Reply To: VoodooShield and SRP

    Yeah, there might actually be a good use for SRP in VS… kind of a weird hybrid between our KMD and SRP.  I do not think we need it, but you know me, I am always looking for ways to kill malware while improving VS.

    Ultimately, I do not care what any of the SRP fanboys say, SRP IS WHITELISTING, and it whitelists by hash and path.  These are actually in the SRP Policies registry settings.  And if SRP is blocking something that you want to allow, guess what you do???  You manually create a policy that whitelists the item by hash or path.

    The thing is though, it is not granular at all, SRP blocks everything except the system space and Program Files folders.  Which is exactly where VS starts.  But then VS takes the extra step of automatically creating fine grain rules and policies to make the computer lock usable.

    Anyway, I am still looking for a good reason to implement SRP, and when I find one, we will certainly do so, because there is a chance there is something there.

    Also, VoodooForums was down earlier, but it is up and running now.  I will catch up with the other posts asap… I am running late for something, thank you guys, have a great weekend!

    • This reply was modified 1 year, 1 month ago by Dan.