idea to do as well, thank you for the suggestion! BTW, if you need a license let me know. Thank you!</p></blockquote><p></p>
[QUOTE="danb, post: 996023, member: 62850"] Hey CS! We have several protections in place to mitigate bad sigs. First, VS does not auto allow by digital signature at all... unless the sig is already in the endpoint's tiny, customized whitelist. And of course we exclude certain sigs for this feature for obvious reasons. The second layer is what I call VoodooVerified. We have a list of roughly 15,000 of the most common sigs we have collected the last 10+ years that have all been verified. So if a file is signed and verified by the issuer, but is not verified by our list, then the user will get a prompt like this... [ATTACH type="full"]267918[/ATTACH] So even if VoodooAi and WLC determine the file to be safe, and even if the file is signed and verified by the issuer, the user is still warned that "The digital signature cannot be verified by VoodooShield". We have a couple of other minor protections in place, but I would have to look through the code to remember what they are. But by far VS's most important protection for digital signatures is simply not allowing by sigs alone ;). I have not thought of checking the counter-signature before, but that would be a really great idea to do as well, thank you for the suggestion! BTW, if you need a license let me know. Thank you! [/QUOTE]
Insert quotes…
Verification
Post reply
Top
