On Thu, Feb 11, 2016 at 10:42 AM, Mike Copeland mike@ggisoft.com wrote:
The one 'problem' with this, or any other kind of prevention tool is that attack vectors change, so CryptoPrevent from last year might not work against the new approach used by this year's CryptoLocker. But, the installation method used by the original c-Locker trojan was pretty big and the c-Prevent author's explanation certainly justifies the cost to block that path, in my opinion.
I might be getting jaded (ha!) but software reviews seem to be more advertorial than editorial these days...so unless a software company is ready to buy some click-through ads...
True. All reviews ought to be considered with a grain of salt. I saw the professional "reviewers" move in and take over Amazon a decade ago, and it's clear that some of the "review" sites are not journalistic efforts as much as advertising sites.
There aren't a lot of "general" computing sites left, but I follow a few security sites (like isc.sans.edu) that tend to be pretty good at reporting the current problems and prevention, if any.
And now, of course, my Google-fu kicks on, and I find a couple good write-ups:
http://krebsonsecurity.com/tag/cryptoprevent/ https://askleo.com/why-havent-you-mentioned-cryptoprevent/