Forum Replies Created
Hey guys, here is 5.64, have a great weekend, thank you!
VS 5.64 beta
SHA-256: 76efbfb0607892910c2e7da352a9789c1281933683e9818802696680ca40032d10Very cool, thank you guys for letting me know! I am just finishing up 5.64 that should include everything you guys have mentioned, along with a couple of bug fixes that I received through email.
I am working with Mr.Gump to make sure his issue is solved, and once it is I will post 5.64, which should be good to go for public release.
Now that 5.0 is pretty much finished, there are some business related things that I need to focus on, but I will still check in everyday.
In a few weeks or so we can start figuring out what other new features or optimizations we should consider. Obviously we do not want to bloat VS with unnecessary or useless features, but if there is something cool you guys think we should add then I am all ears ;).
Alex is going to refine the Web Management Console and WLC integration for SMB and enterprise, so that should be really cool.
Thank you guys, talk to you soon!30Oh, I see what you mean… as it relates to the password. Let me see what I can do, thank you!00Thank you VecchioScarpone and Ssherjj for letting me know, what version of VS are you running?00
Baldrick: Hi Dan
How are you doing…good to hear from you.
Yup, noticed the fluctuating scan times which seem to have stablised at around 25 secs for me; that is up from an all time best of 8-9 secs…would be good to get back to that but it is no biggie.
Everything else is, from my perspective, looking good.
So have a relaxing weekend.
Very cool, thank you Baldrick, I hope you are doing well too!00Very interesting on the first issue, thank you for letting me know. When you say “When left clicking is locked” are you referring to the option “Require admin approval before letting the user allow new…”? I just disabled this option and it worked as expected. Do you have any other VS options that are not in their default settings, or anything else special about the test conditions? Once we can reproduce this bug it will be a super easy fix… I already have an idea what might be causing it.
About the second issue, this is by design, but is implemented in a safe way. We have had several complaints from admins that VS blocks cmd, regedit, and others (I would have to look it up). Basically, if the user initiates one of these vulnerable items, then it is auto allowed. I completely agree with the admins… for example, it always drives me crazy when UAC blocks regedit… every single time ;).10Hey guys, I replied to the emails you guys sent. Also, we had some issues with the WLC servers being overloaded the last couple of days, so it might have acted a little funny the last couple of days, but we should be good to go now.
Other than that I think we are in great shape!
Thanks again, have a great weekend!00Hey guys, this version should fix the PrivaZer and the cleaning of duplicates error, so it should work perfectly for everyone, but if not please let me know, thank you guys!
VS 5.63 beta
SHA-256: 2261a89dbcd4d843c6b5e925b8b641a8ed8b0b3e82f6ae85b8f33f79439878ec30Hey guys, sorry for the delay, this version has a few bug fixes and should fix the bug that most of you are experiencing with having to allow an item more than once, but if not please let me know!
VS 5.62 beta
@djg05 and Mr.GumP, if you are still having this issues, please email me your DeveloperLog.log and DeveloperServiceLog.log.
Thank you guys, have a great weekend!20Yeah, I think I know what video you are referring to, and in all fairness, Leo did say “Now I like this approach a little bit better.” Having said that, Leo is quite young and changes his mind quite often as he gains experience.
In the end, the only thing that matters is the product. Some people say that VS is not well suited for computer novices, not realizing that VS has a 6 digit user base and is growing. Rapidly. Almost every single day I see users who admit that they are completely computer illiterate (like they do not even know how to copy and paste), but yet they have zero issues with VS.
Imagine this for a moment. When we first released VS, it was rough around the edges, was extremely feature limited and was in serious need of polishing. In spite of this, most or all of our small group of users understood my vision of a user-friendly toggling computer lock, and further understood that it had the potential to change the industry.
Now imagine if these same users would have initially experienced VS in its current form, all polished and ready for market. This is exactly what security people new to VS initially experience. They are “floored”, “blown away”, “amazed”, etc. when they first experience VS.
Once you understand this, you will understand why VS is growing so fast.
BTW, I encourage people to try all of the deny-by-default products and see which one they like best and fits their needs. It is much more important to me that they are adequately protected (so that the bad guys lose), then to worry about losing 1 or 2 VS users every couple of weeks, especially when we are adding 500x + that in new users. Some deny-by-default enthusiasts prefer to lock the computer fulltime, some people prefer a toggling computer lock with a tiny, customized whitelist. As I have said before, I actually use a competitor’s product on 2 of our machines because it fits the use case. I could just as easily use VS, but the other reason I did so is because they borrowed my anti-exploit mechanism, so I thought it would be funny to make it a fair trade ;).
It is probably wise to only run one deny-by-default product at a time, and combo it with Windows Defender or some other AV, unless you do the kind of configuring you guys have been talking about, then it is super cool.00Thank you guys, I took a quick look and will look a little closer later tonight. So far there is nothing obvious in the logs, but what we can do in the next version is have VS log the items that it removes along with the reason the item was removed. That should tell us exactly what we need to know. Thanks again!10
Yep, I agree! I mean really, this is not rocket science, it is common sense. We will never solve the malware crisis as long as new arbitrary executable code is allowed to automatically execute. Everyone knows this but they are just hoping for the silver bullet that is going to fix everything. The most recent silver bullet was the whole ML/Ai promise which I watched it on 60 minutes… it was going to solve the malware crisis. The funny thing is, after watching that episode of 60 minutes, I believed for about 10 minutes that they might have actually cracked the code and all of our problems would disappear overnight. Ten minutes later I came to my senses and realized our work is not over.
- February 10, 2020 at 4:27 am
- in reply to: The Green Checkmark of Deception. (Conventional VS New Age)
Please do not get me wrong, ML/Ai certainly has an important role to play in cybersecurity, assuming it is applied correctly and in reasonable doses. It is slightly more accurate and effective than traditional signatures, but it certainly is not going to change anything in a meaningful way.
We need to focus on dynamic levels of protection, combined with file reputation and ML/Ai, which is what the whole WLC / VS implementation is all about.10I completely agree that nothing is infallible and there are some amazing combos that people come up with. I do think it is important to be sure that they do not conflict with each other, which is usually pretty obvious and uncommon. But yeah, if 2 or more layers of protection work well together and the user is happy with the setup, then by all means that is better than the alternative of not being adequately protected.
Not to pick on any specific security forum or youtuber, but if someone had a genuine interest in helping to protect people from becoming infected, the absolute last thing they should ever do is to persuade them to significantly reduce their security posture. That is not unlike a doctor handing you a 12 pack, a carton of cigarettes and plane tickets to Vegas. Most users are indifferent enough to cybersecurity, and the last thing we need is for the community leaders to encourage them to let their guard down even further… especially when they happen to LOVE the software they are running.
But as they say, everyone has an agenda, and everyone has a price.30Cool, thank you Dave and Sherry! I hope everyone is doing well too ;). I just kinda needed a break, then the Chiefs won the super bowl and a bunch of other really cool stuff has been happening with VS on the business end, so I had good week or so break from the computer.
It sounds like in both of these cases that VS is cleaning up whitelisted items that it should not be removing. Can you guys please send me your logs and we will see what we can find? Off the top of my head, I am guessing that Steam denies access to the files, so then VS thinks the file has been deleted, so it removes it from the whitelist. I will look through that part of the code tonight and tomorrow and see how we might be able to tweak it. It is probably better for VS to not be overly aggressive when cleaning up old whitelisted items. Thank you guys, talk to you soon!10