VoodooShield new project: SimpleBackup

Gandalf_The_Grey

Level 46
Verified
Trusted
Content Creator
Apr 24, 2016
3,515
I have been working on a new project called SimpleBackup that might turn into a new feature for VS.
SimpleBackup basically backs up your user files locally and / or to the cloud (using your google drive, azure, etc. account).
It also monitors for changes to the user files (such as encryption from ransomware), blocks the malware and automatically restores the changed files.

Should this be a stand alone product, integrated into VS or both? Thank you guys!
 

Divine_Barakah

Level 27
Verified
May 10, 2019
1,615
Should this be a stand alone product, integrated into VS or both? Thank you guys!
I believe neither! First, I believe most of the users who use VS are using it alongside another security solution, and Ransomeware recovery is most likely to be incorporated in these solutions. Second, VS should focus on preventing Ransomware from running in the first place rather remediating its damage. It should never be allowed to run. I’d love VS and other default-deny solution to be as light as possible and just do their job. I do not want any more features.

You surely can ask users if they need such a feature, and if you see reasonable demand, you can make it a standalone product. Thus, VS remains light and unbloated. Personally, I do not need this feature as my data are stored in the cloud and i can simply revert to previous version of the affected files.
 

plat1098

Level 23
Verified
Sep 13, 2018
1,295
Well, not using VS at the moment but it would be the same principle as for, say, OSArmor. Someone had the idea to combine EXE Radar Pro with it. Um, from a consumer standpoint, this is increasing the footprint and the surface area and introducing new avenues for problems.

The balloon is already inflated. Inflating it further can lead to an obvious outcome.
 

jetman

Level 8
Verified
Jun 6, 2017
374
I think the beauty of Voodooshield is its simplicity- it performs one funtion extremely well. I think this is its unique selling point.

However, innovation is always good and it would be interesting to see where this simple backup project goes. On the face of it, perhaps it would be better to start this out as a entirely separate product to test the concept first ?
 

Divine_Barakah

Level 27
Verified
May 10, 2019
1,615
I said earlier I am not interested in the aforementioned functionality, but let’s be honest here. VS has become well-know at least among MT members. Launching the functionality as a standalone product might not attract many customers. Moreover, the product has to be launched as a free so that many people can test it. But will people later on be interested in paying for the product? I do not think so. Thus, I tend to agree that this functionality can be offered during VS installation but should never be forced to install nor use it.
 

silversurfer

Level 71
Verified
Trusted
Content Creator
Malware Hunter
Aug 17, 2014
6,005
I believe the old version of VS without "Whitelist Cloud" was more simple and easy to use, probably all added new features makes most of software more complicated and might be causing higher system impact... For reasons like that my vote would go to "SimpleBackup" as stand alone product.

Users can just making really serious arguments as "downside". Developers may like to consider some points but finally always have to decide what is even more useful for the majority of users!
 

cruelsister

Level 38
Verified
Trusted
Content Creator
Apr 13, 2013
2,727
A free product currently available essentially has these capabilities. The product is Neushield Data Sentinel which I'm doing a quickie evaluation. So far it seems to work quite nicely in reversing changes done by ransomware to the files in the usual folders (Doc's, Pictures, Music, Desktop, etc).
 

danb

From VoodooShield
Verified
Developer
May 31, 2017
878
I would not like to see voodoshield get bloated with unnecessary features.
Perfecting the code should be Dan's top priority, not extra features.
I have been perfecting the code, for many, many months now ;). Has anyone seen any bugs?

I took a couple of days off but with C19 and it being cold outside I started to get a little bored. Ever since Mozy was discontinued, I always wanted to write my own backup app, so I started playing around with that. Then one thing led to another and I started working on the anti-ransom part.
 

danb

From VoodooShield
Verified
Developer
May 31, 2017
878
Well, not using VS at the moment but it would be the same principle as for, say, OSArmor. Someone had the idea to combine EXE Radar Pro with it. Um, from a consumer standpoint, this is increasing the footprint and the surface area and introducing new avenues for problems.

The balloon is already inflated. Inflating it further can lead to an obvious outcome.
An OSA / ERP combo would be extremely similar to VS, without dynamic security postures, VoodooAi, WLC, two sandboxes, custom folders, advanced command line handling & command line cloud, etc.
 

danb

From VoodooShield
Verified
Developer
May 31, 2017
878
A free product currently available essentially has these capabilities. The product is Neushield Data Sentinel which I'm doing a quickie evaluation. So far it seems to work quite nicely in reversing changes done by ransomware to the files in the usual folders (Doc's, Pictures, Music, Desktop, etc).
Great find CS! That is pretty much exactly what I had in mind... I just downloaded and played with it for a few minutes, and it did great on a quick and dirty test. I am going to install the free version and if I like the software I will buy a license... it is only $24.00 per year.

So I think I might finish the SimpleBackup project without the ransomware protection module since I am so close to finishing it (I have only spent around 30 hours total so far), but I am not going to release it to the public. If I think of something significant to add to Neushield, I will email the devs and let them know so they can add it if they like the idea. Otherwise, it looks like they pretty much have everything covered, so I will just use Neushield instead of stealing their tech.

I forgot to mention... of course blocking ransomware (or any kind of malware) pre-execution is most ideal. But I think something like Neushield is a great safety net. And besides, it kills two birds with one stone by backing up your data as well (assuming it works this way, I have not played much with it yet). I guess what I am saying is that this makes all of the controlled folder access type apps completely obsolete... this is the way to protect against ransomware (in addition to blocking the attack pre-execution). So simple, so effective.
 
Last edited:

danb

From VoodooShield
Verified
Developer
May 31, 2017
878
I believe the old version of VS without "Whitelist Cloud" was more simple and easy to use, probably all added new features makes most of software more complicated and might be causing higher system impact... For reasons like that my vote would go to "SimpleBackup" as stand alone product.

Users can just making really serious arguments as "downside". Developers may like to consider some points but finally always have to decide what is even more useful for the majority of users!
Hmmm, that is odd, it really should be about the same. What specifically is more complicated in your opinion? Please let me know and I will simplify it, thank you!
 

cruelsister

Level 38
Verified
Trusted
Content Creator
Apr 13, 2013
2,727
Regarding NeuShield, I hope you guys don't mind but as it may help folk who don't frequent Wilders I'll cross-post something I blathered about the other day:

"I took NeuShield Data Sentinel (free) for a quick dance and consider it quite nice for what it is. For those not familiar with this product, they state:

"does more than just detecting and blocking ransomware attacks. We’re the only anti-ransomware technology that can recover your damaged data from malicious software attacks without a backup. Data Sentinel uses Mirror Shielding™ to protect files ensuring that you can instantly recover your important data from any ransomware attack."

Upon installation (which was done on a system with the bare minimum of resources, mimicking the biggest piece of junk one can imagine) the main application as well as a Service were created, neither of which were memory/CPU intensive. No tweaking of any sort was needed (nor possible).

The protection is specific for the usual suspects (the Folders- Documents, Music, Pictures, Desktop, Contacts, Games, Videos). Upon running diverse ransomware, although encryption occurred (remember this is not an anti-ransomware application), all files were able to be restored by opening up the GUI and clicking Revert for each of the folders and all the encypted items were deleted. The exception to this was some files (esp. executables) that were trashed by the malware were put into the Trash bin upon reverting (not a big deal as they could be readily reclaimed).

NeuShield does also have intrinsic protection against ransomware that mess with the MBR and this works well and prevents such manipulation. Unlike the Home and Biz versions, the free version does not have the ability to restore Windows System files, and although they say that all versions have: "Boot Protection Prevents ransomware from making your system unable to boot" I can assure you that it did not work against a little cutie that I coded especially to test this.

Finally, it is important to note that NeuShield will NOT protect files in Folders outside of those that I listed above, so this can be problematic with Fortress Class malware (those that will trash files of any type anywhere).

But other than that a rather interesting application that will coexist nicely with other security apps if one feels that their current setup may be lacking."

ps- Could be wrong here but I can't really think of any common security app that it wouln't play nice with.
 
Top